As most organizations today move toward hybrid, multicloud environments, it has become more difficult to ensure that data and infrastructure remain secure. The multicloud environment, while typically more cost-effective and reliable, means that some workloads and resources are on-premises, while others reside in various clouds. That makes it more complex and confusing to gain the visibility and control necessary to prevent security threats from becoming security incidents.
Trustwave’s answer to this problem is Fusion, a cloud-native cybersecurity platform that connects all of an organization’s “digital footprints” to a security cloud that combines the Trustwave data lake, analytics, threat intelligence and security expertise from Trustwave SpiderLabs. The combination of technologies and features is designed to give organizations more visibility and control over how security resources are provisioned, monitored and managed across all environments, according to the company.
One of the ways Trustwave achieves these multicloud security goals is by building Fusion with Security Orchestration, Automation and Response (SOAR) layers. This incorporates analytics, machine learning and automation, which the company says can improve incident accuracy, response time and actions.
“Today, it’s not only important to detect threats, but respond quickly, especially as more and more data is entering the environment,” said Martha Gomez Vazquez, a senior research analyst at IDC. “SOAR speeds up your mean time respond, which is really key today.”
Through its dashboard, the Fusion platform tracks vulnerabilities, threats, technology management and perceived risks across the environment. It also enables IT staff to respond to alerts and manage security-related services including penetration testing, vulnerability testing and scanning, and threat detection and response. The dashboard also links directly to Trustwave SpiderLabs, which continuously updates threat information gathered by its security specialists, and includes threat intelligence collected by the network of Trustwave Security Operation Centers.
Fusion also can connect operating environments through APIs and Information Technology Infrastructure Library (ITIL)-based service management. Vazquez said she considers this a key differentiator, as some of Trustwave’s competitors still have not fully integrated their capabilities into one platform.
Finally, Fusion can integrate and support threat intelligence, data lakes and other technology actions from third-party sources through APIs. The company said Fusion also supports security-related technology from other vendors such as next-generation firewalls, web application firewalls, secure email gateways, and endpoint detection and response.
These capabilities make it a good choice for organizations looking to bolster their multicloud security without having to “rip and replace,” Vazquez said. “Basically, customers can use their existing assets and plug it into the platform, which makes it very agile for the customer to use and cost-effective.”