Securing your cloud-first architecture using Stealthwatch Cloud and Cisco SecureX

In recent years, cloud computing has completely redesigned the way we live and work. Whilst businesses were once bound to on-premise infrastructures, the introduction of ‘the cloud’ has meant that firms can access corporate information using any device which is connected to the internet. Cloud architectures are understandably popular as they provide scalable services for a fraction of the price of onsite security stacks.

However, cloud computing does not come without security challenges. Although modern-day working environments demand the accessibility and flexibility of the cloud, these benefits are null and void if systems are insecure and littered with blind spots. Unfortunately, it only takes one misconfigured application to leave critical data exposed to the prying eyes of cyber-criminals. But how can you ensure that your cloud applications are fortified and secured from this unwarranted access?

The importance of deploying an effective cloud-security strategy
There is a growing concern between Cyber Security professionals, that businesses have migrated to the cloud without effectively adapting their risk management and data protection strategy. However, before a cloud-migration can take place, you must be able to assess the risks of this new networking environment. This should involve having full visibility of incoming cyber-threats, eliminating blind spots and prioritising the most critical vulnerabilities.  After all, as the attack surface changes, so do threat vectors used.

Since the trend of mass cloud migration and increase in home working, bad actors have replaced traditional network-based attacks with methods tailored to exploiting this new attack surface. This often involves phishing scams which target home workers using insecure laptops, the  aim of these attacks is to steal cloud access credentials (such as Office365 passwords) or to download malicious code onto the devices. The recently published2020 Cloud Security Report’ discovered the top cloud security threats are: the misconfiguration of the cloud platform (68%), unauthorised cloud access (58%), insecure interfaces (52%), and hijacking of accounts (50%).

Although cloud-based-threats are on the rise, by implementing the right security measures, there is no reason why your cloud-first-architecture can’t be secure. In order to do this, you must first identify your cloud-security ‘pain-points’. (For instance, are you concerned that you lack visibility into corporate application access logs)? This process will help you to take control of threats, mitigate identified security gaps and develop a comprehensive cloud-strategy which is tailored to your business. It will also give your IT teams confidence that you can maintain cyber-resilience, (even without the ‘comfort blanket’ of traditional network-based security measures).


Lack of visibility in ‘the-cloud’

Although visibility is a fundamental element of securing data in the cloud, a recent study titledThe State of Cloud Monitoring discovered that just 20% of surveyed businesses felt they had complete visibility into their cloud environment and 87% expressed concerns that a lack of visibility obscures security threats within their network.


As more corporate systems migrate to the cloud, organisations must be able to monitor application performance, compliance, and proactively manage threats. Unfortunately, you can’t protect what you can’t see. Without a ‘window of visibility’ into your entire cloud-terrain, you are unable to take control of malware and inefficiencies. Although achieving pervasive network insight may seem like a daunting task, the basic objective is being able to gather data from systems and hardware and deliver this information to a platform which can analyse and monitor it for cyber threats and network anomalies.
Introducing Stealthwatch Cloud and Cisco SecureX:  Taking control of threats in your cloud environment
  • Stealthwatch Cloud can ingest telemetry from your entire cloud architecture and detect advanced threats across your estate (in real-time)! Unlike other solutions, Stealthwatch Cloud can see into native telemetry like VPC and NSG logs, it uses this information to generate alerts that are unique to various public cloud vendors like AWS, Azure and GCP.
  • Fast Detection: Stealthwatch Cloud has the capability to detect early signs of cyber-breaches. This includes identifying multistaged attacks, policy violations, misconfigured cloud assets, and user error and misuse.
  • User confidence: Stealthwatch Cloud gives users confidence that if they are breached using stolen credentials from a phishing attack or there is an intrusion caused by a firewall misconfiguration, they will be immediately notified about any malicious activity.
  • Detects anomalies: Stealthwatch Cloud uses the network itself as a sensor to detect threats through various methods of behavioral modeling. After a number of days, Stealthwatch Cloud will understand what is ‘normal’ for your network and will only notify users when anomalies are identified. For instance, if the traffic within a CRM application is not acting in a way it usually would, Stealthwatch Cloud will flag an alert to the administrator.
  • SecureX is a FREE platform for all Cisco Security customers. It allows you to connect Cisco’s integrated security portfolio under a ‘single pane of glass’. You will have visibility of your entire security infrastructure for a consistent experience that unifies visibility, enables automation, and strengthens security across your network, endpoint, cloud, and applications. This platform allows you to respond to and mitigate multi-staged attacks in real time and reduce the long-term damage of a breach.
  • SecureX and Stealthwatch Cloud are a match made in heaven. SecureX increases the effectiveness of Stealthwatch Cloud, as it connects to feeds like AMP for Endpoints and ISE. This allows for quick remediation methods across security tools. SecureX can also use data generated from Stealthwatch Cloud to see how threats are moving across the network.
Want to find out more about Stealthwatch Cloud and Cisco SecureX? Register for our webinar alongside Cisco Security on the 17th of September

On the 17th September at 11:00am Equilibrium Security Services and Cisco Security are hosting a cloud-security webinar titled ‘How to protect your cloud environment using Stealthwatch Cloud and Cisco SecureX’. This educational session will explore how to overcome cloud-security challenges, mitigate blind spots and achieve pervasive visibility using Stealthwatch Cloud and Cisco SecureX. It will also be a chance to take a technical deep dive into the capabilities of both solutions, as well as seeing a demo of SecureX in action.

Keynote speakers include: Anish Chauhan, MD at Equilibrium Security and Mustafa Mustafa, Consulting Systems Engineer Cybersecurity at Cisco Security.

Would you like to register for our webinar?

If you would like to chat to a member of our team you can call us on 0121 663 0055 or email zoe@equilibrium-security.co.uk