Agentless AWS Security
Get Runtime Cloud Visibility
Monitor every packet and payload on EC2 instances (all OSes incl. Windows), Docker containers, EKS Kubernetes nodes, Serverless Lambda functions, and every piece of data stored in S3 storage buckets – without deploying agents or instrumenting code. Continuously audit cloud posture to gain insights into security misconfigurations. Automatically rank security findings based on multi-vector analysis to prioritize response and remediation.
Visibility into Network
Blue Hexagon provides complete L3-L7 visibility into your AWS cloud workloads from the network vantage point. Every single network flow is analyzed in its entirety – protocols, payloads, metadata, and headers.
Blue Hexagon provides complete network coverage of EC2 instances (all OSes incl. Windows), Docker containers, EKS Kubernetes nodes, and Serverless Lambda functions to give your security teams full runtime visibility into network-connected assets and their behaviors.
Visibility into Payload
Blue Hexagon provides in-depth visibility into EVERY payload that may be in transit in the network OR at rest in persistent storage such as S3.
The Deep Learning models enable your teams to understand the nature of these payloads – is it code masquerading as data? The models then classify the payloads as malicious or benign based on hundreds of thousands of observations for each and every payload inspected.
Visibility into Assets, Applications, and Services
Blue Hexagon provides runtime visibility into the actual assets, applications, and services that are present in your environment. Within minutes of deployment, you can easily see:
- what services are being provided by the assets in your VPCs
- which instances are providing authentication services such as Kerberos or NTLM
- which containers are serving file shares over different protocols
- which VMs are providing RPC services or acting as terminal servers.
This is a superior approach to other tools that identify assets and services statically, often based on user-specified tags or metadata.
Visibility into Users, Identities, and Access
Blue Hexagon integrates natively with AWS CloudTrail to capture and aggregate observations about entities within your AWS cloud such as users, IaaS and PaaS entities that assume IAM roles, and how these entities interact with each other and access workloads and services. Blue Hexagon Deep Learning AI automatically analyzes the rich but raw data in the CloudTrail logs in the context of the broader cloud configuration and runtime visibility to detect and alert you on security findings.