Top
Home / News
News, Tech

Tracebit security canaries now available for Azure environments

By

Tracebit’s platform provides early threat detection for Azure, AWS, and more, giving security teams the tools to deploy and maintain a canary threat detection infrastructure. Tracebit’s vision is to make security canaries a standard control for all security teams, at all levels. And the Tracebit platform has now been extended to protect Azure environments, in addition to AWS and certain endpoints. The company will be showcasing this new capability in the Start-up City at Black Hat Europe (#SU8).

What is a security canary?

Security canaries are strategically placed, seemingly legitimate resources that should never be accessed during normal operations. These resources, such as AWS S3 buckets, Azure Key Vaults, or AWS IAM roles, act as tripwires for detecting unauthorized access. And because they are actual cloud resources, canaries exhibit the same behaviors as any other resource, making them difficult for attackers to distinguish.

As part of a comprehensive threat detection approach, any attempt to access a canary resource serves as an immediate alert, signaling a potential breach for security teams to investigate. And guarding against threats such as data exfiltration, privilege escalation, and lateral movement.

Accessible to all enterprises, not just the 1%

In the past, canaries have only been a viable option for the top 1% of security teams due to their high cost and complexity. Tracebit now gives any team the tools to quickly deploy canaries relevant to their own systems, and easily maintain their coverage, using a “Connect-Recommend-Deploy-Evolve” framework.

The Tracebit platform provides:

Genuinely high signal to noise alerts that are clearly actionable

A seamless deployment as well as minimal long-term maintenance, with a robust security model

Canary support across a broad range of platforms, enabling detections as an early warning, as well as an indicator of crown jewel compromise.

Deploying security canaries across the enterprise

According to Andy Smith, CEO of Tracebit, adding Azure to the platform is a significant step towards providing comprehensive protection to companies at all levels.

“We knew from Day 1 that Azure (and next, GCP) canaries would follow what we built in AWS. What’s been exciting for us as we dig deeper into Azure, is how fragmented the monitoring story can be in these environments, meaning there’s even more value for this approach in this ecosystem.”

A Tracebit deployment brings the following protections to an Azure estate:

Increased visibility – monitoring diagnostic settings logs, a sometimes undermonitored component of an Azure estate; delivering high signal-to-noise detections on these logs without time-intensive detection engineering.

Threat Detection:

Data Exfiltration – Azure Storage Account canaries to detect events that may indicate data exfiltration or unauthorized data access.

Privilege Escalation – Azure Key Vault canaries to detect attempts to access secrets, that may be used to elevate privileges or leverage secrets for other attacks.

Lateral Movement – Azure Managed Identities, that may be used in attempts to move laterally within an Azure tenancy.

Canaries in the wild

Current Tracebit customers include Docker, Riot Games, and Synthesia, with Docker being among the first to deploy Tracebit in an Azure environment.

As the Senior Security and Compliance Engineer at Docker said:
“The Tracebit Platform made setting up Azure canaries incredibly smooth. The deployment via Terraform was seamless, adding additional subscriptions is straightforward too. The outcome has been fantastic – we’ve levelled up our detections in Azure with minimal effort and no false positives.”

About Tracebit

Tracebit is the first threat deception platform to operationalise and scale entirely in the cloud. Its easy-to-install, cloud-native APIs generate tailored canaries across enterprise cloud networks to lure in threats and detect them early, reducing the mean time to detection from months to minutes. For more information, visit www.tracebit.com.

Tags: , ,
0

RELATED POSTS

News, Tech

With a remarkable 500% growth in crowdfunding for its B2B projects in just one quarter, the Belgian-French startup is now opening its capital to the general public, aiming to raise several million euros through its proprietary fundraising platform. The enthusiastic response

News, Tech

Skippio, an Irish tech start-up which has developed an innovative platform to enhance the fan experience at large-scale venues and events, announced that it has secured €540,000 in seed funding. The investment round, led by private investors with the support of

News, Tech

Rent2Cash, the first start-up that advances up to three years' rent to property owners, has arrived on the market. Rent2Cash combines prop-tech and fintech in a 'rental advance' service, converting real estate properties into immediately available financial liquidity. The start-up is

4i magazine was founded with the vision of enabling our readers to make sense of the modern world. Our mission is to provide our audience with the most important, cutting-edge tech news and insights. Today's media landscape features too much information and not enough knowledge. Our coverage aims to fix that, by focusing the spotlight on developing trends, up-and-coming talents, and news that's worth your attention.

info@4imag.com
jobs@4imag.com

© Copyright 4i Mag 2022 All Rights Reserved