Observable Networks: Securing Endpoints with AWS

Bryan Doerr, CEO
Bryan Doerr, CEO, Observable Networks believes that the changing scenarios in the IT industry and their impact on security for enterprises charted the course for Observable Networks to emerge as a network security technology solutions provider. Observable Networks, the brainchild of the founder Dr. Patrick Crowley’s experience and expertise in the network security domain is an early stage partner in the AWS ecosystem that has deeply integrated with complementary AWS offerings to help customers in achieving their security goals. “In the recent times, we observed that enterprises move to AWS either as a part of a corporate IT sponsored initiative or as part of a transition within the business groups, outside of corporate IT,” articulates Doerr. In making these moves, the former group looks toward extending security controls and processes, which were established for the legacy datacenter, into AWS infrastructure, while the latter seeks fast, easy to deploy, usage-driven security functionality to address needed security gaps.

In these scenarios, Amazon’s Virtual Private Cloud (VPC) Flow Logs provide network data that are useful to customers wanting to enhance their security. Observable Networks matches up the clients’ flow logs with their Amazon service assets, and uses the network metadata to perform endpoint modeling to understand the behavior of and detect variations in those AWS assets’ activities. The company’s Dynamic Endpoint Modeling solution for AWS helps clients to improve the security and compliance of applications deployed on AWS Cloud and helps them to gain better visibility into their AWS applications.

Unlike many agent-based services which focus on assessing security through the identification of vulnerabilities of an asset, Observable Networks emphasizes assessing security through the asset’s behavior. The solution is easy to deploy as no agents are used and connects to the AWS VPC Flow Log service in minutes without affecting the AWS assets.

We strongly believe in getting a good idea into our solution quickly and letting our customers decide how that idea develops through time

Additionally, AWS CloudTrail and AWS Config also offer additional perspectives on AWS security and produce event data that is consumed by Observable Network’s endpoint modeling to produce a holistic behavioral view of asset activity within a single solution.

Many organizations making the shift from legacy architectures to AWS-based architectures find themselves running hybrid infrastructures. In many cases, these hybrid environments are a combination of dedicated, special purpose infrastructure like manufacturing or sensor systems, legacy datacenters (both physical and virtual), geographically diverse office networks, and public cloud making the huge diversity of environments extremely difficult to protect. Observable Network’s Dynamic Endpoint Modeling solution makes the job of protecting configurations such as these easy by integrating threat detection across all environments and presenting it in one integrated portal. The firm also offers free assistance on configuration and on-going alert notification support.

Doerr understands that Observable Networks is in a fast moving industry with a lot of opportunity and that success means innovating quickly. “As a startup, we strongly believe in getting a good idea into our solution quickly and letting our customers decide how that idea develops through time,” Doerr says. Observable Networks is also growing geographically by planning to expand in parts of Europe.

Observable Networks

St. Louis, MO

Bryan Doerr, CEO

Performs endpoint modeling using VPC Flow Logs to create understanding of AWS asset behavior and automatically recognize threatening activity

Observable Networks