Technical Blogs

The Hows of Enhancing Cyber Threat Detection and Response Capability

root

By Sunil Sharma, Director Cyber Defense

5 min to read
The Hows of Enhancing Cyber Threat Detection and Response Capability

As the world becomes more and more virtual, remote working gains acceptance across the industry, and cloud app adoption rises, organizations face a fundamental challenge to secure users, applications, and data everywhere. If you’re reading this article, there is a high possibility you may already have heard vendors and tech companies promoting a security trend called SASE — Secure Access Service Edge. The security world is constantly innovating new technologies and frameworks to defend against sophisticated cyber threats. As such, just as we were becoming more familiar with SASE, Gartner recently introduced a new market category: Security Service Edge (SSE).

Gartner first introduced the SSE category in the “2021 Roadmap for SASE Convergence” report in March of 2021 and later developed several Hype Cycle reports issued in the summer. SSE is the half of Secure Access Service Edge (SASE) focusing on the convergence of security services; networking convergence forms the other half of SASE. Let us try to understand what SSE brings to the table.

A picture containing timeline

Description automatically generated

 

SSE = SASE – Access (WAN Edge)

The concept of redefining perimeter defenses in the cloud and unifying them is known as Security Service Edge. SSE secures access to the web, cloud services, and private applications. Capabilities include access control, threat protection, data security, security monitoring, and acceptable use control, all enforced by the network- and API-based integration.

As the market tried to adopt the SASE framework over the past 2 years, almost every vendor has struggled to provide best-in-class Security and Networking technologies, delivered as one product. A lot of customers also find it difficult to converge requirements between networking and security teams. With SSE and Wan Edge differentiation, it will become a lot easier for product vendors to focus on their core strengths and will also help customers to create their effective SSE adoption roadmap. There are a few core components for SSE strategy to be successful:

  • Protection for web, SaaS, and private apps

As a subset of SASE, SSE should provide comprehensive security to all the user traffic. Thus, SSE should essentially offer Secure Web Gateway, Cloud Access Security Broker (CASB) – Inline and API, Zero Trust Network Access (ZTNA), Cloud Data leak prevention (DLP), Firewall as a Service, Cloud Security Posture Management (CSPM) and Remote Browser Isolation solution.

  • Protection for users and data anywhere

In addition to securing traffic from on-prem data centers, the service must protect users working remotely, using official or personal devices, using sanctioned or unsanctioned apps, using public or private apps while securing data at rest and in transit.

  • Unified Security Services Edge, not a combination of multiple products

Security is a fast-innovating industry with attackers always looking for new ways to penetrate the defenses. Security product companies, more often tend to acquire the latest technologies but fail to integrate them in the legacy stack fully. Segregated product offerings, bundled together, mean different processing locations, enforcement points, and threat buckets, resulting in poor user experience. With SSE, the offering should be fully integrated and delivered with one agent, one console concept.

  • No impact on network speed

It might sound simple; however, this is the toughest goal to achieve. Security should become the business enabler and thus shouldn’t degrade the user experience. The only way to achieve this is to stay as close to applications as possible and have the fastest route to reach the SSE cloud. This is usually achieved by setting up infrastructure with local ISPs and peering with application providers for fast delivery.

As a thought leader in cybersecurity, Help AG has already created the first-ever, locally hosted SSE service offering – Cyber Edge X. The service is powered by a multi-vendor ecosystem, designed to serve varied customer requirements. As it is hosted within Etisalat data centers, it promises to deliver the fastest reachability to the SSE platforms with best-in-class managed service options available.

Want to know more? Please reach out to marketing@helpag.com

Share this article

title
Upcoming event

Black Hat MEA 2024

Join us at Black Hat 2024 as we take a deep dive i...

  • KSA
  • Riyadh