Sonrai Security website logo for identity and data governance and cloud security

[Webinar Recap] Secure Multi-Cloud Environments: Intelligent Cloud Security Posture Management

Author: Sonrai Security Marketing | Date: October 1, 2020
Read Time: 3 minutes
Skill Level: ExecutiveSkill Level: Learner
Skill Level: ExecutiveSkill Level: Learner
Latest Public Cloud Data Breaches Affect Millions

Missed our recent webinar? There's an on-demand recording available for our “Secure Multi-Cloud Environments: Intelligent Cloud Security Posture Management” webinar.

On September 22, we hosted a webinar with Eric Kedrosky, Director of Cloud Security Research and CISO of Sonrai Security, and Dan Woods, Principal Analyst at Early Adopter Research. Our cloud experts offered a refreshing forward thinking view of Cloud Security Posture Management. Here we breakdown some key takeaways on Intelligent CSPM.

Gartner recommends that security and risk management leaders invest in CSPM tools to avoid misconfigurations that can lead to data leakage. The reason for this recommendation is to meet the governance and security challenges the public cloud brings. With the rapid adoption of cloud providers, like AWS, Azure, GCP and Kubernetes, along with an increasing number of cloud services, the public cloud has created an explosion of data and identity complexity with unmanaged risk. While cloud providers deliver basic configuration capabilities, they only address their own services, which leaves out the multi-cloud capabilities that most enterprises require. And although the underlying cloud provider infrastructure is secure, most enterprises don’t have the processes, tooling maturity or scale to govern their cloud securely. Using first-generation Cloud Security Posture Management (CSPM) may not be enough for enterprise companies.

The New Perimeter For Cloud Security

The public cloud is amazingly powerful, but complex. The ways we conceive of, design, develop, deploy and operate has changed completely. We have gone from monolithic applications to microservices; Waterfall development to Agile; IT control to DevOps control; Data centers to software defined Cloud infrastructure. If how we create technology value has changed dramatically then surely we must reimagine how we deliver security for these applications.

Organizations of all sizes are harnessing the operational and cost benefits of public cloud. Unfortunately, cloud platforms like AWS, Azure, GCP, and Kubernetes provide a wide range of identity and access management (IAM) based configuration options, that can be disastrous if not properly architected. The risk is very different (and sometimes much higher) than old-world enterprise IAM leading to identities becoming the new perimeter.

A Brief History of CSPM

In the past, you may find first-generation CSPM automatically assessing your cloud environment for best practices and security violations against basic baseline controls and cloud misconfigurations. Most common first-generation CSPM solutions would feature:

  • Identifying your public cloud environment footprint 
  • Assessing your cloud for misconfigurations and control violation
  • Auditing and reporting on misconfiguration and violations

Rapidly, CSPM has grown to include Context. Context is most often determined by how and/or where a cloud service, Identity or Resource is implemented. Based on this context, your cloud environment controls could be implemented and monitored to a much more granular level. Today’s CSPM with context-based analysis would include features from the first generation CSPM as well as:

  • Continuous visibility into multiple public cloud environments of policy violations
  • Optional ability to perform automated remediation of misconfigurations to ensure continuous compliance and protect critical cloud assets
  • Out-of-the-box compliance libraries of common standards or best practices, such as CIS Foundations Benchmarks, SOC 2, PCI, NIST 800-53, or HIPAA, to verify that cloud configurations are compliant
  • Integration with additional security tools

While today’s CSPM context-based approach enforces granular access control based on a user's identity and context of the request, it leaves out the non-person identities.

Many organizations are still lacking key identity-related security controls and the few forward-thinking companies that have started applying proper access controls are typically focusing on human users - not non-person identities. Non-person identities are identities that act on behalf of a person. They can be pieces of code, such as AWS Lambda functions, or pieces of compute, such as Azure VMs or other public cloud services. Regardless of how you define them, they are extremely useful and often represent the vast majority of identities found in cloud deployments. They do, however, present some unique challenges that are only solved with intelligent CSPM.

Learn more about “Secure Multi-Cloud Environments: Intelligent Cloud Security Posture Management”  in our webcast discussion.

You Might Also Like

Identities Are Still The New Perimeter

Powerful identity and access management (IAM) models of public cloud providers like AWS, Microsoft Azure, and Googl[...]

Read More

Cloud Security Considerations for AWS, Azure, & Google

With the rise of the cloud, data security has changed dramatically. Older data security models based on fortified p[...]

Read More

Getting to and Maintaining the Principle of Least Privilege

What Does Principle of Least Privilege Mean? The principle means giving an identity (user, role, and/or service)[...]

Read More