What sorts of advanced threat detection tools would you recommend for monitoring multi-cloud environments?
Sort by:
I see many in the thread speaking of Wiz and I would have to agree for ease of use and the original correlated threat analysis they are very good. We actually spent our money on Upwind which is a start-up in the field as it was based upon similar values, perhaps a little harder to implement, but with great support and considerably more economic at the time.
We use Prisma Cloud and are evaluating Wiz, which seems to offer more value in this space. CrowdStrike has another tool emerging in the market, similar to Prisma Cloud, though we haven't evaluated it yet.
Threat detection is multifaceted. Wiz is a CNAPP that includes vulnerability scanning. However, threat detection goes beyond scanning; it involves tools that discover attack surfaces, including those you might not be aware of, such as developers posting code in public repositories with embedded keys or spoofed sites mimicking your environment for phishing attacks.
I can't speak specifically about tools in my organization, but I agree on the multifaceted nature of threat detection. We have a dedicated attack surface management team using multiple tools to understand the information flow internally and externally into the cloud. Tools like App Dome offer comprehensive visibility and risk prioritization. We're seeing convergence in end-to-end visibility, prioritization, and even inline remediation. AI is changing the game by enabling tools to detect and respond to extreme risk exposures, supercharging response and mitigation activities.
There are many tools for detecting potential risks and exposures. The new breed of tools, such as vulnerability aggregators, are significant because they consolidate findings from various tools like CNAPP and vulnerability management. They validate which vulnerabilities might have access to sensitive data or are publicly exposed, and that helps prioritize them. This area is ripe for growth due to the challenge of balancing and prioritizing findings from numerous tools.
There are several tools that come to mind, such as CNAPP and CSPM solutions. Wiz is a prominent player, and Lacework was another until Wiz overshadowed it. I've advised startups in this space that have been acquired by major companies like Palo Alto and Cisco.
There are several tools. In my view almost every premium product company like Microssoft, PaloAlto, TrendMicro, CrowdStrike, Zscaler, Cloudflare, Wiz, Netskope has good solution.
Main purpose is to secure digital environment, improve efficiency and ensure compliance. So holistic approach seeing beyond specific use case is more meaningful. So I would prefer to adopt tool according to current digital asset, tools & technologies and business applications. so that integration and adoption of new technology for current team in seamless and smooth.