Data Sheet CloudSOC Auditlook to Symantec for strategic, integrated solutions to defend against...
Transcript of Data Sheet CloudSOC Auditlook to Symantec for strategic, integrated solutions to defend against...
CloudSOC™
Audit
Symantec CloudSOC Audit discovers and monitors all the cloud apps being used in your organization and highlights any risks and compliance issues they may pose.
Make smart cloud app choices
Integrate with Web Security
Monitor risk and compliance
Uncover Shadow IT
Data Sheet
Gain visibility into all the cloud apps used within your company and their detailed Business Readiness Ratings™.
Compare cloud apps side-by-side, consolidate on the most secure alternatives, and continuously monitor usage for compliance enforcement and cost containment.
Identify high-risk cloud apps and provide executive reports regarding your organization’s risk profile tailored to your unique security requirements.
Leverage integrations with Symantec Secure Web Gateways, including ProxySG and Web Security Service (WSS) to uncover Shadow IT in SWG traffic and apply granular policy controls to Shadow IT.
All of the Above Search within categorie s
OneDrive 87 ShareFile 87 Syncplicity 87 Google Drive 87 GoogBox 87
Service Comparison Bitcasa 38
REMOVE ALL
OneDrive 87
REMOVE REMOVE REMOVE
ShareFile 87 Box 82
Access 28 90 1009 0
Federated Identity Management
OAuth support
SAML support
OpenID support
1001 00 1001 00
Multi-factor Authentication
Multi-factor authentication via SMS
Multi-factor authentication via USB Token
Multi-factor authentication via Smartcard
Multi-factor authentication via secondary email
Multi-factor authentication via Mobile App
Multi-factor authentication - Security Questions
Multi-factor authentication via Blometrics
1 1001 00 100
Federated Identity Management
Utilizes CAPTCHA
Protection from multiple failed logins None
1 1001 00 100
Account Lociout Account Lockout
Compare Services
CloudSOC™ AuditData Sheet | 2© 2017 Symantec Corp. All rights reserved
Provide visibility into Shadow IT usage Analyze logs from your proxy, firewall, and endpoints to identify the cloud services in use in your organization and provide an executive summary to IT and business decision makers. Our fully configurable, Flex log format interpreter can analyze almost any type of log file.
Identify risky SaaS apps Identify risky cloud apps in use based on 100+ objective security attributes that can be customized to your organization’s risk tolerance. Identify employees using these services, as well as how much they’re using them. This intelligence can be used to coach BUs and users to select safe app alternatives and use them responsibly.
Control access to high-risk cloud apps Block unapproved cloud services while allowing access to those that meet your security guidelines. AppFeed integration with ProxySG and WSS enables you to apply granular Shadow IT policy controls directly from the proxy management console.
Identify risks in cloud app traffic Uncover threats in firewall, proxy and endpoint logfiles using User Behavior Analytics (UBA) and advanced data science.
Perform risk assessments on cloud services Each app is measured against 100+ objective security attributes, enabling you to perform side-by-side comparisons of functionally similar apps so you can select the most secure ones.
Consolidate services and reduce costs Comparing cloud services can help you make well-informed recommendations to business units to consolidate accounts, saving costs and reducing complexity.
Generate automated and custom reports Generate infographics and executive audit reports with the click of a button. Set up custom scheduled reports to be sent via email to critical stakeholders in the organization.
CloudSOC Audit
Customize app Business Readiness Ratings by weighting individual risk attributes (i.e., compliance certifications).
1 Month Generate Audit ReportDecember 1, 2014 - December 31, 2014
Your Audit Score
56
Access 52
Service 89
Informational 48
Data 31
Compliance 30
Business 82
Administrative 51
421SaaS Services
Top Risky Services
Feedbackify!
Top Users
Destinations (3)
192.168.1.24
Feedback Management
281Users
at medium or higher risk(189 services)45% 887
Users145Destinations
1 18
PusherRealtime Messaging
145Users
114Sessions
23.5MB
192.168.1.14 43Sessions
22.5MB
192.168.1.4 56Sessions
13.9MB
192.168.1.25 173Sessions
14.0MB
192.168.1.5 136Sessions
13.9MB
Feedbackify!Feedback Management
2 25
PluralsightIT Training, Developer Training
98Users
3 33
BitcasaFile Sharing
92Users
4 28
Security MetricsHosted Vulnerability Scanners
281Users
5 50
AdvertServeInventory Management
281Users
6 65
CompeteBusiness Intelligence, Digital Marketing
145Users
7 43
InsighteraPredictive Alerts
98Users
8 25
goroostDesktop Alerts
92Users
9 65
ComscoreMarketing Analytics, Brand Management
281Users
10 50
ChannelAdvisorE-Commerce
281Users
11 30
JanrainSocial Media Management
243Users
12 33
Audit
Summary Services Users Destinations
The Audit application ingests logs from firewalls and other security proxy devices to perform its Shadow IT analysis. In order to meet privacy needs and regulations, customers can also anonymize and compress log information with Symantec’s on-prem virtual appliance SpanVA, prior to log streaming. Logs are processed and results are available in the CloudSOC Audit App.
How Audit Works Business Readiness Rating for
ten’s of thousands of cloud apps
incl. 100+ risk attributes and features req’d for compliance
app security risks, features, cost, etc.
which apps to sanction, which to monitor,
and which to block
with automated reporting
86
Zing Drive Box Google Drive
unsanctionsanction
businessacct.
personalacct.
apps to monitor
apps to block
Integrations
Symantec Secure Web Gateways (ProxySG/WSS) Apply granular policy controls to Shadow IT from the proxy management console and streamline deployment through unified authentication, UI integration, and automatic WSS log ingestion by CloudSOC Audit. Single Sign-On Solutions Integrates seamlessly with any 3RD party single sign on solutions based on SAML. Active Directory (LDAP) Enable user mapping for tracking user activity and identifying high-risk users.
Symantec Endpoint Manager (SEP-M) Uncover Shadow IT used on managed endpoints outside of your network perimeter.
App Database
SWG
Firewall
SEP-M
Audit
Don’t just discover
Shadow IT, Control IT.
CloudSOC™ AuditData Sheet | 3© 2017 Symantec Corp. All rights reserved
Logs
On-prem virtual appliance
Compare02
Choose03
Analyze01
Monitor04
SpanVAWSS
Shadow IT Risk Assessment
Find and monitor all cloud apps used in your organization and
highlight any risk and compliance issues.
Business Readiness Rating™
Automatically rate the security of each cloud app discovered in
your organization, based on 100+ objective metrics, including
security mechanisms and compliance certifications.
Customized Ratings Weight individual risk attributes to provide a customized BRR for
each app based on your organization’s unique risk requirements.
Comparative Analysis Find alternatives to high-risk apps and enables you to perform
intuitive side-by-side comparisons.
Usage Analysis Reveal how frequently each cloud app is used and by whom,
identifying opportunities for streamlining and cost reduction.
Identify “New” apps employees have introduced that may be risky.
Advanced VisualizationQuickly zoom into the information with easy-to-use filters,
pivot views, and time scale adjustments.
Cloud Services Risk Assessment Report
Generate a comprehensive report with executive summaries
along with a list of discovered services and recommendations.
Access Enforcement Policies
Allow remediation at the proxy or firewall through blocking of
non-IT approved apps.
Admin Single Sign-On Enjoy Single Sign-On (SSO) between Audit and WSS.
Key Features Specifications
Log File Formats
Flex Universal Log Format enables ingestion of almost any log file type (proxy, firewall, endpoint, malware, etc.) into CloudSOC Audit.
Log Ingestion Modes
Log ingestion modes include web uploads, SpanVA for continuous monitoring, SCP, SFTP, and S3.
Log File Anonymization
Tokenize user-identifiable information before it is sent to CloudSOC Audit using SpanVA, an optional virtual appliance.
User Directory Synchronization
Synchronize users from LDAP or AD into CloudSOC using the SpanVA (optional) Directory Sync feature.
UBA and Threat Intelligence Feeds
Perform User Behavioral Analysis (UBA) on firewall, SIEM, endpoint, and proxy logfiles to identify and rate threats to cloud apps leveraging advanced data science.
Data Export Formats
Readily export data for offline analysis and processing in CSV format or REST API.
Dashboards and Reports
Create customizable dashboards with customizable widgets and predefined widgets.
Generate infographics and executive audit reports at the click of a button.
Schedule delivery of customized reports via email to critical stakeholders in the organization.
App Classification Types
Automatically classify apps as cloud hosting, collaboration, social network, security email, search engine, file sharing, storage, VoIP, instant messaging, expense management, identity management, workforce management, IT services management, CRM, digital certificates, domain registrar, cloud hosting, PaaS, development, analytics, personal finance, or online productivity suite.
App Business Readiness Rating Attributes
Apps are rated high, medium and low risk according to over 100 customizable security attributes, including: compliance, data protection, admin controls, access control, service characteristics, business characteristics, and informational.
Cloud Traffic Destinations
Destinations are trackable by city, country, number of services, number of sessions, KB uploaded, KB downloaded, number of users and number of platforms.
CloudSOC™ AuditData Sheet | 4© 2017 Symantec Corp. All rights reserved
CLOUD SECURITY(CASB)
WEB SECURITY
ENCRYPTION
integrations
USERAUTHENTICATION
MANAGED SECURITY SERVICE
ENDPOINTPROTECTION
ADVANCEDMALWARE PROTECTION
DATA LOSS PREVENTION
Copyright © 2017 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo, are trademarks or registered trademarks of Symantec Corp. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law, and are subject to change without notice.
symantec.com +1 650-527-8000
Data Science Powered™ Symantec CloudSOC platform empowers companies to confidently leverage cloud applications and services while staying safe, secure and compliant. A range of capabilities on the CloudSOC platform deliver the full life cycle of cloud application security, including auditing of shadow IT, real-time detection of intrusions and threats, pro-tection against data loss and compliance violations, and investigation of historical account activity for post-incident analysis.
Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps businesses, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infra-structure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton suite of products for protection at home and across all of their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter, and LinkedIn.
About CloudSOC
About Symantec
Get better security with less complexity
For more info on Symantec CloudSOC CASB and its industry leading integrations with Symantec Enterprise Security Systems, visit go.symantec.com/casb
Deploy a cloud security solution that integrates with your existing security infrastructure. A Symantec solution with CloudSOC provides greater security coverage, reduces operational complexity, and provides an optimal user experience.