SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Illumio launches Zero Trust endpoint protection solution for our digital, remote world
Thu, 25th Jun 2020
FYI, this story is more than a year old

Illumio has launched a new Zero Trust solution for endpoints aiming to mitigate the threat of ransomware and malware attacks in our digital world where remote working has become the new normal.

Illumio Edge is fully managed in the cloud, available through a lightweight Illumio agent or, thanks to a new integration partnership with CrowdStrike, through an existing CrowdStrike Falcon agent.

CrowdStrike customers will be able to use their existing Falcon agent to enable Illumio Edge, with no additional software deployments required, the company states. Illumio Edge will be available in the CrowdStrike Store in July.

The solution is designed to deliver containment by default to reduce an organisation's attack surface.

It makes every endpoint a Zero Trust endpoint, blocking all unnecessary inbound network communications to reduce the risk of malware spreading peer to peer without the fear of false positives, Illumio states.

The solution achieves this by pairing malware detection from Next-Generation Anti-Virus (NGAV) or Endpoint Detection and Response (EDR) solutions with Illumio's endpoint Zero Trust.

This enables organisations to stop known malware, but also block zero-day threats and unknown malware by preventing lateral movement between endpoints.

This new offering starts with a workflow to create automated, risk-free allow lists for detected services. With policy in place, enforcement follows the laptop wherever it goes on and off the network. The service functions behind the scenes while teams continue their work.

Illumio CEO and cofounder Andrew Rubin says, “As organisations were forced to transform overnight to allow for remote work, a host of endpoint security issues that have either been ignored or invisible until now were brought to the forefront.

“We built Illumio on an innovative, forward-thinking foundation and have been listening to our customers' requests for a better solution to combat lateral movement on the endpoint."

Rubin says, “We believe Illumio Edge is a fundamental shift to strengthen cybersecurity practices for organisations of all sizes, and were excited to partner with an innovative leader like CrowdStrike to bring this to market at mass scale today."

CrowdStrike chief technology officer Michael Sentonas says, “We are proud to add Illumio to our growing CrowdStrike Store ecosystem. CrowdStrike customers can further maximise their investment in the CrowdStrike Falcon platform by leveraging Illumio Edge to further fortify their organisations against the lateral movement of malware without the need for any additional agents."

Sentonas says, “Illumio Edge combined with CrowdStrikes instant visibility and protection across the enterprise will bring Zero Trust to every endpoint regardless of location and will offer our customers the most complete threat prevention capabilities, all seamlessly accessible through the CrowdStrike Falcon platform.

According to the company, Illumio Edge was created to provide businesses with an endpoint security tool that goes beyond traditional functionality to prevent the spread of malware and ransomware after an initial compromise.

According to research and advisory firm Forrester, "Entire industries have been affected and, in some cases, ground to a halt thanks to the scourge of ransomware attacks.

"While endpoint-focused security solutions have evolved, ransomware continues to impact enterprises... Worms such as WannaCry and NotPetya rely on lateral movement to escalate a containable nuisance to a cataclysmic attack.

"Microsegmentation and focused granular internal controls mitigate this problem and must be deployed as part of a Zero Trust strategy."

Illumio states it is focused on advancing endpoint protection in our increasingly digital, work-from-anywhere world.