Group-IB adds CSPM to Unified Risk Platform for cloud

Group-IB has launched a Cloud Security Posture Management product as part of its Unified Risk Platform, adding automated detection of cloud misconfigurations and ongoing compliance monitoring.

The company said the CSPM product identifies configuration issues in cloud environments and provides remediation actions. It also monitors compliance and produces reporting mapped to global regulatory frameworks.

Group-IB positioned the release as part of a broader approach to cloud risk management. The company said it uses its threat intelligence and attack surface data to rank issues based on exposure.

"Cloud transformation shouldn't come with hidden risk or unnecessary complexity. By integrating Cloud Security Posture Management with external attack visibility and real-time threat intelligence, we are giving security teams complete clarity into cloud risk, from code to production," said Dmitry Volkov, CEO of Group-IB.

Group-IB said the CSPM product integrates external attack visibility with its Attack Surface Management and Threat Intelligence tools. The company said it enriches posture findings with exposure insights. It said this approach highlights which issues face active adversaries.

The company also said the integration does not require separate licences for Attack Surface Management or Threat Intelligence. It said this forms part of a single product experience inside the Unified Risk Platform.

Pipeline focus

Group-IB said the CSPM product covers Continuous Integration and Continuous Delivery pipelines. It said the product monitors misconfigurations during development workflows as well as in deployed cloud services. The company said this identifies issues before production release.

Group-IB compared that approach with CSPM products that focus on deployed infrastructure. It said pipeline monitoring often appears in broader cloud security suites.

Unified platform

The company said the CSPM product sits inside its Unified Risk Platform alongside digital asset visibility, adversary tracking and threat intelligence. It said the platform correlates risk insights across different data sources. It said that correlation supports faster decision-making during remediation work.

Group-IB described its Unified Risk Platform as a set of products for analysing cyber threats and responding to digital crime. It listed Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response, Business Email Protection and External Attack Surface Management among its offerings.

Group-IB said it was established in 2003 and is headquartered in Singapore. The company said it operates Digital Crime Resistance Centres in the Americas, Europe, the Middle East and Africa, Central Asia and the Asia-Pacific.

Group-IB also said it works with law enforcement agencies including INTERPOL, Europol and AFRIPOL. It cited recognition from industry advisory firms including Aite-Novarica, Gartner, Forrester, Frost & Sullivan and KuppingerCole.

Volkov also linked the CSPM release to broader protection goals inside the platform.

"Integrating this CSPM capability into our Unified Risk Platform provides our customers with expanded visibility of external threats, ensuring they are better protected against multi-vector attacks" said Volkov.