7 Ways Skyfence Cloud Discovery Strengthens Your Cloud Risk Posture

Skyfence Cloud Discovery — Complete Guide to Visibility and Security

What it is

Skyfence Cloud Discovery is a tool (originally from Skyfence, now part of Imperva) that discovers and catalogs cloud applications used across an organization by analyzing existing network and proxy logs. It reveals sanctioned and unsanctioned (shadow IT) SaaS usage, provides per-app risk information, and supplies usage metrics (users, traffic volume, storage location).

Key capabilities

• App discovery from firewall, proxy, and SIEM logs (enterprise-wide aggregation)
• Risk scoring and detailed risk attributes for each discovered app
• Usage analytics: number of users, traffic volume, regional/global views
• Deployment modes: on-premises or cloud; can run locally (log files need not leave network)
• Integration with directory/SIEM tools and support for distributed egress points
• Ability to differentiate managed vs. unmanaged devices and apply policies (when paired with Skyfence Gateway)
• Geo-fencing and data-location visibility for privacy/compliance needs

Typical workflow

1. Import egress logs from firewalls, proxies, or SIEMs.
2. Automatically identify and catalog cloud apps accessed by users.
3. Review per-app risk scores and usage metrics in dashboards/reports.
4. Prioritize high-risk apps for remediation (block, monitor, or apply controls).
5. Optionally deploy Skyfence Gateway/proxy for policy enforcement and real-time controls.

Benefits

• Rapidly eliminate cloud-app blind spots and identify shadow IT.
• Prioritize remediation using risk-context and usage trends.
• Support compliance by surfacing data residency and access details.
• Low-friction discovery (no endpoint agents required for discovery phase).

Limitations and considerations

• Discovery accuracy depends on quality and coverage of collected logs.
• Deeper controls (real-time blocking, step-up auth) require gateway/proxy deployment and configuration.
• Product information and packaging have evolved since acquisition by Imperva; verify current capabilities and licensing with vendor.

Where to start

• Gather representative egress logs from perimeter devices (firewall, proxy, SIEM).
• Run Cloud Discovery to generate an inventory and risk report.
• Use results to define policy actions (monitor, block, remediate) and decide if you need a Gateway/proxy for enforcement.

Sources: vendor press releases and product resources (Skyfence / Imperva).