Skyhigh Networks has announced the expansion of Skyhigh Cloud Security Labs (CSL) to include Cloud Threat Intelligence. Led by Sekhar Sarukkai, co-founder and chief scientist, Skyhigh CSL’s charter is to advance the industry’s ability to leverage the latest research and innovation in cloud security to combat new threats and accelerate cloud adoption.
According to the December 2015 Gartner report entitled “How to Evaluate and Operate a Cloud Access Security Broker” by Neil MacDonald and Craig Lawson, companies should, “Favor CASB providers that maintain their own proactive cloud threat research laboratories, actively research vulnerabilities and attacks on cloud service providers, and can use this intelligence to protect their CASB customers by recommending policy changes.”
As the leading Cloud Access Security Broker, Skyhigh has long maintained Cloud Security Labs that included Cloud Service Intelligence and Cryptography Research. The newly formed Cloud Threat Intelligence division will drive even greater insight into the growing cloud threat landscape.
“Skyhigh Cloud Security Labs ensures that security teams have access to the latest cloud security R&D,” said Brian Lillie, CIO of Equinix. “The new cloud threat intelligence division of Skyhigh Cloud Security Labs is crucial because it provides unique data-driven insights on the ever changing threat landscape.”
New Division of Skyhigh CSL: Cloud Threat Intelligence
Skyhigh CSL researched activity across its extensive global user base to discover patterns of usage that compromise the security of corporate information. As an example, Skyhigh CSL pioneered an innovative approach to behavioral botnet detection by creating an algorithm that uses multi-dimensional probabilistic weighting to percolate domains that display characteristics of a Command & Control server. By using classical signal processing techniques Skyhigh can characterize abnormally programmatic behaviors, providing customers with detailed forensics to pinpoint and remediate exact systems that have been compromised.
Additionally, Skyhigh CSL developed capabilities to visualize outbound data flows to non-cloud service IPs and domains and analyzes the traffic by characteristics such as IP reputation and geography, enabling companies to identify outbound data flows and prevent data exfiltration. Further, Skyhigh CSL leverages a user base of 23 million users to create robust behavioral models to fingerprint each cloud service. Using these behavioral models in conjunction with additional threat intelligence feeds, Skyhigh detects abnormal activity with a high-degree of accuracy and proactively alerts customers to activities requiring attention. This enables Skyhigh to identify emerging malicious cloud activity – for example, those within encrypted traffic patterns, to proactively determine indications of data theft using massively scaled data science and machine learning techniques.
In addition to Cloud Threat Intelligence, Skyhigh Cloud Security Labs continues to focus on the following areas of research:
Cloud Service Intelligence
Skyhigh CSL researches cloud services to provide customers with a comprehensive view of the state of cloud services available in the global market and insight into the risks of each of these cloud services. In addition to continuously identifying and evaluating cloud services in real-time, Skyhigh CSL extends the depth of intelligence via integration with Darknet and other sources of cyber-risk intelligence while extending the breadth of risk visibility into the B2B partner ecosystem. In addition, Skyhigh CSL also audits over 17,000 cloud services when a major vulnerability, such as Heartbleed, VENOM, FREAK, POODLE, or BASH, is exposed, determines the security implications using advanced data mining and natural language processing, proactively informs customers of cloud service risks, and provides recommendations for remediation.
Cryptography Research and Development
Skyhigh CSL works with five leading cryptography academics from Cornell Tech, University of London, Georgia Tech, and University of California, San Diego, who form the Skyhigh Cryptography Advisory Board, to collaborate on cutting edge research and deploy cryptographic innovations for the cloud security market. In conjunction with the Cryptography Advisory Board, Skyhigh CSL has developed and brought to market several important advancements in cloud cryptography such as searchable symmetric encryption, order-preserving encryption, and format-preserving encryption.
This article was originally posted “Skyhigh Networks Announces Expansion Of Skyhigh Cloud Security Labs” from Cloud Strategy Magazine.