Web infrastructure and website security company Cloudflare has announced new integrations with Microsoft Azure Sentinel, Splunk, Datadog, and Sumo Logic to extend the insights provided by Cloudflare Logs.
The new integrations will help businesses funnel security insights from Cloudflare directly into their preferred analytics platform to analyze them and the context of their entire technology stack. This can be done without having to build custom integrations.
For example, a customer that catches an SQL injection attack is alerted and can block additional traffic from the attacker’s IP address directly in Cloudflare’s web application firewall. With integration to an analytics platform, they could also see all past activity from that IP address across all applications and infrastructure, not just Cloudflare.
“CISOs want their security teams to focus on security, not building clunky and costly integrations just to get insights from all of the different applications and tools in their infrastructure,” Matthew Prince, co-founder and chief executive officer of Cloudflare, noted in a recent news release. “We saw an opportunity to make that process faster, easier, and cheaper, working with other top analytics platforms to bring added value to our customers. Now, we can give security teams the tools they need to have visibility and added security across the entire stack, even the parts beyond Cloudflare.”
The integrations come at a time of a rapidly increasing number of cyberattacks posing significant risks to businesses in Canada and other parts of the world.
An October 2020 survey of over 500 Canadian IT security decision-makers conducted by the Canadian Internet Registration Authority (CIRA) detailed how the cybersecurity landscape has shifted due to the pandemic.
The survey found one-quarter of Canadian organizations were targeted with a COVID-19 themed cyber-attack, with about three in 10 organizations reporting a spike in attacks since the pandemic started. The findings showed successful attacks were likely to impact network infrastructure and databases, with 86 per cent doing so; and that almost six-in-10 are deploying a virtual private network this year. Half are deploying DNS firewalls in response to an increase in cyber threats.
With these integrations, Cloudflare is also enabling customers to:
- Get insights from new datasets: By introducing Cloudflare Logs to new datasets including firewall events and network error logging, the company says it is providing customers with the ability to identify security threats and performance opportunities across their entire network.
- Take logs anywhere with support for any storage destination: In addition to the already existing AWS, Azure, and Google Cloud as storage destinations, Cloudflare says it is now adding the support for any storage destination with the industry standard S3-compatible API. These include Backblaze, DigitalOcean, and more.
- Visualize data in a new user interface (UI): Cloudflare says it has completely redesigned the Logs UI to make the set-up more intuitive to help customers quickly and easily get up and running and simplify the user experience.
“Securing enterprise IT environments can be challenging – from devices, to users, to apps, to data centers on-premises or in the cloud,” said Sarah Fender, partner group program manager, Azure Sentinel at Microsoft. “In today’s environment of increasingly sophisticated cyberattacks, our mutual customers rely on Microsoft Azure Sentinel for a comprehensive view of their enterprise.”
Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution; Splunk is a cloud-based data platform for cybersecurity, IT and devops; Datadog is a monitoring service for cloud-scale applications; and Sumo Logic is a cloud-based machine data analytics company focusing on security, operations and business intelligence (BI) use cases.
