Three hard truths hindering cloud-native detection and response - Help Net Security

Given the interconnectedness of cloud environments and the accelerated pace at which cloud attacks unfold, if SOC teams can’t see everything in one place, they’ll never be able to connect the dots in time to respond. Within these trusted connections reside permissions to databases, S3 buckets, and many other resources, all of which are granted open or loose permissions so they can interact, unimpeded, with essential cloud services. One of the most challenging elements of cloud security is that cloud environments generate so much noise and are so complex that it’s easy for questionable actions to occur unnoticed. As security teams level up to support the transition, we’re seeing three specific issues that impede cloud detection and response. The amount of NHIs that reside in cloud environments, coupled with the fact that cloud providers employ different NHI authentication mechanisms and lifecycle management practices has caused the risk they pose to skyrocket. Cloud applications, workloads and infrastructure have become increasingly connected and communicate with each other via trusted connections across assets, developers and identities. Most SOC teams either lack the proper tooling or have so many cloud security point tools that the management burden is untenable. Cloud security teams are getting smarter and more experienced, and cloud security toolsets are maturing in lockstep with cloud adoption. Cloud attacks happen way too fast for SOC teams to flip from one dashboard to another to determine if an application anomaly has implications at the infrastructure level. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them. While the latter is a legitimate concern, if we want to stay ahead of our adversaries, we need to get comfortable with the accelerated pace of the cloud. More importantly, because everything in the cloud happens at warp speed, we humans need to act faster, which can be nerve wracking and increase the chance of accidentally breaking something. The implicit trust that cloud workloads have between pod-to-pod and node-to-node communication may be essential to smooth operations, but it comes at a cost. According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. To protect the massive investment being made in cloud native IT, containing NHI risk MUST be a priority. Even though security teams are implementing the least privilege principle to ensure that every asset only has the connections they need, there will always be connections left open. Furthermore, since virtually all public cloud users are on AWS, GCP, Azure, and Oracle, it becomes easy for an attacker to know how an environment will be built. Security teams need to adjust their mindset beyond shift-left and get adept at shifting up and down the stack.

This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 03 Oct 2024 05:43:09 +0000


Cyber News related to Three hard truths hindering cloud-native detection and response - Help Net Security

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
10 months ago Esecurityplanet.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
11 months ago Techtarget.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
1 year ago Cybersecurity-insiders.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
9 months ago Techtarget.com
Three hard truths hindering cloud-native detection and response - Help Net Security - Given the interconnectedness of cloud environments and the accelerated pace at which cloud attacks unfold, if SOC teams can’t see everything in one place, they’ll never be able to connect the dots in time to respond. Within these trusted ...
2 months ago Helpnetsecurity.com
CVE-2024-26633 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
1 year ago Feeds.dzone.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
11 months ago Feeds.dzone.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
6 months ago Esecurityplanet.com
CVE-2024-26857 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
5 months ago Esecurityplanet.com
CVE-2024-35893 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
10 Major Benefits of Cloud-Native Application Development - Cloud-native application development combines organizational and technical changes in the design, build, and deployment of software in the cloud to deliver value faster and improve overall business efficiency. UST experts reimagine cloud strategy, ...
10 months ago Esecurityplanet.com
CVE-2024-47685 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use ...
2 months ago Tenable.com
The Imperative for Zero Trust in a Cloud-Native Environment - The security policy is dynamically updated with the changes of users, devices, data and external risks. Due to the dynamic, containerized and microservice characteristics of cloud-native environments, traditional boundary security protection policies ...
1 year ago Securityboulevard.com
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
8 months ago Techtarget.com
Security Company Skyhawk Launches Platform for Multi-Cloud Threat Detection & Response - Skyhawk, a security company specializing in cloud security solutions, recently launched a cloud-native platform to provide threat detection and response across multi-cloud environments. The Skyhawk platform works with cloud service providers like ...
1 year ago Csoonline.com
Cloud-Native Threat Detection and Response - In highly dynamic cloud-native environments, the traditional Threat Detection and Response approaches are increasingly showing their limitations. With its unique architecture and operational dynamics, Kubernetes demands re-evaluating how we handle ...
11 months ago Feeds.dzone.com
Best practices in moving to cloud native endpoint management - This blog is the second of three that details our recommendation to adopt cloud native device management. A common thread through the customer stories was how they achieved greater security, cost savings, and readiness for the future through their ...
10 months ago Microsoft.com
CrowdStrike Demonstrates Cloud Security Leadership at AWS re:Invent - CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Sponsor. These accomplishments demonstrate our ...
1 year ago Crowdstrike.com
Benefits and challenges of managed cloud security services - Too many organizations lack the in-house cloud security expertise and resources needed to protect cloud assets effectively. One option to address these challenges is managed cloud security. Outsourcing cloud security to a third party not only helps ...
10 months ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)