Symantec Brings Workload Assurance Security to the Cloud

Symantec is expanding its cloud security portfolio with new cloud workload assurance capabilities, enhanced cloud workload security features and a new Managed Cloud Defense service.


Symantec announced a series of new and improved products and services on Oct. 9, all designed to help advance the state of security in the cloud.

Among the new offerings announced by Symantec is Cloud Workload Assurance (CWA), a product that helps harden secure configurations in the cloud. Symantec's Cloud Workload Protection (CWP) for Storage, meanwhile, is being enhanced with data loss prevention (DLP) capabilities, while the CloudSOC CASB is being expanded with new customization and API features. Symantec is also launching a Managed Cloud Defense service to help organizations secure their cloud deployments.

"Symantec cloud security solutions can be consumed by customers in multiple ways depending on deployment plans," Eric Andrews, vice president of cloud security at Symantec, told eWEEK."Our cloud solutions are engineered to integrate with other Symantec products that extend existing services or as stand-alone products."

CWA will protect Symantec’s customers from cloud resource misconfigurations in Amazon Web Services (AWS) and Microsoft Azure, according to Andrews.

"CWA is a cloud security posture management solution that provides visibility and control of the cloud infrastructure management plane to eliminate security vulnerabilities and ensure compliance with industry regulations and best practices such as CIS Foundations Benchmarks," he said. "It automatically discovers cloud resources and instances, continuously monitors and remediates configuration errors, and provides compliance assurance and reporting—reducing security risks and eliminating manual auditing for security and DevOps."

Cloud Workload Protection 

Symantec, meanwhile, has enhanced CWP with new capabilities. In addition to discovering and scanning Amazon S3 cloud storage buckets for malware, CWP users can now also apply DLP policy to information stored in Amazon S3 buckets, Andrews said.

With CWP's new DLP capabilities, organizations can benefit from automatic classification of sensitive information and compliance with regulations such as the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA) and the European Union’s General Data Protection Regulation (GDPR), he said. 


Symantec's CloudSOC (Security Operations Center) CASB (Cloud Access Security Broker) is also being enhanced as part of the cloud security update. To date, CloudSOC CASB has protected cloud apps through both APIs and Symantec's gateway, Andrews said. 

"While several cloud apps have well-defined APIs, others do not," he said. "Our new custom gatelet feature allows us to provide deep controls for virtually any cloud app, including apps the customers develop themselves."

Managed Cloud Defense

The cyber-security skills gap is one that has been documented in multiple reports in recent years as a challenge for organizations of all sizes to find enough IT professionals to handle cyber-security tasks. In an effort to help organizations with that challenge, Symantec is launching a Managed Cloud Defense service that provides 24/7 guidance and prioritization on critical incidents occurring in the cloud.

The Managed Cloud Defense service provides cloud-native monitoring services across the public cloud, including AWS and Azure, as well as popular software-as-a-service (SaaS) applications such as Office 365. With the service, Andrews said Symantec will monitor all onboarded devices for threats, analyzing the collected security data and correlating it with the Symantec Global Intelligence Network (GIN). The service also provides cloud-trained security professionals for guidance, assistance with remote investigations, containment and threat hunting, to help organizations get ahead of emerging threats.

Looking forward, Andrews said Symantec will continue to expand its cyber-security portfolio for both cloud and on-premises environments.

"Symantec is committed to providing customers with advanced threat and data protection in cloud-only environments as well as hybrid cloud environments," Andrews said. "Symantec will continue to innovate and expand the Integrated Cyber Defense platform to increase customers’ security posture, maintain compliance and reduce complexity of security operations."

 Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.