Autore: Dale Norris, Cloud Security Product Marketing at ExtraHop
There is a fairly common perception that organizations have a handle on their obligations under the shared responsibility model of cloud security. However, cloud security is complex and constantly evolving, and there is more nuance to shared responsibility than you may realize.
To better understand who is responsible for securing what is in the cloud—as well as the security controls and services best suited to help cloud security operations mature and grow—check out the latest report from the SANS Institute.
This SANS report reveals that, in the beginning, cloud service providers didn't write shared responsibility models for cloud security teams. They were business proposals intended to make organizations more comfortable with putting assets into the cloud. The tactic worked, and DevOps began driving deployment and change at a pace that can make tracking assets and building consistent monitoring use cases challenging.
Today, shared responsibility models no longer focus on development and DevOps. Instead, they point security teams in the right direction to protect cloud environments.
In the new report, you'll learn about new approaches to securing the cloud, as well as the next steps to take for improving visibility. You will also gain valuable insight into how cloud-focused security teams have traditionally used host-based agents, intrusion detection systems (IDS) and netflow, and logging and event monitoring tools for cloud security. Additionally, you can dig into the pluses and minuses of each product category.
SANS also dives deeper into key features to look for in network detection and response (NDR) solutions, including asset discovery and classification, network and application monitoring, and policies and automated actions.
One key area the report centers on is the most effective means of ensuring that you can securely leverage the scale and elasticity of cloud environments without introducing friction and blind spots. Major takeaways include:
To learn more about how and why you may need to take a new approach to shared responsibility in the cloud, download a complimentary report today.
You can read the original article in ExtraHop website.