Sonrai Security Releases Industry-First Risk Insights Engine 👉
Learn More
Search Contact Login
Free Trial Get a Demo

Interactive Product Tour

interactive tour Start a Tour Get a Demo

Interactive Product Tour

interactive tour Start a Tour Get a Demo
Blog
>
Back to Blog

[Webinar Recap] Preventing Cloud Security Risks...Or Fixing Them Fast

Stephanie Choi
August 18, 2020
Updated : 10.31.2023
3 mins to read
Hackers Held 23,000 Unsecured MongoDB Databases Ransom

Missed our recent webinar? There’s an on-demand recording available for our “Pillars of Cloud Security: Prevent Problems or Fix It Fast” webinar.

In our recent Bright Talk webinar, Dan Woods, Principal Analyst and Early Adopter Researcher at Evolved Media, spoke with Eric Kedrosky, CISO & Director of Cloud Security Research at Sonrai Security. The webinar goes into great detail regarding Sonrai’s platform and how IT and Security teams can best utilize technologies and methodologies to prevent and rectify cloud security risks and issues effectively

Here we will breakdown some of the key talking points and takeaways from the discussion.

What does “Prevent it and Fix it Fast” mean?

Prevent it and fix it fast is a phrase all too common in the Security world, but what does it mean? Well, it means your organization needs careful planning – establishing rules and procedures via strict guidelines – that ensure efficient security for both customers and organizations alike. In the new cloud era, we no longer have a handful of identities accessing our environment. We have hundreds if not thousands, unfortunately, many of which may not be people at all. Understanding who should have access and how they obtain that access is a principal key to success. 

Shift Left

The concept of Shift Left is to permanently involve the person closest to the problem. It may seem obvious but too often teams are delegating problems outside rather than fixing them internally. With so many teams and individuals working in and around an environment it is often a challenge for teams to even locate the root cause of the problem let alone fix it. Couple this with an improper delegation of responsibilities, and teams find themselves in far over their heads. When utilized effectively, Shift Left simplifies the entire process. To help keep everything streamlined and simple many teams have implemented the use of  what’s known in the industry as Swim Lanes. 

Swim Lanes

Swim Lanes are segments within an environment that utilize their own specific controls. Essentially, each Swim Lane organizes the operations and the security to different categories; most commonly Staging, Development, and Production. This allows for flexibility when it comes time for a team to apply controls specific to their business. For example, a team may look at all data containers that are tagged as classified and only apply certain controls to those containers, to avoid an exposed container. By doing this teams can identify what Swim Lane the problem falls within so they can allocate the right person or department effectively.

Automation and Prevention

Utilizing specific proven tactics like automation and prevention helps teams address problems quickly and accurately. This is a key component of securing and streamlining a development and public cloud environment. Prevention bots are an integral part of the Sonrai platform. A prevention bot assists by stopping an action that shouldn’t be taking place in the environment in the first place. For example; if a private S3 bucket were to be made public, a prevention bot would detect and shut down the S3 bucket upon a scan of the environment. Prevention bots can be used out of the box or they can be customized to a specific or rare need. Remediation bots, also part of the Sonrai platform, help teams take action on events that always require the following action to be taken. For example, deleting an account has been deactivated for 90 day, or a private S3 bucket being made public. A remediation bot can automatically remediate the action prompted by the rule and save teams countless man hours. 

Blocking Bad Code

When it comes to assisting in blocking bad code, we are able to see how the relationship is formed between the automated security mechanisms and the CI/CD pipeline. Teams can use automation to validate controls in a pass/fail test, during and after testing. This can help prevent bad code or unsecure code from being pushed past the current swim lane, and ultimately stopping it before it goes into production. By blocking bad code from advancing swim lanes a team is effectively solving issues before they graduate to  larger problems that could potentially span multiple teams and departments. 

This webinar is a part of a series covering the cloud security principles including:

For a more comprehensive look at the principle of cloud security areas covered in this presentation, check out the hour-long on-demand webinar.

THE ARCHITECT

The Newsletter for Cloud Security Leaders. 1x a month.
Get a Comprehensive Cloud Identity Audit
Request Your Audit

Read the latest news and insights

Graph Image
09.19.2022Eric Kedrosky

Effective Permissions: An Identity's True Abilities

Understand the difference between fact and fiction...
Read Blog
Sonrai - Maintaining a Least Privilege Policy Webinar Recap
07.24.2020Stephanie Choi

Attackers Find AWS S3 Bucket With 17m Users

CouchSurfing is an online service that lets users find...
Read Blog
azure common configuration errors
01.21.2020Stephanie Choi

The AWS Breakdown: IAM roles vs policies

Learn the most common types of AWS IAM policy mistakes...
Read Blog
Sonrai Main Logo

© 2024 Sonrai Security. All rights reserved

Sitemap   |   Privacy Policy  |  

Sonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307 and 11,134,085, together with other domestic and international patents pending. All rights reserved.