As we near the end of our journey into cloud native tools, let’s take a look at visibility. In a previous post, I discussed how business entities need to understand their end of the Amazon Web Services (AWS) shared security model to uphold their cloud defense duties. This knowledge can help them safeguard their digital assets using native cloud security tools that leverage partnerships with other solutions providers. Part of that includes having visibility into what’s going on in the cloud. Let’s take a look at visibility. Why can it be a problem? What tools can help your team can gain better insight?
The Problem of Visibility
In the end, entities need to have visibility over their cloud environments if they are to defend themselves against emerging threats. But, insight into the cloud is more difficult than it sounds.
Attackers are taking advantage of apps hosted in the cloud, for instance. This type of attack accounted for 45% of incidents in which threat actors compromised cloud environments. Those behind these campaigns commonly misused known openings and misconfigurations.
So, what does this have to do with cloud native tools?
Up until 2020, cloud vulnerabilities remained outside the scope of known common vulnerabilities and exposures. There wasn’t much that entities could do to detect whatever openings were out there. Despite the cloud being in use more commonly now, detecting risks and misconfigurations remains difficult.
In part, this is because employees tend to go around official channels and set up apps that could be risky in the company cloud. This
Support the originator by clicking the read the rest link below.
