Page 66 - Cyber Defense eMagazine June 2020 Edition
P. 66

The onus is on you to establish the context before beginning to understand and prioritize the risk, then
            ultimately address the vulnerabilities.

            In the network diagram below, two identical web servers that have the same vulnerability. Without context,
            how would you know which alert is an imminent threat and which is just informational?






































            Cloud security is far too important to cobble together solutions and hope there aren’t any gaps. Clearly a
            new approach is needed.



            The Characteristics of the Ideal Cloud Security Solution

            A different mindset is required—one in which there are no assumptions regarding existing approaches
            as the only possible solutions. In completely reimagining how to discover and manage all possible risks
            across AWS, Azure, and GCP, the following characteristics of the ideal solution emerge:

            ●  Detect all important risks in an organization’s cloud environment—both workload and control
               plane—whether it’s a piece of vulnerable software, an infected workload, a misconfigured S3 bucket,
               a lateral movement risk, improperly secured keys, or unsecured PII—whatever the issue may be.

            ●  Integrate with any cloud environment in minutes—without any side effects on performance and
               availability, thereby eliminating organizational (e.g. DevOps) friction. It should do so without running






            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         66
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   61   62   63   64   65   66   67   68   69   70   71