Cloud Security Posture Management (CSPM): This will provide organizations with the ability to monitor and manage the security posture of their cloud infrastructure, ensuring compliance with industry standards and regulations, detecting and addressing security threats, and preventing data breaches.
- Palo Alto Prisma Cloud
- CheckPoint (CloudGuard)
- CSP Native
- AWS Config
- Azure Security Center
- Cloud Security Command Center
Secure Access Service Edge (SASE) platform: A cloud-based platform that combines several security functions, such as secure web gateways, firewall as a service, cloud access security brokers (CASBs), and zero-trust network access (ZTNA), into a single, integrated solution. SASE platforms provide a scalable, flexible, and cost-effective way to achieve a secure service edge.
- Palo Alto Prisma Access
- zScaler
- Cisco
- Fortinet Secure SDWAN
- Cato Networks
- Netskope
- Perimeter 81
- Forcepoint
Software-Defined Perimeter (SDP): An approach to network security that uses a “zero-trust” model to secure access to applications and data. SDP solutions create a secure, isolated network connection between users and applications, effectively hiding them from the public internet and reducing the risk of cyber attacks.
- Palo Alto Prisma Access
- zScaler
- Okta
- Cisco
- Perimeter 81
- Appgate
- Symantec
Web Application Firewall (WAF): A security solution that provides an additional layer of protection for web applications by monitoring and filtering incoming web traffic based on predefined rules. WAFs can help prevent a range of cyber attacks, such as SQL injection, cross-site scripting (XSS), and file inclusion attacks.
- F5
- Fortinet
- Imperva
- Cloudflare
- Citrix
- Sophos
Cloud Access Security Broker (CASB): A security solution that provides visibility and control over cloud applications and services. CASBs allow organizations to monitor user activity, detect and respond to security threats, and enforce policies for data protection and compliance.
- Palo Alto Networks (Prisma)
- Netskope
- Cisco CloudLock
- BitGlass
- Forcepoint
- Proofpoint
- Microsoft Cloud App Security
- AWS CloudTrail (limited)
Identity and Access Management (IAM): A set of technologies and policies that manage user identities and access to applications and data. IAM solutions can help organizations enforce strong authentication and authorization policies, manage user privileges, and monitor user activity.
- Okta
- OneLogin
- Ping
- SailPoint
- Azure AD
Endpoint Detection and Response (EDR): A security solution that monitors endpoint devices, such as desktops, laptops, and servers, for signs of security threats. EDR solutions can detect and respond to malware infections, advanced persistent threats (APTs), and other security incidents.
- TrendMicro
- CrowdStrike
- Palo Alto Networks
- FireEye
- CarbonBlack
- Sophos
- Symantec
User Entity And Behavioral Analytics (UEBA): A solution that analyzes patterns of user and entity behavior across various data sources, such as logs, network traffic, and user activity data, to establish a baseline of normal behavior. Once the baseline is established, the UEBA solution can identify deviations from normal behavior that may indicate a security threat, such as insider threats, compromised user credentials, or advanced persistent threats (APTs).
- Splunk
- Rapid7
- Securonix
- Teramind
- Exabeam
- Azure Sentinel
Data Loss Prevention (DLP): A security technology that focuses on protecting sensitive data from unauthorized disclosure or theft. DLP solutions can identify and monitor sensitive data as it moves through an organization’s network, such as personally identifiable information (PII), financial data, or intellectual property. DLP solutions can also enforce data protection policies, such as blocking or encrypting sensitive data, or alerting security teams when a policy violation occurs.
- TrendMicro
- Symantec
- ForcePoint
Antivirus and Antimalware: Install antivirus and antimalware software on all devices to prevent malware from infecting your network.
- ArcticWolf
- TrendMicro
- Sophos
- CarbonBlack
Password Policy: Establish a password policy that requires employees to use strong, unique passwords and change them periodically.
- Active Directory
- Okta
- OneLogin
- Azure AD
Access Control (SSO/AMFA): Implement access controls to restrict access to sensitive data and systems to only those who need it.
- Okta
- Active Directory
- One Login
- CSP IAM
Immutable Data Backup: Regularly back up your data to prevent data loss in case of a disaster or a security breach.
- Rubrik
- Cohesity
- Veeam
- CSP S3
Security Awareness Training: Educate your employees on security best practices, including how to identify and avoid phishing attacks and other scams.
- KnowBe4
- ProofPoint
- MimeCast
- ArcticWolf
Incident Response Plan: Develop an incident response plan that outlines the steps to be taken in the event of a security incident.
- ArcticWolf
- CrowdStrike
- FireEye
- Kroll
- SecureWorks
Physical Security: Implement physical security measures such as security cameras, alarm systems, and access controls to protect your premises.
- Verkada
- Meraki
- HID Global
- Tyco
Vendor Management: Ensure that all third-party vendors have appropriate security controls in place when accessing your network.
- InterVision vCISO
- BitSight
- OneTrust
Regular Security Audits: Regularly audit your security controls to identify and address vulnerabilities and ensure compliance with regulations.
- PwC
- Deloitte
- KPMG
DevOps Security:
Code Analysis (SAST) – practice of using automated tools to analyze code and identify potential issues, such as security vulnerabilities, performance problems, and compliance violations.
- VeraCode
- GitLab
- Snyk
- CheckMarx
- Coverity
- Fortify
Code Analysis (DAST) – practice of using automated scanning techniques to identify common web application vulnerabilities such as SQL injection, cross-site scripting (XSS), and insecure authentication and authorization mechanisms.
- Rapid7
- Qualys
- Veracode
- Tenable
- Acunetix
Runtime Protection (RASP) – detect and respond to security threats in real-time
- Aqua
- SysDig
- TwistLock
- VeraCode
- Contrast
- Policy Enforcement
- Twistlock
- Snyk
- CheckMarx
- SonarQube
- GitHub Actions
- Threat Detection
- CheckMarx
- Veracode
- SonarQube
- Fortify
Vulnerability Scanning – process of identifying security vulnerabilities in software, networks, systems, or applications
- Qualys
- Rapid7
- Tenable
- Aqua
- GitLab
- Snyk
- CheckMarx
- TrendMicro
Container Scanning – process of analyzing the contents of a container image for known vulnerabilities, misconfigurations, and other security issues
- GitLab
- Snyk
- CheckMarx
- TrendMicro