Uptycs, a SQL-powered security analytics lead provider, announced its advanced cloud security and compliance offerings. The Uptycs Security Analytics Platform focuses on providing its customers with security and compliance for their AWS deployments.

The advanced features provide analytics for configuration, CloudTrail activity, and VPC Flow Logs, enabling security teams to measure their posture and look for cloud provider activity along with their cloud workload and endpoint activity, all in a single platform.

The AWS analytics provides security and compliance teams with a complete view of cloud accounts, workloads, and services. In Uptycs AWS cloud environments, security operations can quickly inspect and spot misconfigurations and vulnerabilities, comprehend identity and configuration governance, meet enforcement reporting standards, and recognize and investigate possible threats.

“Organizations continue to ramp up their cloud workloads and use of AWS services, where getting visibility into resources and assets across all their accounts is a high priority,” said Ganesh Pai, Founder and CEO, Uptycs, Inc. “Security teams also need to implement controls representing best practices to reduce the risk of data leakage, resource hijacking and account takeover. The bottom line is that what you can’t see, you can’t secure. With the Uptycs Security Analytics Platform, now in one place, security teams can get answers to questions about their entire cloud infrastructure on AWS, including anything related to cloud resource usage, threats against those resources, and their cloud service configurations.”

The (ISC) 2 2020 Cloud Security Report states that amongst the most worrisome security threats facing public clouds are unauthorized access (58%), insecure APIs (52%), misconfiguration of the cloud platform (68%), and account hijacking (50%). The authorized team needs to address the following challenges offered by the Uptycs AWS security –

  • Equipping AWS assets, personnel, and facilities with instant inventory visibility for their organizations. Users can group their cloud-based assets and services across accounts, tag them, and then run ad hoc queries and information reports such as service configurations.
  • Ensuring that their AWS tools commit to best practices across accounts. Uptycs alerts security teams to threats such as unsafe configurations, monitors configuration history, and provides critical information that enables engineers to instantly address user MFA, CloudTrail resource logging, and unauthorized API activity issues.
  • Monitoring the compliance with CIS Benchmarks, SOC 2, and other requirements of the entire AWS environment. Users may display summary visualizations of their posture of compliance and have the ability to drill down into non-compliant resources, related facts, and recommendations for remediation.
  • Detecting and investigating risks, including credential misuse, against AWS infrastructure. Uptycs crosschecks IPs and domains from AWS VPC Flow Logs against its threat intelligence platform to identify threats in the cloud. With AWS CloudTrail log data, Uptycs also makes it easy for security teams to monitor user behavior during an incident investigation. Finally, Uptycs analyses the IAM policy laws to assist security teams in implementing and monitoring least-privilege policies.

“As a cloud-based company running on AWS, finding a platform to solve all of our security needs across all of our accounts and services was a top priority,” said Kevin Paige, CISO, Flexport. “But finding a single solution that could solve for audit and inventory of our cloud assets, as well as endpoint detection and response, was a challenge — until we found Uptycs. Now we’re able to do more with less and save time while maintaining a strong cloud security posture.”