Illumio, Qualys debut vulnerability-based micro-segmentation
Cloud computing security companies Illumio and Qualys have integrated their solutions to deliver what they say is the industry's first vulnerability-based micro-segmentation.
Vulnerability and threat data from the Qualys Cloud Platform is integrated with Illumio application dependency mapping to show potential attack paths in real time. The integration delivers vulnerability maps, enabling organisations to see connections to vulnerabilities within and between applications.
The partnership also introduces an East-West exposure score that calculates how many workloads can potentially exploit vulnerabilities on applications. East-west traffic is the transfer of data packets from server to server within a data centre.
According to Illumio, this integration can be used to generate micro-segmentation policies as compensating controls that reduce East-West exposure and to prioritise patching.
Philippe Courtot, CEO and chairman of Qualys, says digital transformation is driving an explosion of connected environments in which perimeter protection is no longer adequate. "The focus now needs to shift from securing network perimeters to safeguarding data spread across applications, systems, devices, and the cloud."
He says this integration between the two companies will help organisations gain visibility across hybrid environments and implement appropriate controls to protect assets from cyber threats, whether on premises or in the cloud."
Several notorious attacks have resulted from software vulnerabilities in applications including WannaCry, NotPetya, and Apache Struts. In addition, Meltdown and Spectre are two recent examples of vulnerabilities where exploitation could have given threat actors access to an environment, and the ability to move laterally within data centres and clouds.
"Due to the growing scale of infrastructure and software vulnerabilities, organisations are unable to patch every vulnerability and may be unable to patch many critical vulnerabilities due to production freezes or for fear of breaking their applications," adds Illumio.
CEO and co-founder of Illumio, Andrew Rubin, says vulnerability management is an essential tool in every security team's arsenal, adding that the integration will enable businesses to see a map of how active, exposed vulnerabilities can potentially be exploited by an attackers.
"By adding vulnerability maps to our Adaptive Security Platform, security teams can see potential attack paths in real time and immediately implement micro-segmentation to prevent the spread of breaches."