Stop me if you’ve heard this before. The scale, speed and complexity of cloud environments — particularly when you introduce containers and microservices — has made the lives of security professionals immensely harder. While it may seem trite, the reason we keep hearing this refrain is because, unfortunately, it’s true. In case you missed it, we discussed how cloud adoption creates a rapidly expanding attack surface in our last post.
One could argue that no subgroup of security professionals is feeling this pain more than the VM team. From elevated expectations, processes, and tooling to pressured budgets, the scale and complexity has made identifying and addressing vulnerabilities in cloud applications and the infrastructure that supports them a seemingly impossible task. During a recent webinar, Rapid7’s Cindy Stanton (SVP, Product and Customer Marketing) and Peter Scott (VP, Product Marketing) dove into this very subject.
Cindy starts off this section by unpacking why modern cloud environments require a fundamentally different approach to implementing and executing a vulnerability management program. The highly ephemeral nature of cloud resources with upwards of 20% of your infrastructure being spun down and replaced on a daily basis makes maintaining continuous and real-time visibility non-negotiable. Teams are also being tasked with managing exponentially larger environments, often consisting of 10s of thousands of instances at any given moment.
To make matters worse, it doesn’t stop at the technical hurdles. Cindy breaks down how ownership of resources and responsibilities related to addressing vulnerabilities once they’re identified has shifted. With traditional approaches it was typical to have a centralized group (typically IT) that owned and was ultimately responsible for the integrity of all resources. Tod ..
Support the originator by clicking the read the rest link below.
