SecureCloud

All the cloud security elements, orchestrated in one, cloud-based system

Overview

The simplest solution for securing cloud applications

By providing continuous, real time visibility, control and remediation, Coronet SecureCloud ensures that only trusted users, using trusted devices, connecting through trusted networks to trusted cloud services can access corporate data.

SecureCloud eliminates the need for on-site installation, enabling implementation in minutes without the complexity of legacy security integration, and at a fraction of the cost.

The Spec

Product spec made simple

Simple to set up. Simple to operate. Simple pricing.

Coronet SecureCloud is the first solution to bring all the essential elements of cloud security into a single, cloud-based system. But what are the elements of cloud security? What elements are covered (and not covered) by other products? Isn’t an access gateway or a CASB enough to secure your cloud operations? To ease on your research, below we simply compare SecureCloud in detail to other key security products which only cover partial aspects of cloud security.

In order to detect threats that put corporate data and reputation at risk, all the relevant activities along the cloud security chain should be monitored and analyzed. To make this assessment actionable, it should be performed in the proper context of user identities, security posture of the devices they use, networks they connect to and service properties.

How does that compare to other individual security systems? The key security capabilities are compared in detail in one simple table below.
Security Posture Parameters
Coronet SecureCloud
CASB
(API-based)
Access Gateway
Mobile Threat Protection
Mobile Device Management
User

User Behavior

User activities such as services used, specific periods of time, location, etc.

Roles within the organization

Groups memberships in active directory (AD), responsibilities within the organization, etc.

Collaborators roles within the organization

What information could be shared by the user, with what user groups, what are the permissions levels (view only, edit, etc.)

Device

Device settings vulnerabilities

Settings that may put device at risk or make it susceptible to vulnerabilities. For example: no password protection, no disk encryption, device rooting, etc.

Device usage vulnerabilities

Downloads of sensitive data to the device, connections to unsanctioned networks, installs of apps with known vulnerabilities, etc.

Device geo-context

Region, country, concrete geo-location, etc.

Device connectivity context

What networks used: Wi-Fi/cellular, usage patterns (office, at home)

Network

Network Credibility

Network reputation

Network Security Settings

Open/secured, what type of security (WEP, WPA, EAP).

Network geo-context

Geo-location of specific wireless networks

Network data routing

Network routing path across IP network

Service

Service sensitivity to the organization

What would be the impact of breach or data loss. For example, if it’s AWS IaaS, potential attack results may be devastating.

Service usage patterns

Activities within the service. For example, in AWS, spin up EC2 instance or create S3 bucket.

Service security settings

Password complexity, MFA, open ports, public access to sensitive data, excessive privileges, etc.

Simplifying operations: Fully automated detection and remediation.

Continuously monitored security posture and activities are automatically analyzed by SecureCloud for non-compliance, threats, and potential risks. The necessary remediation actions are automatically taken in real time, at the right place of the security chain.

In terms of cloud security functionality and its automation, SecureCloud offers a complete solution that eliminates the need for multi-system integrations.

How does that compare to other individual security systems? The key security capabilities are compared in detail in one simple table below.
System Functionality
Coronet SecureCloud
CASB
(API-based)
Access Gateway
Mobile Threat Protection
Mobile Device Management
Access control & governance

Sanctioned cloud services

Control access to cloud services approved by the organization.

Internal services

Control access to services deployed on-premises

Corporate data

Control access corporate data, ACL, permissions (r/w), etc.

Corporate networks

NAC-style control to corporate wireless networks

External & public networks

NAC-style control to public wireless networks

Contextual access control

Access control, based on the context (location, time of day, network used for communication, etc.)

Cross-domain policy enforcement

Control access to one domain, based on combined assessment of others. For example, restrict access to specific services based on device vulnerabilities or network posture.

Anomaly detection

User behavioral anomalies

Spot anomalies in user behavior based on what has been profiled as normative (e.g., abnormal access to high-risk or sensitive objects, abnormal number of activities, requests in a short time frame, activity from terminated user accounts, dormant accounts, etc.)

Device behavioral anomalies

Spot anomalies in device behavior based on what was profiled as normative (e.g., unusual data exchange patterns, battery consumption, etc.)

Network behavioral anomalies

Suspicious change of location, security type, routing patterns.

Service access anomalies

Suspicious access patterns such as services that haven’t been accessed in the past, unusual access sequences, etc.

Risky or behaviorally abnormal usage of corporate data

Mass downloads within short time frames, suspicious data deletion, privileged data access misuse, etc.

Threat protection

Potential identity theft

Spot user’s anomalous behavior, force authentication sessions expiration to coerce sign-in.

Suspicious administrative activities

Unusual actions that require administrative permissions (disable MFA, open non-standard ports, make storage accessible to everyone, etc.)

Potential malware and ransomware activity

Examine files stored in sanctioned cloud storage services for potential malware. Analyze multiple file dimensions to detect unauthorized encryption.

Cross-service aggregative analysis of data access and usage

Profile and analyze access and usage patterns across several cloud services to detect cross-service threats

Potential man-in-the-middle attacks within networks in use

In-network attacks detections such as IP spoofings, ARP poisoning, and malicious proxies.

Malicious wireless networks

Network-in-the-middle attacks (evil twin, PNL honeypots, compromised captive portals). Traffic interception, attempt to steal encryption keys and certificates.

Data loss prevention

Sensitive data exfiltration from cloud services

Download confidential data from corporate drive to mobile device which could be further shared with personal accounts or might be stolen

Collaboration and sharing control

Who can share what with whom

On-device data protection from network attacks

Open ports that could be used to connect and steal data (e.g., connection to unprotected database to make queries)

Data on-cloud regulatory compliance

Detection and prevention regulated data exposure and standards compliance (PCI, HIPAA, etc.)

Security settings assessment

Device vulnerability assessment

Assessment of settings that may put device at risk.

Network traffic monitoring to identify suspicious wireless networks

Detection of suspicious and malicious wireless networks in the vicinity of users and facilities.

Service security posture assessment

Assessment of cloud services vulnerabilities based on the existing settings and advised improvements.

Management & automation

Automatic remediation

Automatic remediation and governance actions such as disconnect from network, suspend user, require sign-in, require password change, stop sharing, file quarantine, and block access to corporate networks.

Locations management (e.g. offices)

Geo-locations used in protection rules

Automatic No-go areas management

The capability to define areas that the user will not be able to get services (e.g. foreign countries) to reduce attack surface

Manage security awareness

Drive compliant behaviour by advising which networks could be used safely and are compliant with organizational policies, as well as enabling different levels of enforcement actions - such as disconnect from service once, disconnect permanently etc.

Still have a question that needs to be answered? Talk to us.

I have a question

The Pricing

Pricing made simple

Flat rate per user. No hidden costs. No cost per service. No cost per device. No cost per OS. All included. Simple, isn’t it?

Supports any type of device

$8

User/Month

Billed annually

Pay less as you grow.

Fully hosted and delivered as a service with maintenance, upgrades, and security managed by Coronet.

Supports any OS