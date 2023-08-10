Americas

  • United States

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

HomeCloud SecurityNew runtime security tool scans ongoing attacks in cloud workloads
Shweta Sharma
by Shweta Sharma
Senior Writer

New runtime security tool scans ongoing attacks in cloud workloads

News
Aug 10, 20233 mins
Cloud SecuritySecurity Software

Sweet is a runtime security software that uses eBPF technology to scan and respond to runtime anomalies in cloud environments.

1
Credit: 1

Cloud cybersecurity provider Sweet Security has launched a new runtime security platform, dubbed Sweet, to enable security teams to detect and respond to cloud-based attacks in runtime.

The platform deploys sensors in the runtime environment to provide CISOs and security teams with cloud-native cluster visibility.

"Like legacy detection and responses solutions, we have sensors deployed in the target environment," said Eyal Fisher, chief product officer at Sweet Security. "But our sensor is built specifically for cloud workloads, native apps running on clouds. The sensors send us telemetry from the runtime environments and help us identify behavior deviation."

Sweet runs a SaaS model and will be offered as a tiered subscription, with the price depending on the number of features a customer opts for.

Sweet deploys runtime sensors

Sweet deploys runtime sensors that screen application data and business logic, and process them through an in-house framework to profile workload behavior anomalies and contextualize them with traditional tactics, techniques, and procedures (TTPs).

"Our runtime sensors bring back to us the telemetry from the target environment including workloads, logs, and APIs, and help us build a baseline behavior for the applications running on the cloud," Fisher said. "So now, when there is a deviation, we know that might be an attack and conduct further investigation."

Sweet will be delivered as a modular platform with a different suite of features or capabilities available at each licensed tier. With the announcement, the company also revealed $12 million in seed funding from a clutch of investment funds and angel investors.

Sensors use eBPF technology

Sweet's runtime sensors use the extended Berkley Packet Filter (eBPF) technology, which lets programs run on Linux-based system kernels without needing to add additional modules or modify the kernel source code.

"The technology used in our sensors is eBPF technology which enables us to have visibility to the kernel level of each node of each computer, without the need to be installed on the host," said Fisher. "So, the sensor is super light, super lean, consumes very few resources from one hand, but due to the eBPF technology, we have insights down to granular levels."

The eBPF technology can be thought of as deploying a lightweight, sandboxed virtual machine (VM) within the Linux kernel. It is popularly considered for delivering third-party services including observability, security, and networking.

Shweta Sharma
by Shweta Sharma
Senior Writer

Shweta Sharma is a senior journalist covering enterprise information security and digital ledger technologies for IDG’s CSO Online, Computerworld, and other enterprise sites.

More from this author

Most popular authors

Show me more

news

New runtime security tool scans ongoing attacks in cloud workloads

By Shweta Sharma
Aug 10, 20233 mins
Cloud SecuritySecurity Software
Image
news analysis

IBM launches open-source detection and response framework for MFT attacks

By Lucian Constantin
Aug 09, 20235 mins
CyberattacksNetwork SecurityVulnerabilities
Image
news

Police Service of Northern Ireland suffers major data breach

By Michael Hill
Aug 09, 20233 mins
Data BreachGovernment
Image
podcast

CSO Executive Sessions / ASEAN: Frankie Shuai on generative AI in cybersecurity

Aug 09, 202313 mins
CSO and CISO
Image
podcast

CSO Executive Sessions Australia with Raheem SAR, APAC Region Manager - Information Security & Compliance at The Access Group

Aug 07, 202319 mins
CSO and CISO
Image
podcast

CSO Executive Sessions Australia with Murray Wayper, CISO at Biza

Aug 03, 202312 mins
CSO and CISO
Image
video

CSO Executive Sessions / ASEAN: Frankie Shuai on generative AI in cybersecurity

Aug 09, 202313 mins
CSO and CISO
Image
video

CSO Executive Sessions Australia with Raheem SAR, APAC Region Manager - Information Security & Compliance at The Access Group

Aug 07, 202319 mins
CSO and CISO
Image
video

CSO Executive Sessions Australia with Murray Wayper, CISO at Biza

Aug 03, 202312 mins
CSO and CISO
Image