Comprehensive Security in a Single Lightweight Agent
Meets virtually all Gartner cloud workload protection requirements in a single solution where other native cloud security vendors meet only one or two.
- Secures workloads throughout your environment regardless of where they are running; public cloud, private cloud or hybrid infrastructures.
- A single host intrusion prevention system (HIPS) for on-premise workloads, VMs, containers, and multiple public cloud providers.
- Single agent architecture reduces complexity and cloud costs.
- Supports your legacy systems including Solaris, HP-UX and IBM AIX where other vendors don’t.
Automated Intrusion Prevention and Adaptive Security
- Adaptive security based on global real-time threat intelligence across the OSSEC ecosystem.
- Automatically interfaces with every open source software provisioning, configuration management and application deployment tool including Puppet, Chef and Ansible.
- Automated protection of cloud workloads ensures that DevOps can operate at the speed required to deploy new, valuable features.
AtomicWP Workload Protection Features
Advanced File Integrity Monitoring (FIM)
Real-time detection of changes to files and registry entries.
Compliance audits and compliance reports on systems and applications for compliance with PCI DSS, HIPAA, NIST, GDPR, JSIG and other compliance standards.
Automated configuration and continuous monitoring of the kernel, applications, and services to remove, tune, or reconfigure potentially risky functions.
Vulnerability Shielding / WAF Protection
Host-based WAF protection against workload attacks, including botnets, SQL injections, CSRF, remote file injection, and watering holes.
Optimizes the Linux kernel to prevent buffer overruns and code reuse.
Creates imitation vulnerabilities, systems, shares, and cookies to uncover indicators of attack.
Server EDR and Behavioral Monitoring
Log-based intrusion detection (LIDS) and active response integrated with machine learning identifies anomalous system and user behavior including network communications, processes launched, and files opened.
Provides flexible and granular control of workloads, network flows, and processes.
Application Control & Visibility
Provides self-learning, least-priviledged, role-based access controls on applications.
Anti-Virus / Anti-Malware
Real-time scanning and quarantine using CLAM AV or any existing anti-virus or anti-malware software.
Workload Based Machine Learning
Models normal system and user behavior to identify anomalies.
Cloud Based Machine Learning
Leverages community threat intelligence to identify global attack trends and provide real-time notifications that enable systems to automatically protect workloads against attacks they haven’t yet seen.