Until now, organisations lacked visibility into their cloud environments and had little to no understanding how secure existing cloud resources and applications were. A tradeoff was being made: either circumvent security controls and take on risk or rely on manual security reviews and compliance audits and sacrifice business agility. As a result, organisations are seeking solutions that combine the benefits of security policy controls with the automated approach of DevOps.
“Lack of visibility into cloud environments is one of the most pressing security challenges that organisations face,” said Jon Oltsik, senior principal analyst at ESG. “Security and cloud operations teams require cloud-native solutions that provide visibility and restore control without reducing business agility. Security policy automation extended to cloud platforms is the answer to that call.”
Tufin Iris offers organisations using public cloud environments increased visibility into potential connectivity risks of their cloud-based applications – automatically and at scale. At the same time, the solution will provide development teams the tools necessary to validate compliance with security policy before cloud applications are deployed.
“Organisations must have a solution that meets the unique security needs of cloud applications, without sacrificing the agility benefits of the cloud,” said Shay Dayan, CTO of Cloud Products at Tufin. “Tufin Iris provides the solution necessary to easily define security policies to protect cloud-native applications and resources, and the automation support DevOps needs to identify risks early in the development process. The result is two teams working together seamlessly while ensuring agility, security, and compliance.”