What's in Cloud Security? Illumio Looks to Evolve It


By: Andrew Braunberg

We talk a lot about cloud security and much of that discussion has been focused on the secure access service edge (SASE) market. One interesting aspect of the SASE segment is how quickly it is subsuming the cloud access security brokers (CASB) segment. CASB has been one of the fastest-growing markets in the security industry the last couple of years. That growth, and the growth more generally in SASE, has been accelerated by the huge uptick in organizations moving to remote work and hybrid work policies.

Today workers can be anywhere but so too can workloads. For a variety of reasons, technical, economic, and strategic (e.g., M&A activity) workloads can be sitting in legacy data centers, spread across public cloud infrastructure, or in a private cloud environment. In response, most security teams have adopted a relentless focus on zero trust philosophies, which include enforcing least-privilege access to these disparate resources in an attempt to block unauthorized lateral movement across networks. The goal is to create unified security policy across these legacy and hybrid cloud environments.

Cloud Security Segments Evolve

Two additional segments of the cloud security market are also worth watching: cloud security posture management (CSPM) and cloud workflow protection platforms (CWPP).

CSPM tools support misconfiguration management and remediation in multicloud environments. They also support continuous detection of malicious and unauthorized access and user behavior. CSPM can automate remediation of misconfigurations and support logging, reporting, and compliance management. These tools can help enable development, security, and operations (DevSecOps) integration. It would not be surprising to see CSPM functionality find its way into SASE suites.

CWPP is currently more of a standalone segment, in the sense that it is not necessarily destined to roll up into a suite such as SASE. CWPP solutions bridge the security gap between legacy systems and cloud. They can provide discovery and management of workloads regardless of where they are deployed, which makes them particularly useful for security teams. Components can include malware protection, vulnerability management, and app security.

Illumio Pivots to CloudSecure

Illumio has played in this space for several years with its Illumio Core product, which it describes as a workload security solution. Illumio also fields an endpoint protection product called Illumio Edge, which provides zero trust features through restrictions on lateral movement from the endpoint in the event of compromise.

This week, Illumio released Illumio CloudSecure, which provides zero trust segmentation of cloud-native apps in multi- and hybrid cloud environments. The solution adds an agentless visibility capability to its security suite and enables real-time visibility into app traffic, security policy, usage, and risk exposure. CloudSecure can create and orchestrate cloud workload security policies. Support for AWS Security Groups is currently supported with support for Microsoft Azure and Google Cloud Platform scheduled next year. The agentless approach is a key development for Illumio.

The goal is to eliminate blind spots across multi-cloud environments and to provide proactive policy suggestions for eliminating risks, misconfigurations, and vulnerabilities associated with heterogeneous cloud deployments. CloudSecure is a complementary addition to Illumio’s cloud security portfolio. Illumio supports strong segmentation capabilities to enable zero trust-based security policy suggestions.