CNAPP (cloud native utility safety platform) and XDR (prolonged detection and response ) supplier Uptycs introduced Friday that it has added agentless scanning to its current cloud workload safety platform, which it mentioned will open up a spread of latest use circumstances and appeal to new potential prospects.
The corporate mentioned that its agentless workload scanning system can be absolutely interoperable with its agent-based Uptycs sensors, offering safety metadata in the identical format and letting customers handle each programs from the identical administration console.
The concept is to supply flexibility. Agentless, API-based scanning is far simpler to implement than agent-based methods, and offers the power to take a look at the whole lot of an enterprise’s workloads in moments. Uptycs mentioned its system is especially low-touch, asking solely to drag metadata, not precise info, from the client setting to supply a snapshot of all exercise in a given setting.
But, due to that snapshot-based visibility, agentless safety doesn’t supply the kind of steady protection that agent-based approaches do. Therefore, for significantly crucial workloads, Uptycs mentioned that agent-based sensors could be applicable, backed by agentless “snapshot” protection for the remainder of the setting.
In an official weblog put up accompanying the discharge, the corporate gave the hypothetical instance of an organization that purchases a smaller competitor for a few of its purposes, which run in Google Cloud Platform. As a substitute of conducting a full safety audit on the brand new acquisition’s cloud setting, the acquiror can use agentless scanning to get an instantaneous overview and perceive the actual safety dangers posed.
Agent-based and agentless scanning can work collectively
Lawrence Pingree, a vice chairman and analyst at Gartner Analysis, mentioned that the two-pronged method provided by Uptycs is a pretty one for enterprise prospects. Whereas there’s nonetheless a specific amount of hesitancy about agent-based safety within the cloud, bundling it together with API-based methods gives the perfect of each worlds.
“The 2-fold method actually … permits them to straddle the hybrid setting,” Pingree mentioned. “Meaning they’re capable of combine with quite a lot of these cloud companies and get fast worth, and nonetheless offer you worth on the normal workload or endpoints you’re managing.”
Uptycs additionally incorporates the power to make use of YARA guidelines, that are, in essence, a question language that lets safety groups analyze content material throughout a complete filesystem, and a key device for detecting superior threats. Pingree characterised it as a successor to the idea of malware signatures.
“It’s an trade normal,” he mentioned. “And I’m unsure the place they begin and end on YARA, however it’s undoubtedly helpful for scanning for indicators of malicious recordsdata and artifacts.”
The usual worth for Uptycs’ safety choices is “about $100 per node/asset per yr,” the corporate mentioned, including that an end-of-year sale will present 1,000 managed belongings for $1 for a restricted time. The brand new agentless functionality is on the market now.
Copyright © 2022 IDG Communications, Inc.
