Published by Safet Acifovic on Nov 11, 2020 9:38:59 AM
It is expected that the the global cloud computing market is to grow to more than $800 billion by 2025. At the same time, Gartner has predicted that through 2025, at least 99% of cloud security failures will be the customer's fault. It should be clear by now that we live in a cloud-first world and that cloud (data) security is becoming increasingly important as we move data centers, business processes, applications and more to the cloud. It is time to step up cloud security!
Many enterprises have already upgraded their cloud security by transitioning from manual checks to automatic tools. And this is often where Cloud Security Posture Management (CSPM) tools come in. A CSPM is a tool that continuously checks cloud platform accounts for compliance and infrastructure misconfigurations. These tools verify automatically whether your cloud configurations are following security best practises and compliance standards such as CIS (AWS or Azure), PCI, HIPAA or GDPR. This is a big leap forwards compared to a couple of years ago when no one had any visibility on whether their cloud environment was secure or compliant.
CSPMs play an important role in helping organizations stay compliant with major frameworks and address accidental risks, such as missettings that allow unauthorized access or misconfigured network security groups. CSPMs are becoming a necessary aspect of cloud security.
However, we should ask ourselves: is the CSPM approach enough? And will it be enough tomorrow? Or next year? Features are added every day by the cloud service providers. Cloud environments and cloud workloads are becoming more and more complex. By 2025, the cloud computing market will grow to more than $800 billion. We should pay very serious attentions to cloud security.
So, is the CSPM approach enough? We believe that the standard definition of CSPM is lacking. It only provide limited visibility. Let me demonstrate this with an example. Let's say we have a web server which is connected to the Internet and our internal virtual networks. The server has never been patched (it was neglected), and as a result it got infected with a crypto miner. As it stands today, none of the available CSPMs will give an alert. These issues are simply outside the scope of current CSPMs. A CSPM will only check your cloud (infrastructure) configurations.
Despite the fact that misconfigurations in the OS and application layer, such as software vulnerabilities are critical parts of your whole cloud security posture, they are not handled by today's CPSMs. A CPSM will detect a misconfigured data bucket or an overly permissive network security group, but it will not alert on patch issues, malware and weak authentication problems that are present on the server.
Cloud security posture management means managing the posture of your entire cloud environment, throughout the whole technology stack. CSPMs need to be supplemented with better defense and threat detection capabilities in order to truly address all aspects of security and compliance for your workloads in the cloud.
You should ask yourself: is my current cloud security approach / CSPM tool / security solution, the right one? To help you find an answer to this question, please consider the following four questions.
We have asked ourselves these questions and we have concluded that we needed something different for our clients, something new and 'next-gen'. Securing the cloud requires complete visibility into all cloud assets, compromised resources, vulnerable software, and misconfigurations without the cost, complexity, and limitations of agents. In our search for a next-gen cloud security solution that can do all this, we came across Orca Security.
Delivered as a SaaS solution, Orca Security uses its patent-pending SideScanning™ technology to deliver instant and agentless deeper visibility into your cloud environment and ease compliance efforts. The solution works out-of-band and scans the entire cloud estate, down to the data layer to identify malware, vulnerabilities, misconfigurations, leaked passwords, sensitive data (PII) and more.
We are excited to announce that we have partnered with Orca Security to help you achieve full-stack visibility across your cloud environments, such as AWS, Azure and GCP.
Each CloudNation HealthCheck comes with a free trial1 of Orca Security to give you the opportunity to experience full-stack visibility yourself. The CloudNation HealthCheck is a security assessment we have developed to help you identify misconfigurations and other security risks within your cloud environment. It's quick, complete and comes with actionable recommendations to help you start fixing right away.
Interested? For more information on Orca Security or our HealthCheck, please leave your contact information below or gives us a call.
1Terms and conditions may apply