Cloud computing is a $136 billion industry, and it continues to grow. As consumers become more technology-savvy, individual use of cloud services enters the realm of convention. Cloud migration is picking up speed because it introduces cost-effective and flexible services into a previously expensive technological sphere. However, cloud computing also gives rise to new security challenges.
With polymorphic malware, quick-turn domains and turn-on-a-dime attack tactics, most security professionals are looking for real-time intelligence to enable protection that is as close to zero-day as possible. Finding a threat anywhere around the globe and then immediately blasting out a definition or identifying an artifact is high on the cybersecurity wish list.
Two of the 6 basic security controls, according to the Center for Internet Security, are focused on the current state of your assets. Assessing the state of your assets has been a priority for years, but the old means aren’t as effective in modern infrastructure as they were on legacy systems. These two critical controls - Continuous Vulnerability Management and Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers - are a foundational part of any security program, but you’ll run into implementation challenges if you simply drag legacy tools into a cloud environment. That’s why osquery, a light weight and cloud friendly universal agent, is quickly becoming the go-to for helping to secure cloud workloads, in part through the effective application of these two critical controls. Let’s explore how.
This may sound like common sense to developers, but securing the assets in your cloud requires you to recognize just how different a cloud workload is from a user asset. While the high level strategy is nothing new, legacy solutions cannot simply be repurposed in your cloud due to some very straightforward barriers to each fundamental goal.