Enterprise cloud is inundated with security concerns of varying nature. Following are some of these core concerns that security operators faced today.
  • Cloud migration, multi-cloud migration at unprecedented rates. In many cases, modern SMBs start off entirely on cloud IAM, workloads, and product management
  • Increased complexity of public cloud deployments requires in-house effort to keep up with changing configuration & settings, monitoring controls, and access control knobs available for secops to manage
  • Enterprise NetOps, SecOps, SRE/DevOps, developers, and overall security organizations are expected to work tigheter with each other than before, with diversified expertise on each cloud deployment such as AWS, GCP, Azure, K8s, Openshift etc.
  • An expert on one cloud platform, such as AWS, is not necessarily conversant & productive on other platforms such as GCP. This implies larger teams, and greater collaborations among them to rollout of security processes
  • Identity/IAM policy management is a complex issue that SMB can address with a handful of operators, and operational knowledge is specific to public cloud vendor
  • Monitoring and logging may be enabled, but no one is detecting & monitoring what entities are doing
  • No one is monitoring how those entities are deploying policy access controls to take advantage of resources. An automated monitoring system is the need of the hour. Furthermore, such automated monitoring systems must be hooked to specific trigger events to be effective
  • Lateral Movement Detection is not trivial to detect without understanding dependencies and employing potential contexts of what access may lead to
  • Attack techniques have become sophisticated thanks to much automation, and deployment of AI tools
  • Highly automated techniques traverse deep through decision trees to exploit unknown or unrecognized configurations that result in blindspots