Sweet Security Runtime Security Suite

Additional Info

CompanySweet Security
Websitehttps://www.sweet.security
Company size (employees)10 to 49
Headquarters RegionMiddle East

Overview

Sweet has built the first runtime security platform for the cloud that helps security teams focus on business critical cloud risks. It utilizes a patent-pending, eBPF-based sensor that performs deep security profiling, establishing a unique baseline for normal and anomalous behaviors. It looks into core elements to identify active cloud risks across different use-cases including attack detection, vulnerabilities, posture management, and non-human identities (NHI) monitoring.

Sweet’s security profiling paired with strong Layer 7 monitoring capabilities allow its solution to cut through the noise so security teams can focus on risks that are most relevant and critical to the business based on its unique cloud footprint. Sweet’s platform:
— Detects attacks at runtime, providing full context on things like root cause, impacted assets, and more, cutting noise level to near zero.
Reduces the number of vulnerabilities to address by 99% by spotting which are actually loaded and critical, and who needs to fix them
— Enhances posture through runtime insights such as ports that are open in the manifest but are not in use
— Takes non-human identities’ management to the next level. Sweet’s behavioral analysis reveals which machine was the origin of a chain of anomalous actions and for what purpose

Sweet’s cloud-based attack detection model and patent-pending behavioral learning technology enable immediate delivery of critical, comprehensive attack findings that allow mitigation before, during and after attacks occur. As a result, Sweet provides CISOs with the certainty needed to be accountable for cloud security. It also enables them to refresh corporate SOC and IR processes for cloud native environments, enabling the organization to ease into cloud adoption and digital transformation.

Key Capabilities / Features

Our key feature set includes:


-- Runtime cloud detection and response: Sweet enables investigation time to drop from hours to minutes. Its baseline-guided sensor detects critical anomalies and assembles a full attack story, providing full damage assessment, remediation recommendations, and proactive remediation options.
-- Runtime Vulnerability Management: Sweet provides game-changing runtime insights such as loaded files and external communication paths, enabling DevSecOps and AppSec teams to deal with 99% less CVEs, indicating those which are truly critical. Our runtime vulnerability management also identifies relevant stakeholders.
-- Runtime Posture Management: This feature helps security teams fix critical misconfigurations and harden their environment with runtime insights such as assets used out of their defined place and open ports that are not in use. More so, it helps security teams understand the consequences of a specific hardening in order to enhance their total cloud security posture. For example, it’s a best practice to upgrade all the usages of Instance Metadata Service (IMDS1) in the code before turning off this feature in production, but if you don't know who is using this feature, you can't do anything with the risk.
-- Non Human Identities (NHI) management: Using its novel sensor-based technology and Layer7 capabilities, Sweet’s behavioral analysis reveals which machine was the origin of a chain of actions, and for what purpose. Thanks to both the cloud era and AI, the amount of NHIs in the cloud is growing exponentially. Most of the solutions today can pinpoint a specific cluster where a role/secret was in use, but not which microservice inside the cluster is using it (the cluster could host more than thousands of microservices). Sweet can pinpoint that microservice, also revealing which critical service or asset was the destination of this microservice while it used a given NHI and for "what" purpose.


How we are different

What differentiates us from other runtime security/workload protection offerings:


Next-gen cloud detection: Sweet’s behavioral baseline technology enables it to detect even the most sophisticated, new attacks, regardless of the attacker’s TTPs. Not only that, Sweet’s Layer7 capabilities allow it to provide the evidence needed for security stakeholders to confirm and provide full context and maximum confidence to management teams. Owing to its unique detection capabilities, it also reduces investigation time from hours/infinite time to minutes.


Close to zero noise: Our customers tell us that the noise level generated by their existing portfolio of cloud security estate is so loud that it drowns out any signals of attacks and prevents security teams from identifying relevant, active risks that should be prioritized. As a result, their tools are barely effective. This is a well-known issue and many vendors are trying to address it in a variety of ways. Our approach is to provide “boots on the cloud.” Unlike log-based solutions or passive API scans, our hyper-accurate baseline weeds out a huge percentage of irrelevant alerts. As an example, security teams can deal with 99% less vulnerabilities, and also instantly identify who can help them fix those.


unified, runtime platform, Sweet’s Cloud Runtime Suite enables CISOs and security teams to level up their cloud security from partial to complete defense. Providing robust defenses across all stages of an attack, its feature set includes Detection & Response, Vulnerability Management, Posture Enhancement, and Non-Human Identities (NHI) Management – all in runtime. In addition, Sweet is the epitome of “sweet and lean”. Its eBPF-based sensor Stakes under five minutes to deploy, and consumes ⅓ the CPU and memory of its leading competitors in the cloud runtime market.