In part one of our four-part series on security in the cloud, we discussed the AWS shared responsibility model and what you need to know to minimize vulnerabilities. In part two of this series, we’ll discuss how to detect, prioritize, and remediate vulnerabilities that you find in your cloud environment.
Filling the gaps of the shared responsibility model
If you use a cloud provider like AWS, you know there are some security features you can access for free, such as AWS Security Hub, AWS Identity & Access Management, and AWS Firewall Manager. Unfortunately, as we covered in part one of this series, that’s not enough coverage for what many organizations need in today’s cloud environments, especially considering the fact that cloud providers can only protect the core infrastructure. That means you are responsible for what you put on that infrastructure, such as EC2 instances and virtual machines.
Too often we hear of companies that leave EC2 instances open for months with critical vulnerabilities that put their entire company risk, thinking that AWS would find them. But that’s not their job—it’s actually yours. This is where vulnerability risk management comes in. To be clear, vulnerability risk management is not a security feature offered by cloud providers. It lies solely on users (you). Unfortunately, many companies don’t recognize this and don’t implement a vulnerability management program, only to find out after an attack.
Vulnerability management solutions like InsightVM ensure you are fully protected by identify prioritize remediate vulnerabilities cloud
