Now on Demand Ransomware Resilience & Recovery Summit - All Sessions Available
Connect with us

Hi, what are you looking for?


Network Security

FireLayers Introduces Cloud Application Security Gateway

Cloud security startup FireLayers has launched a new solution designed to enable enterprises to securely use cloud-based applications.

Cloud security startup FireLayers has launched a new solution designed to enable enterprises to securely use cloud-based applications.

FireLayers Cloud Application Security Gateway is the flagship solution, but the company, which came out of stealth mode in February 2014 after receiving undisclosed funding from the venture capital firm YL Ventures, plans on releasing other security, compliance and IT governance products that can aid organizations with their efforts to securely adopt cloud applications.

Available immediately, the cloud application security gateway is ideal for apps like Yammer, Box, Google Apps, NetSuite, ADP, Salesforce, Workday, TribeHR, but also for homegrown and customized software, FireLayers said.

By sitting between the user and the cloud applications, FireLayers Cloud Application Security Gateway provides visibility into app usage, while providing protection against a wide range of cyber threats, including malicious insiders, account hijacking, and unauthorized access originating from personal devices used for work purposes (BYOD). Furthermore, the solution has a near-zero impact on performance, the company noted.

The product provides IT teams with the granular policy-based rule enforcement and auditing capabilities they need to secure cloud applications. For popular applications, the company provides pre-defined security, compliance and governance policies. FireLayers says its security gateway is the first to use the eXtensible Access Control Markup Language (XACML) to create and enforce policies, enabling the identification of user interactions in real time.

“Until now, CIOs and CISOs were forced into making the inadequate choice between blocking or allowing cloud apps,” commented Yair Grindlinger, FireLayers co-founder and CEO. “IT teams and business leaders are becoming increasingly aware that cloud app security is a corporate problem, and that they need to be responsible for the security of how the application is used, the data and the users themselves. With FireLayers, they have the tools they need to enforce corporate policies that support their risk tolerance and compliance needs.”

The FireLayers security gateway is based on an open architecture, which makes it easy to integrate with various other security and monitoring solutions.

According to Grindlinger,  FireLayers Cloud Application Security Gateway is easy to implement and doesn’t require the installation of any new hardware.

Advertisement. Scroll to continue reading.

“[For] most popular applications there is no deployment as the solution is based on a reverse proxy technology.  In some cases a local proxy settings configuration is required from the IT team (for instance for Google Drive that is locally deployed on the device),” Grindlinger told SecurityWeek. “What all this means is because of the way reverse proxy is implemented, basically you don’t need to do anything. When someone logs in, the application automatically redirects the user to the FireLayers gateway.  The user experience is completely transparent.  No software installation or configuration is needed.  There is no footprint on the user’s device. The user doesn’t need to do anything – the FireLayers gateway does it all.”

The solution is priced at $10 per month per user and customers can secure one of their cloud apps for free for a one-year period.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

MSSP Dataprise has appointed Nima Khamooshi as Vice President of Cybersecurity.

Backup and recovery firm Keepit has hired Kim Larsen as CISO.

Professional services company Slalom has appointed Christopher Burger as its first CISO.

More People On The Move

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet