Category: laminar

Recently, we sat down with Andy Smith, Chief Marketing Officer at Laminar, a leading agile data security platform provider, for an in-depth discussion on the current landscape of data security in the cloud and how Laminar is forging new paths in this increasingly complex domain.

Smith’s valuable insights, combined with Laminar’s recent announcement of new capabilities to its Data Security Platform, provide a comprehensive perspective on how companies can effectively navigate their cloud data security journey.

The Evolving Cybersecurity Challenge

Smith outlined the pressing challenges that companies face today: “Cyber threats are continuously evolving. The static data security methods that were previously considered effective are no longer sufficient in this dynamic environment.” In his view, the growing divergence between the innovation in cloud operations and lagging data security measures have become increasingly concerning. This “security execution gap”, as he called it, results in a risk environment where traditional security measures often fall short, as the volume of cloud data grows so does the risk to the business. What’s needed is to decouple data growth from data risk, Smith explained.

The rapid growth of cloud operations has introduced a variety of complex threats to data security. Here are some specific examples that illustrate the pressing need for robust and agile data security measures:

  • Shadow Data: As developers and data scientists innovate with data it proliferates in the cloud like never before. Data stores are created, copied and shared in just a few clicks and all without the knowledge or oversight of security or IT. The result is “shadow data” that is often under-protected and not monitored.
  • Unauthorized Access: As more data is stored in the cloud, the risk of unauthorized access increases. This can occur through weak credentials, phishing attacks, or a lack of multi-factor authentication. Without proper security measures, unauthorized individuals could gain access to sensitive information.
  • Misconfigured Cloud Storage: Improper configuration of cloud storage buckets can lead to unintended public access to sensitive data. This commonly happens due to the complexity of cloud settings and a lack of understanding about default configurations.
  • Compromised API Keys: APIs are commonly used in cloud services to integrate with other applications. However, if API keys are not properly secured, they can become a potential point of entry for cybercriminals.
  • Shadow IT: This refers to cloud services or SaaS applications used by employees without the knowledge or approval of IT departments. Shadow IT can lead to significant data leaks since these applications may not adhere to the company’s security policies.
  • Insider Threats: Whether unintentional or malicious, insiders pose a significant threat to cloud data. This could be a disgruntled employee, or simply someone who accidentally shares sensitive information.
  • Advanced Persistent Threats (APTs): These are sophisticated, stealthy threats where an unauthorized user gains access to a network and stays undetected for a long period. These attackers typically have a specific target, exfiltrate data slowly to remain under the radar, and can cause significant damage.

These examples show that cloud operations and security tools must evolve hand-in-hand to effectively protect against the dynamic nature of cloud data threats.

Introducing Laminar’s Comprehensive Data Security Solution

Laminar made a strategic move to bridge this gap by introducing two new features to its comprehensive Data Security Platform: Data Access Governance (DAG) and Data Detection and Response (DDR). With these additions, the Laminar Data Security Platform can now deliver complete identify, protect, detect, and respond capabilities for multi-cloud and SaaS data security.

Smith elaborated, “The new features help to reduce exposure and damage from data leaks by controlling user and machine access to sensitive data, ensuring the principle of least privilege is upheld. In addition, we’ve introduced a refined alert system that notifies security teams when data breaches and other anomalies occur. This allows data security professionals to quickly contain any active threats, thereby minimizing the potential damage to businesses.”

The platform integrates five critical data security functions: data discovery and classification, data security posture management (DSPM), data access governance (DAG), data detection and response (DDR), and privacy & compliance. This combination of capabilities sets Laminar apart as the only data security provider to offer such a comprehensive approach.

Advantages of the Laminar Solution

The advantages of Laminar’s solution are manifold. With DAG, companies can minimize the blast radius from data leaks by controlling access to sensitive data. DDR alerts on data breaches, and other anomalies in real-time, help to quickly contain threats and minimize potential damage.

Existing capabilities such as data landscape intelligence (derived from discovery and classification), DSPM, and privacy & compliance also contribute to a robust and comprehensive security system. By providing a holistic view of asset and data inventory and enforcing policies, the platform allows organizations to focus on the most critical aspects of their security posture.

As Smith pointedly noted, “The agile data security provided by Laminar starts with cloud-native data discovery and classification. We detect all known, and more importantly, unknown or ‘shadow’ data, helping organizations understand what data resides where, how sensitive the data is, and who or what has access to it.”

Key Best Practices for Achieving Agile Data Security in the Cloud

Smith’s advice to companies centers around being proactive and adopting a security-in-depth approach. He emphasized, “Security is not a one-off task. It’s an ongoing process that requires organizations to stay ahead of threats. This requires agility, and solutions like ours that provide a holistic approach to data security.”

Given the evolving and complex nature of the data landscape, companies need to adopt proactive, scalable, and comprehensive strategies. Let’s dive into some of the crucial best practices for ensuring data security in the cloud:

  • Embrace a Holistic View of Data Security: The key to data security lies in understanding the full extent of your data landscape. This involves maintaining an inventory of all your data assets, including known and unknown (or “shadow”) data, and understanding where they reside, who or what has access to them, and their sensitivity level.
  • Implement Agile Data Security Measures: Companies need to adopt agile data security solutions that automatically scale with business needs, thus ensuring that innovation is not hampered while maintaining robust security protocols.
  • Enforce Least Privilege Access: Control user and machine access to sensitive data by ensuring least privilege. This reduces exposure and minimizes the damage from potential data leaks.
  • Utilize Data Security Posture Management (DSPM): DSPM allows companies to enforce policies and safeguard sensitive data with risk-based prioritization, enabling a focus on what matters most.
  • Deploy Data Access Governance (DAG) and Data Detection & Response (DDR): These features help control access to sensitive data and enable quick detection and response to breaches and anomalies.
  • Ensure Privacy & Compliance: Align your data security practices with relevant regulations and standards. This helps streamline audits, avoid fines, and reduce audit costs.
  • Leverage Machine Learning and AI: Use advanced technologies to identify, protect, detect, and respond to threats. AI and machine learning can streamline and sharpen data classification and anomaly detection, making your data security more efficient and proactive.
  • Promote Continuous Learning and Improvement: Data security is not a one-time project, but an ongoing process. Invest in automation and regularly review and update your data security protocols to adapt to changing threats and business needs.

By adhering to these best practices, organizations can position themselves to better manage the growing complexity of cloud data security and to proactively address potential risks.

As for Laminar’s future plans, Smith indicated that the company intends to continue pushing the boundaries of data security. “Our focus is on creating the most agile and adaptive data security platform that not only meets, but anticipates, the needs of our clients. With our new DAG and DDR features, we believe we’ve set a new standard in the industry. However, we’re not stopping there.”

In closing, the complex landscape of digital threats requires robust, versatile, and agile responses. The principles we’ve discussed, along with the capabilities of comprehensive platforms like those of Laminar, provide a solid foundation for safeguarding cloud data. The challenge is to stay vigilant, keep learning, and adopt the right tools and strategies.

The post The Future of Cloud-Native Data Security: A Look at Laminar’s New Capabilities appeared first on Cybersecurity Insiders.

Amit Shaked, CEO and co-founder, Laminar

One of the best pieces of business advice for any entrepreneur is this: “Look for a problem to solve. Not a product to sell.”

My co-founder Oran Avraham and I met at university at the age of 14 and after becoming best friends, we vowed to one day launch a security company together. Obviously, cybersecurity is a large industry so narrowing down our focus became key to being successful in all of the noise of the market.

In order to pinpoint our direction, we first asked ourselves: what is holding back valuable data innovations? What is the biggest problem in the data security space today?

The answer became clear fairly quickly: data breaches. We immediately knew that if we could create a solution that would disrupt data breach culture it would make a major impact on CISOs and data protection teams – and ultimately companies’ success overall.

Diving into Data Breach Culture

There are a lot of products on the market that claim to prevent data breaches, so Oran and I knew we had to dig a little bit deeper. We began to ask ourselves questions like, “How do data breaches occur today?” We compiled a list of dozens of recent, major breaches such as Marriott’s initial breach in 2018, Facebook’s breach in 2019, and LinkedIn’s data scraping incident back in mid-2021. A pattern emerged — nearly all originated from public cloud infrastructure.

This made a lot of sense. Experts estimate that by 2025, 200+ zettabytes of data will be in cloud storage. To put this into perspective, it’s important to understand how much a zettabyte actually is. A zettabyte is one billion terabytes and a terabyte is 1,000 gigabytes. A standard movie is only one to two gigabytes to download. All of this data is just as valuable to cyber adversaries as it is to businesses. As a result, hackers will do anything they can to get their hands on it.

The cloud has paved the way for data democratization, which in itself is a benefit to all organizations and consumers. Allowing greater access to data for those who need it, creates more opportunities and ultimately is more effective. However, the cloud has also allowed data to be spread around to various places data security professionals may not even be tracking. Known as “shadow data” this unknown data is not copied, backed up, or housed in a data store that is governed, under the same security structure, or kept up-to-date – which makes it easier for hackers to get their hands on it.

Solving the Problem, Not Just Selling a Product

Now that we had an understanding of the issue at hand, we then began to form the genesis of what would become Laminar.

First, we set ourselves on a path to being cloud-native. By “we,” I mean the company and its overall culture, not only the solution we would provide. We knew if we wanted to solve problems that are cloud-native, we must be cloud-native ourselves.

Next, we looked at how cloud infrastructure was run and modeled our internal team after it. We knew that the cloud was the driving force that was powering today’s businesses and that we simply could not slow it down or disrupt it. We began looking for individuals who had the experience and knowledge to move at the speed of the cloud and the heart to solve the data breach issue at hand. The team is now made up of Capture the Flag (CTF) players, kernel hackers, vulnerability researchers, and engineers who all believe that anything is possible.

Once our product was built, we turned to the very group of people we were trying to help: CISOs and data security professionals. Through Insight IGNITE, we were able to get product validation from hundreds of CISOs which confirmed that we were truly solving a problem and not just selling a product.

Finally, we took a no-nonsense approach. We both despise FUD – fear, uncertainty, and doubt, usually evoked intentionally in order to put a competitor at a disadvantage. Everything that we do with the company ties back to real-life scenarios and to real, important actions that data security teams could take in order to better protect their employees, partners, and customers.

Conclusion

Although it is cliché, there is weight to the saying, “Be the change that you want to see in the world.”

When an all-consuming problem is left unsolved, there are two options: build your own solution or wait around for someone else to make one for you. Oran and I tried to create an off-the-shelf solution to protect sensitive public cloud data because none existed. By taking the time to dive to ask questions and consult with other experts in our field, we were able to identify a gap in the market and fill in the blanks.

The post Filling in the Blanks: Identifying a Gap in the Crowded Security Market appeared first on Cybersecurity Insiders.

Cutting-edge security research team debuts research on Versioning in Cloud Environments

Laminar, the leader in public cloud data security, today announced the launch of Laminar Labs, the company’s cutting-edge research team designed to help organizations protect their most sensitive cloud data. Led by Laminar CTO and Co-founder Oran Avraham, the team also includes Laminar Chief Scientist Joey Geralnik and Laminar VP of Data Dan Eldad and will be responsible for discovering, analyzing and designing defenses for emerging cloud data security risks. To mark its debut, Laminar Labs has published its first blog post, “Versioning in Cloud Environments: How It Can Cause Shadow Data & How to Mitigate the Risk.”

The Laminar Labs Team

The Laminar Labs team has decades of collective experience in the Israel Defense Forces and a combined 40+ years of cybersecurity industry experience. Team lead Avraham identified the first iPhone 3G baseband vulnerability at just 17 and has since gone on to win the annual Google Capture the Flag (CTF) competition five times in the past six years. Most recently, Avraham and several Laminar Labs team members won the AWS Security Jam contest at AWS re:Inforce earlier this year. This expertise will bring red team experience and insights to blue teams around the world.

Laminar Labs has already scanned many petabytes of data in order to provide meaningful analysis and research to Laminar customers to keep customers’ public cloud data safe. The team will continue to publish data-driven industry research to provide guidance on how security teams can protect their cloud data.

“While the cloud offers organizations a host of benefits, it also has come with significant security challenges. It’s become increasingly important for data security professionals to be armed with data-driven research to protect their most sensitive cloud data assets. This is why we created Laminar Labs,” said Amit Shaked, CEO and co-founder of Laminar. “It is our hope that our experienced research team can connect the dots for security professionals to protect organizations’ most precious assets.”

Laminar Labs’ First Research Findings

Versioning in AWS S3 buckets, Azure Blob containers and Google Cloud buckets can also create unknown or “shadow” data. If that shadow data includes sensitive information, it increases its value in the eyes of attackers.

Laminar Labs’ inaugural research, “Versioning in Cloud Environments: How It Can Cause Shadow Data & How to Mitigate the Risk,” provides valuable insights on what shadow data is and its risk to company networks. It also explores how versioning in AWS S3 buckets, Azure Blob Containers and Google Cloud buckets can add to data exposure risk, and how data security professionals can mitigate the risk.

For more information and to read the research, visit the Laminar blog.

About Laminar

Laminar’s Cloud Data Security Platform protects data for everything you build and run in the cloud across cloud providers (AWS, Azure, and GCP) and cloud data warehouses such as Snowflake. The platform autonomously and continuously discovers and classifies new datastores for complete visibility, prioritizes risk based on sensitivity and data risk posture, secures data by remediating weak controls and actively monitors for egress and access anomalies. Designed for the multi cloud, the architecture takes an API-only approach, without any agents, and without sensitive data ever leaving your environment. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, Tiger Global, Salesforce Ventures, TLV Partners, and SentinelOne (NYSE:S). To learn more please visit www.laminarsecurity.com.

The post Laminar Launches Laminar Labs to Shine Light on Shadow Data, Cloud Security Risks appeared first on Cybersecurity Insiders.