After ten years in information security product management, I empathize with the pains faced by today’s infosec professionals. My determination to do right by the infosec community combined with my love of behavioral economics that feeds my obsession to "drop the buzzwords and focus on the real problems".
Two of the 6 basic security controls, according to the Center for Internet Security, are focused on the current state of your assets. Assessing the state of your assets has been a priority for years, but the old means aren’t as effective in modern infrastructure as they were on legacy systems. These two critical controls - Continuous Vulnerability Management and Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers - are a foundational part of any security program, but you’ll run into implementation challenges if you simply drag legacy tools into a cloud environment. That’s why osquery, a light weight and cloud friendly universal agent, is quickly becoming the go-to for helping to secure cloud workloads, in part through the effective application of these two critical controls. Let’s explore how.
While I am there every year, hydrating, I try to take note of the innovation I see. Luckily, the Black Hat team has named Innovation City to make it a little easier on me, so I started there and walked the full business hall to ask questions and listen. This year, I took note of a few key themes.
This may sound like common sense to developers, but securing the assets in your cloud requires you to recognize just how different a cloud workload is from a user asset. While the high level strategy is nothing new, legacy solutions cannot simply be repurposed in your cloud due to some very straightforward barriers to each fundamental goal.
Despite there being hundreds of software solutions focused on monitoring, today’s operations professionals lack the assessment and detection coverage they need in their CI/CD infrastructure. Software applications have reached an inflection point in the pace at which businesses are evolving their operations, and so a new approach is needed for continuous monitoring.