AI Cloud Security Tools Explode – Virtualization Review

News

AI cloud security tools are exploding

Advanced AI is being applied to all kinds of enterprise uses these days, but there is perhaps no better use case than cloud security.

Since the cloud is a natural fit for advanced AI platforms led by the likes of AWS, Google Cloud and Microsoft Azure, a host of third-party security vendors have been launching AI-powered cloud security tools at a remarkable rate. It appears to be one of the hottest trends in the industry based on these announcements made yesterday and today:

Cloudflare
This communications cloud specialist announced a host of new offerings in this space yesterday, including:

AI Firewall: Described as “a layer of protection that can be deployed in front of large language models (LLMs) to identify violations before they reach the models.” It works with models hosted on the Cloudflare Workers AI platform or any other third-party infrastructure. It can also work with Cloudflare AI Gateway, and customers will be able to control and configure the firewall for AI using the Web Application Firewall (WAF) control plane. Read more about it here.

Defensive AI: This is described as “a personalized approach to securing organizations against the new wave of risks presented by emerging technology.” It works by looking at specific customer traffic patterns to provide an organization with a defense strategy that is customized and unique to its environment, allowing users to:

Protecting the modern web: Application programming interfaces (APIs) make up 57 percent of all dynamic web traffic and support the most popular applications and services for businesses. Cloudflare is developing the Anomaly Detection API, which will help prevent attacks designed to damage applications, hijack accounts, or steal data. Secure the number one threat source – email: Nine out of ten cyberattacks start with a phishing scam, so reducing the risks posed by email is pivotal to supporting cyber resilience. Mitigating threats posed by employees – whether accidental or intentional: Nearly half of insider threat incidents involve an employee with privileged access to company assets – underscoring the importance of a Zero Trust approach.

You can learn more about defensive AI here and here.

AI Assistant: “Today, we are introducing the AI ​​Assistant to help you query your security event data, allowing you to detect anomalies and potential security attacks more quickly,” the company said. “Now you can use plain language to interrogate Cloudflare analytics and let us do the magic.” It can be used for:

Identify the source of the spike in attack traffic by asking: “Compare attack traffic between US and UK” Identify the root cause of 5xx errors by asking: “Compare Origin errors and Edge 5xx errors” Find out which browsers are most used by your users from During the question: “Compare traffic across major web browsers” For an e-commerce site, you can understand what percentage of users are visiting versus adding items to their shopping cart by asking the following question: “Traffic comparison between /api/login and / api/basket” Identify bot attacks against your e-commerce site by asking: “Show requests to /api/basket with a bot score less than 20” Identify which versions of HTTP customers are using by asking: “Compare traffic by each HTTP version ” Identify unwanted automated traffic to specific endpoints by asking: “Show POST requests to /admin with Bot points greater than 30”

You can learn more about the AI ​​assistant here

Centra
The original cloud data security specialist today announced Sentra Jagger, which is claimed to be the industry's first associate LLM for cloud data security.

“This new capability enhances the functionality of Sentra's Data Security Posture Management (DSPM) platform and Data Detection and Response (DDR) platform by enabling users to instantly remediate emerging threats and vulnerabilities with real-time insights, as well as extending “This expansion enhances the end-to-end view of an organization's security posture, ensuring compliance, effective communication, and improved risk management,” the company said.

The company said that in addition to real-time security insights, AI-powered treatment guidance, streamlined workflows and an intuitive, easy-to-use dashboard, it also provides:

Simplify interpretation of complex security queries, providing clear, concise explanations in plain language to enable users across different levels of experience to make informed decisions and take appropriate actions with confidence; Enhanced incident response capabilities provide users with actionable steps to identify and address to simplify the incident response process while minimizing downtime, minimizing damage, and quickly restoring normal operations; And integrate with existing tools to experience unified security management to provide a comprehensive view of the organization's data security posture.

The blog post provides more information, including a list of benefits:

Accessible Security Insights: Simplify interpretation of complex security queries, providing clear, concise explanations in plain language to empower users across different levels of experience. This helps users make informed decisions quickly and take appropriate actions with confidence. Improved Incident Response: Clear steps to identify and fix problems, providing users with clear steps to identify and fix problems, making the process faster, reducing downtime and damage, and restoring normal operations immediately. Unified Security Management: Integrate with existing tools, creating a unified security management experience and providing complete visibility into an organization's data security posture. Jagger also speeds up the process of customizing and tuning solutions.

It's in limited preview this month and is expected to be generally available in the second quarter of 2024. You can learn more about the Sentra Jagger here.

NetApp
This intelligent data infrastructure company, which claims to be one of the first to integrate AI and machine learning directly into an organization's core storage for real-time ransomware protection, today announced updates to its cyber resilience capabilities including:

ONTAP's Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI) will lead the next generation of real-time storage ransomware protection, delivering the increased accuracy and performance needed to detect and mitigate new, more complex cyber threats. NetApp will provide its first ARP/AI technology preview during the next quarter. NetApp BlueXP Ransomware Protection, now in public preview, provides a single control plane to orchestrate and execute comprehensive, workload-centric ransomware defense. Customers can now identify and protect critical workload data with one click, accurately and automatically detect and respond to any potential attack, and recover workloads within minutes, protecting their valuable data and reducing costly disruptions. Application-Aware Ransomware Protection via NetApp SnapCenter 5.0 provides consistent ransomware protection for applications. SnapCenter will now apply NetApp's leading ransomware protection technologies, previously used with unstructured data, for application-consistent backups. SnapCenter 5.0 includes support for key ONTAP features such as tamper-evident Snapshot copy locking, SnapLock-protected volumes, and SnapMirror Business Continuity to enable more robust data protection for applications and virtual machines. SnapCenter 5.0 supports application protection on-premises with NetApp AFF, ASA, and FAS, as well as in the cloud. NetApp BlueXP Disaster Recovery, now generally available, provides seamless integration with VMware infrastructure and provides storage options for both major on-premises and public cloud environments. This comprehensive solution eliminates the need for a separate disaster recovery (DR) infrastructure, reducing costs. With NetApp BlueXP disaster recovery, failover and failback processes are simplified, allowing for a seamless transition from on-premises VMware infrastructure to the public cloud or to an on-premises data center. The NetApp Keystone Ransomware Recovery Warranty expands the existing NetApp Keystone Ransomware Recovery Warranty to include our flagship storage-as-a-service offering, NetApp Keystone. With this guarantee, NetApp will ensure snapshot data recovery in the event of a ransomware attack. If snapshot data copies cannot be recovered by NetApp, we will provide compensation.

A separate blog post provides more details. ONTAP's next generation standalone ransomware protection provides the following benefits:

Detect AI-powered threats in near real-time to reduce your liability and enable faster recovery. This capability improves on the previous implementation, which relied on a set of heuristics generated during a “learning period.” Accuracy and recall of over 99 percent – ​​an industry first based on new machine learning models. Enhanced detection of a wide range of ransomware attacks. Uninterrupted updates of model parameters are seamless and can be performed at any time, independent of ONTAP release cycles.

ARP/AI, which complements the company's portfolio of AI-powered protection, detection and recovery solutions, is scheduled to be available as a technology preview in the second quarter of this year, the company said.

With all of the above announced in the past 24 hours, it's clear that the AI-powered cloud security space is super-charged right now, so stay tuned for more.