Technische Spezifikationen von Cloud Optix
Cloud Optix bietet die kontinuierliche Analyse und Transparenz, die Unternehmen zum Erkennen, Beseitigen und Vorbeugen von Sicherheits- und Compliance-Lücken benötigen. So erhalten Sie eine zentrale Ansicht des Sicherheitsstatus für AWS-, Azure-, Google-Cloud-, Kubernetes- und Infrastructure-as-Code-Umgebungen.
Cloud-Workload-Schutz mit CSPM erweitern
Sophos Intercept X Advanced for Server schützt in der Cloud ausgeführte Server-Instanzen vor neuesten Bedrohungen. Durch das Einbinden von Cloud Optix Standard erhalten Unternehmen dazu lückenlose Transparenz über diese Instanzen, Container, serverlose Funktionen u.v.m. So können sie Schwachstellen identifizieren und dadurch ihren Sicherheitstatus optimieren.
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| Cloud Environments | ||
| Amazon Web Services, Microsoft Azure, Google Cloud Platform, Kubernetes, IaC, Docker Hub | Eine Umgebung pro Anbieter (AWS, Azure, GCP, Kubernetes, IaC, Docker Hub) | Unbegrenzt |
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| Security Best Practice Scanning | ||
| Configurable Security Scans | Bei Bedarf | Configurable and On-demand |
| Security Best Practice Policy Assessments (Custom, CIS Benchmarks, ISO 27001, Sophos Best Practices, EBU R 143, FEDRAMP) |
CIS Benchmarks |
|
| Automatic Remediation (Guardrails) |
|
|
| Anomaly Detection – Network Traffic |
|
|
| Anomaly Detection – User Login Behavior |
|
|
| Anomaly Detection – Timeline of high-risk user role behavior |
|
|
| High-risk Events Detection (AI-based security overlay for Activity Logs) |
|
|
| Credential Compromise Detection |
|
|
| Intercept X Advanced for Server Integration: Agent discovery |
|
|
| Intercept X Advanced for Server Integration: Automatic agent removal from Sophos Central Admin |
|
|
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| Compliance Best Practice Scanning | ||
| Configurable Compliance Scans |
|
|
| Compliance Best Practice Policy Assessment (Custom, FIEC, GDPR, HIPAA, PCI DSS, SOC2) |
|
|
| Alert Suppression (Hide alerts via a simple checkbox) |
|
|
| Compliance Exception Handling (Suppressed alerts apply to future scans) |
|
|
| Integration with Communication and Workflow Systems (e.g. JIRA, ServiceNow, and Splunk) |
|
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| Monitoring | ||
| Inventory – Hosts, Containers, Network, Storage |
|
|
| Inventory – IAM Users, Activity Logs, Serverless Functions |
|
|
| Container Image Scanning (Amazon Elastic Container Registries (ECR), Microsoft Azure Container Registries (ACR), Docker Hub registries, GitHub and Bitbucket IaC environments, and via API) |
|
|
| Network Topology Visualization with AI-based Database Identification |
|
|
| Over-privileged User Detection |
|
|
| IAM Visualization (Relationships between IAM Roles, IAM users, and services) |
|
|
| Spend Monitoring, Alerts, and Optimization Recommendations |
|
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| DevSecOps | ||
| Infrastructure-as-Code (IaC) Template Scan for Insecure Configuration |
|
|
| Infrastructure-as-Code (IaC) Template Scan for Embedded Secrets and Keys |
|
|
| Source Code Management Integration for CI/CD (e.g. GitHub, BitBucket) |
|
|
| Cloud Optix IAC REST API (Scan IAC templates regardless of what code repository is used) |
|
|
| Container Image Scanning (Amazon Elastic Container Registries (ECR), Microsoft Azure Container Registries (ACR), Docker Hub registries, GitHub and Bitbucket IaC environments, and via API) |
|
| Cloud Optix Standard | Cloud Optix Advanced | |
|---|---|---|
| Integrations | ||
| Sophos XDR integration - extend data sources with AWS, Google Cloud Platform and Microsoft Azure cloud environment data sources. (Requires Cloud Optix Advanced and Intercept X Advanced for Server) |
|
|
| Cloud Providers (New Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS CloudTrail, New Amazon Inspector, Amazon Macie, AWS Systems Manager and Patch Manager, AWS Firewall Manager, AWS IAM Access Analyzer, AWS Trusted Advisor, Amazon Detective, Azure Sentinel and Azure Advisor) |
|
|
| Splunk SIEM (Receive instant notifications of security events) |
|
|
| Azure Sentinel (Receive instant notifications of security events) |
|
|
| Pager Duty (Receive instant notifications of security events) |
|
|
| Slack (Raise instant alerts to a chosen Slack channel) |
|
|
| Microsoft Teams (Raise instant alerts to a chosen team) |
|
|
| Amazon SNS (Raise instant alerts to a chosen SNS topic) |
|
|
| JIRA (Create tickets from inside the Cloud Optix console for alerts) |
|
|
| ServiceNow (Create tickets from inside the Cloud Optix console for alerts) |
|
|
| GitHub (Scan Infrastructure-as-Code templates in GitHub repositories) |
|
|
| BitBucket (Scan Infrastructure-as-Code templates in Bitbucket repositories) |
|
|
| Jenkins (Raise IAC scan results via API directly in the Jenkins build pipeline) |
|
