‘Cloud Security’ as a Service


Qualys secures your devices and web apps, while helping you remain compliant through its cloud-only solution — no hardware or software required. The company analyzes threat information to make sure nothing gets in your system. If some malware already happens to be there, it will give you the steps to fix the problem. Beyond that, Qualys will verify that the issue has been fixed. It scans any and all web apps you use for vulnerabilities as well, keeping your data safe while you head out in the wonderful world of SaaS, IaaS, and PaaS. In the future, Qualys plans to create a cloud-only firewall to even further protect your websites from harm.

White Hat Security

White Hat Security is focused on protecting your website from the ground up, including in the coding process. It provides its Sentinel product suite as a service to help your protect your websites with five different products.

These include a product that gives you current threat information so you can avoid coding vulnerabilities into your website from the get go. Another helps you identify issues in pre-production before the website is ever launched, and its enterprise product helps you test for major logic issues once you’re live. The overall Sentinel line will help your assess your Web apps for holes and will even act as a firewall that virtually patches found problems. White Hat further takes advantage of its research arm in order to provide you with updated information on threats found outside your network.


One of the most important parts about securing your network is simply knowing who is inside of it. Okta focuses purely on identity management — knowing who is where and why. It knows both your employees for people accessing information on the backend, as well as your forward-facing access-ers, which include customers and partners. It will help you manage logins across all of your applications as well, including Google Apps, Salesforce, Workday, Box, SAP, Oracle, Office 365, and more. Furthermore, it can track all of these from any type of device. Features include privilege provisioning from one dashboard, the ability to implement policies across devices, single sign-on options, and more. 


When we talk about attack vectors — holes in the network where bad guys can get in — email pops out as one of the weakest links. Proofpoint focuses specifically on email, with cloud-only services tailored to both enterprises and small to medium sized businesses. Not only does it make sure none of the bad stuff gets in, but it also protects any outgoing data. Proofpoint further promises that while it stores that data to prevent data loss, it does not have the keys to decrypt any of the information. 


Zscaler calls its product the “Direct to Cloud Network,” and like many of these products, boasts that it’s much easier to deploy and can be much more cost efficient than traditional appliance security. The company’s products protect you from advanced persistent threats by monitoring all the traffic that comes in and out of your network as a kind of “checkpost in the cloud.” But you don’t have to filter all that traffic in from one central point. You can monitor specific, local networks as well given the flexibility of the cloud. Zscaler also protects iOS and Android devices within your company, which can then be monitored through its special mobile online dashboard. 


CipherCloud is here to secure all those other “as a service” products you use, such as Salesforce, Chatter, Box, Office 365, Gmail, Amazon Web Services, and more. It promises to protect that prized company data you’re just giving away to these services, as well as your communications, and more. It does this through many of the means we’ve already seen including encryption, traffic monitoring, anti-virus scans, and more. It also provides mobile security support.


DocTrackr is a security layer that sits on top of file sharing services such as Box and Microsoft Sharepoint. It is built on the idea that once you send a document out of your system, it is truly out of your hands: People can save it, change it, send it, and more, and you’ve lost control of it. DocTrackr aims to stop that from happening. It lets you set user privileges for each person you share a document with. It further tracks everyone who opens the file, so you know who’s looking at your stuff — and you can even pull documents back, effectively “unsharing” them, if you want. 


Similar to Okta, Centrify also focuses on identity management across a number of devices and applications. The idea is to put all of your users — employees and customers alike — into one central area to be monitored and controlled through enforced company policies. Centrify will protect anywhere a person signs into your network be it through on-premise software or cloud applications. It also has a product that works specifically Samsung Knox — the smartphone manufacturer’s supposedly extra-protected mobile security software. This product provides devices running Knox with single sign-on options and helps IT departments manage these devices through Centrify. 


Vaultive acts as a “transparency network proxy,” that is, it sits between your network and the Internet without needing any on-premise equipment. From there, Vaultive encrypts any data leaving the network heading to apps such as Microsoft Office 365. In other words, if you want to use cloud-based services but don’t trust the companies operating them, you can encrypt everything — before it gets into their servers — while continuing to use their clouds. The company plans to help people protect more than just Office 365 and Exchange. Soon, it will extend into customer relationship management software, file-sharing applications, communication services, and more.


SilverSky wants to be your one-stop-shop for cloud-based security. It offers email monitoring and protection, network protection, and will help you become HIPAA and PCI compliant — the two compliance measures that regulate how companies dealing with healthcare information and companies accepting online payments must secure their systems. It also taps into a big data store of threat information to keep your systems up to date on the latest malware and attacks heading for businesses like yours. V