Make Even Smarter Cloud App Choices
Symantec CloudSOC Audit customers have been able to view and leverage the Business Readiness Ratings (BRR) of over 20K cloud apps and services. BRR, which is calculated individually for each app, is based on 120+ security attributes (compliance, MFA, access control, etc.), and is invaluable in helping you to select apps that meet your exact security requirements.
And now, with the addition of the Cloud App Threat Feed, you can also factor real-world vulnerabilities and exploits into an app's BRR rating, allowing you to identify and control apps that have recently been successfully attacked.
Screenshot #1: CloudSOC Audit Dashboard, showing Compromised Cloud Apps discovered
How it Works
In Audit BRR Profile preferences, you now have an option to “Adjust BRR based on compromises in the last 90 days”. By selecting this option, apps that are compromised will have additional threat intelligence factored into their BRR scores following the detection of an exploit, which include data theft/exfiltration attempts, account compromises, phishing attacks, and other malicious activity types. A 90-day term was selected to provide a window on the app threat that persists long enough to mitigate the risk but is terminated before the information becomes dated.
In addition, you will be able to see an additional widget in your CloudSOC dashboard that shows a list of recently compromised cloud services.
Screenshot #2: CloudSOC Dashboard, showing Compromised Cloud Services Widget
How it will Improve Your Cloud Security
Immediately, this enhancement will enable you to dynamically account for real-time exploits not currently accounted for by the static BRR risk attributes, which are primarily focused on conformance to compliance standards and security functionality.
And coming soon, you will also be able to block access to these temporarily risky apps through setting policies in the CloudSOC Protect module that block apps with a low BRR score.
Availability
Functionality will be available globally by July 13th.