November 11, 2015 09:00 ET

Dome9 Launches Virtual Private Cloud Flow Log Visualization for Amazon Web Services

Ground Breaking Technology Enhances Natural Amazon Web Services Security Effectiveness for Threat Detection and Network Monitoring Use Cases

MENLO PARK, CA--(Marketwired - Nov 11, 2015) - Dome9, the leader in AWS enterprise security and compliance, announced the launch of their latest feature "VPC Flow Log Visualization by Dome9." First of its kind technology enables Amazon Web Services (AWS) users to tap into powerful Virtual Private Cloud (VPC) network log data and act on powerful security and operational insights.

VPC service hugely popular. A recent survey conducted with Amazon Web Services showed that more than 80% actively utilize VPCs in their environment. AWS recently launched VPC Flow Logs for users to log network traffic for a particular VPC, VPC subnet, or Elastic Network Interface (ENI) in order to monitor network traffic in a large scale virtual cloud network, and to potentially discover network irregularities, data leakage and misconfigured networked resources.

Dome9 dramatically enhances AWS's VPC Flow Log value by aggregating flow log data, visualizing potential security risks, verifying security policies, and actively remediating threats. The feature, currently available only by Dome9, provides powerful security and operational insights along the cyber kill chain, including:

  • Network misconfiguration. Your databases aren't syncing, where do you start? Dome9 shows you misconfigurations disrupting DB to DB traffic flows, such as security group misconfiguration blocking sync traffic.
  • Network reconnaissance and attack lateral movement. You start seeing unexpected inbound traffic, such as a load balancer or a web server generating unfamiliar traffic inside your VPC and probing your application and database tiers Dome9 reveals comprised perimeter instances used for lateral movement and reconnaissance and as a launchpad to attack other network and data assets in your network.
  • Data leakage and exfiltration. You start seeing unusual egress traffic, such as an outbound connection from a database instance holding credit card data to an unrecognized external or internal IP address. Dome9 helps you to identify this unexpected traffic in order to eliminate data leakage and exfiltration from your cloud resources and could generate the dynamic configuration to prevent exporting business critical data to an external unauthorized source.

"VPC Flow Logs is an incredible technological feat coming from AWS. Combining flow log data with network topology and visualization allows AWS customer using Dome9 to enhance their threat detection and incident response capabilities in the cloud," says Zohar Alon, CEO & Co-founder of Dome9. "We simply make sense of this big data by presenting and prioritizing security insights and threats that users need to focus on."

"Secure VPC deployments are a critical part of our business serving financial institutions around the world using our trading platform," says Avi Zloof, Director Of Innovation And Product at TradAir. "The visualization capabilities that Dome9 provides and the way they make sense of VPC Flow Logs helps us to make optimal operational and security decisions."

About Dome9 Security:  Dome9 Security protects cloud infrastructure. Leveraging cloud-native technologies, Dome9 visualizes security risks, enforces security policies, and remediates threats to ensure continuous secure application delivery in the cloud. Dome9 self-managed cloud service is trusted by hundreds of enterprise customers to protect clouds over Amazon Web Services (AWS), Windows Azure, IBM/Softlayer and many others.

Contact Information