Sift Security
Sift Security

Next Generation Security
for Cloud Infrastructure

  • Enhanced Visibility Enhanced Visibility
  • Advanced Analytics Advanced Analytics
  • Cloud Forensics Cloud Forensics
  • APIs and Automation APIs and Automation
  • Continuous Compliance Continuous Compliance
14-Day Free Trial
IONIC
"Sift Security reduces the time to investigate from days to minutes "
trip.com
"CloudHunter makes it easy to identify, investigate and address risks in cloud infrastructure"
Rombus System
"CloudHunter helps us to stay in compliance with security best practices in our cloud infrastructure"

Problem:

Visibility, Compliance, and Security Gap for Public Cloud

As organizations move to some form of cloud infrastructure, they need the same visibility, compliance, detection & response capabilities as they have for their traditional infrastructure. Furthermore, cloud infrastructure can be more complex and challenging for organizations due to its dynamic nature, automation, and new terminology which makes detection and investigation more difficult.


Compliance
Compliance
  • Lack of visibility creates compliance risks
  • GDPR will drive higher costs (up to 4% of sales)
Detection
Detection
  • Public cloud breaches are increasing
  • Traditional rules-based approach is inefficient
  • Lack of known signatures
Response / Hunting
Response / Hunting
  • Root cause analysis takes hours or days
  • Taking action on threats is complicated
  • Lots of time wasted on low value activities



What is Sift Security CloudHunter?

Scalable Cloud Platform
Scalable Cloud Platform
Advanced Analytics
Advanced Analytics
Visualization
Visualization
API Integrations
API Integrations

Benefits: Proactive Cloud Security

Cloud Visibility
Cloud Visibility
  • Multi-Cloud
  • Containers
  • Network
  • Instances
  • Configurations
  • Vulnerabilities
  • Users
  • Things
+
Advanced Analytics
Advanced Analytics
  • Machine Learning
  • Anomaly Detection
  • Graph Clustering
  • Entity Risk Scoring
  • Custom Rules Engine
  • CIS Benchmarks
  • Threat Intelligence
=
Protection Against
Protection Against
  • Misconfigurations
  • Compliance Gaps
  • Vulnerabilities
  • Insider Threats
  • External Hacking
  • Malware
  • Lateral Movement
  • Privilege Escalation
  • Data Exfiltration
 

Compliance with Cloud Best Practices

CloudHunter offers customizable rules-based detection with out of the box support for key security configuration best practices such as the CIS AWS Foundations Benchmark


Cloud Compliance Dashboards & Reports

Compliance with Cloud Best Practices

Example: CIS AWS Benchmark Alerting

3.1 Unauthorized API calls
3.2 Management Console sign-in without MFA
3.3 Usage of "root" account
3.4 IAM policy changes
3.5 CloudTrail configuration changes
3.6 AWS Management Console authentication failures
3.7 Disabling or deletion of customer created CMKs
3.8 S3 bucket policy changes
3.9 AWS Config configuration changes
3.10 Security group changes
3.11 Changes to Network Access Control Lists (NACL)
3.12 Changes to network gateways
3.13 Route table changes
3.14 VPC changes
3.15 Ensure security contact information is registered
3.16 Ensure appropriate subscribers to each SNS topic
   

Detection: Summarize Threats and Most Risky Entities

CloudHunter's suite of detection tools identifies known bad and helps identify unknown bad efficiently while minimizing alert fatigue

Detection: Summarize Threats and Most Risky Entities
  • Import / export alerts to / from 3rd parties
  • Customizable rules engine with out of the box detections
  • Anomaly detection
  • Graph algorithms (alert prioritization)
 

Detection: Machine Learning

Sift Security utilizes anomaly detection as a more scalable approach to detection, and a way to help detect unknown threats


AWS Behaviors

  • User logs in from unusual location
  • User accesses unusual resources
  • Unusual access patterns to data stored
  • Unusual changes to ACLs
  • Usual changes to Security groups
  • Etc.

Entities

Detection: Machine Learning
  • Rare events
  • Spikes
  • Seasonality
  • Out of context
  • Unsupervised ML
  • Feedback loop
 

Detection: Alert Prioritizer

CloudHunter's patent-pending graph prioritization algorithms surface clusters of risk to identify serious threats faster, and reduce alert fatigue


From

Beginning

To

 

Robust API Layer to Enable Seamless Action and Automation

CloudHunter includes an API layer that connects to cloud services and 3rd party products to enable seamless, or even automated action

Robust API Layer to Enable Seamless Action and Automation

Easy, Self-Service Deployment

Interested? We can set up a no-cost pilot in under 15 minutes and so you can immediately begin reviewing the security posture of your cloud.


Deployed in minutes via a private AMI

Deployed in minutes via a private AMI

Deployed in minutes as a hosted service

Deployed in minutes as a hosted service