Skyfence Cloud Discovery was originally launched as a free, on-premises tool designed to help enterprise IT teams find, analyze, and secure “Shadow IT”βhidden or unauthorized cloud applications used by employees without corporate oversight. Developed by Skyfence (a cloud security startup acquired by Imperva), the technology became a foundational approach for Cloud Access Security Brokers (CASBs) to mitigate data leaks and compliance risks.
The tool maps out network traffic against an intelligence database to assess application risks, ensuring that sensitive log data never leaves the local network during analysis. π Step 1: How Skyfence Finds Hidden Apps
The discovery process relies on gathering existing data from your corporate infrastructure to build a comprehensive inventory of cloud usage:
Log Integration: Administrators import traffic logs from existing firewalls, secure web gateways, SIEM platforms, and proxies.
On-Premises Parsing: The tool processes these log files locally on your network, protecting data privacy.
Traffic Mapping: It automatically isolates outbound cloud application traffic from standard web browsing.
Usage Metrics: The system calculates the exact traffic volume, data upload amounts, and total active users for each service. π Step 2: Evaluating the Risk
Once the hidden applications are visible, Skyfence analyzes their security posture using a built-in risk-scoring mechanism:
Risk Reporting: The tool generates automated reports flagging apps that present severe security vulnerabilities.
SaaS Categorization: It identifies what type of tools are being used, such as unauthorized cloud storage or unsanctioned collaboration platforms.
Anomalous Activity: It highlights endpoints or individual users responsible for the heaviest data volumes and highest risk exposure. π‘οΈ Step 3: Securing the Cloud Environment
Finding the apps is only the first half of the battle; the ultimate goal is securing the corporate data footprint:
Sanctioning Frameworks: IT leaders use the intelligence reports to officially approve safe applications and explicitly ban dangerous variants.
Data Leak Prevention: Security teams can target the specific services handling massive file uploads to prevent corporate IP from leaving the ecosystem.
Policy Refinement: The data collected guides administrators in updating firewall and proxy rules to permanently block risky connection pathways. π The Evolution of Cloud Discovery
While Skyfence pioneered early standalone log-based discovery, modern enterprise networks have largely shifted away from static, on-premises log parsers. Today, these exact discovery workflows are natively integrated into continuous, endpoint-driven cloud security suites.
For example, platforms like Microsoft Defender for Cloud Apps utilize automated endpoint signals to continuously discover hidden apps, track live data exfiltration, and block unsanctioned services in real time without needing manual log uploads.
Are you looking to address a specific Shadow IT challenge in your network, or Skyfence Launches Free Cloud App Usage Visibility Tool
Leave a Reply