Cloud Security tools : CASB, CWPP & CSPM, & Use Cases
The three different cloud security tools which will cover almost every threat in cloud security are CASB, CWP and CSPM. Let’s see these tools and the use cases & also explain “for cloud security to success at scale, why do you need to use automation “
Cloud Security is a suite of services to help companies in their digital transformation / cloud adoption process to achieve their security goals in public/hybrid cloud environments (IaaS, PaaS and SaaS). This suite includes the following services:
- Cloud Access Security Broker (CASB)
- Cloud Security Posture Management (CSPM)
- Cloud Workload Protection Platform (CWPP)
So, what is CASB Platform?
CASBs are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. For Example, security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.
Visibility: Involves cloud identification, risk assessment, audit trails for forensic investigation, and e-discovery.
Data protection: DLP, governance and risk base access control, Data encryption& key management/Tokenization/DRM, MDM etc.
Threat protection: Protect clouds from malicious insiders, compromised accounts, advanced persistent threats (APTs), attacks on (APIs), malware, ransomware etc.
Compliance: Policies for Data protection, data sovereignty (data residency) & global regulations)
CWP PLATFORM: The market for Cloud Workload Protection Platforms CWPPs is defined by workload-centric security protection solutions, which are typically agent-based. They address the unique requirements of server workload protection in modern hybrid data centre architectures that span on-premises, physical, and virtual machines (VMs), and multiple public cloud infrastructure as a service (IaaS) environment. Ideally, they also support container-based application architectures.
In other words, CWP provides a cloud-based security solution that protects instances on AWS, Microsoft Azure, and Google Cloud Platform (GCP) & others cloud vendors.
CWP MAJOR USE CASES:
System hardening, Vulnerability management, Network firewalling, Micro-segmentation, System integrity monitoring, and Application whitelisting. Anti-malware scanning, Exploit prevention/memory protection, Server workload EDR, behavioural monitoring. Etc.
What is CSPM?
Cloud Security Posture Management (CSPM) tools are fundamental to cloud security. “CSP concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack”. CSPM typically involves leveraging API integrations with one or more cloud providers in order to automatically discover cloud assets and their associated risks. Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively identify and remediate these risks.
CSPM solutions commonly used for :
- It Identifies risky configuration settings and providing visibility into the current security posture of your cloud environment.
- Recognizes and logs changes in configuration and who made them, helping to identify accidental, inappropriate or malicious changes
- Maintains and provides a path to compliance for security frameworks such as CIS, NIST, HIPAA/HITECH, PCI DSS, and CSF.
- Inventories all cloud assets across IaaS, PaaS or SaaS, and alerts when new items are added, who added them, and if they are secure and compliant, Etc.
CLOUD VISIBILITY & CLOUD SECURITY TOOL GROUPS
Above image explains that if your organization is putting sensitive data in SaaS, deploy a CASB. If your organization is processing sensitive data in IaaS, deploy both CSPM to assess your cloud configuration and extend your Workload Protection to the cloud with CWPP. (Image source Gartner)
For cloud security to success at scale you need to use automation. Cloud automation ensures that human error during the set-up stage doesn’t leave your application or data vulnerable to attack. Automated monitoring is the only realistic way to ensure that your application stays as secure as possible at all times and that security vulnerabilities aren’t introduced. And also, continuous security and compliance is only possible with automation tools to ensure across-the-board access management and to monitor and dynamically fix security vulnerabilities in real time. In addition, it allows your IT team to use their time to work on the types of projects that can’t be automated—like developing security strategy.
It is always recommended that implementation of cloud security processes should be a joint responsibility between the business owner and solution provider.
Cloud Security tools : CASB, CWPP & CSPM, & Use Cases The three different cloud security tools which will cover almost every threat in cloud
SOAR TECHNOLOGY: Explained, Important capabilities, SOAR VS SIEM, Key use cases SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs
Why (CPSM) Cloud Security Posture Management solution is recommended for risk management leaders? While Leading cloud providers such as Amazon Web Services (AWS), Microsoft Azure,
What is Cloud security ? Critical Cloud Security Challenges : Its solution: Explained What is Cloud security ? Cloud security, also known as cloud computing
Building Cloud Security Excellence We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get
DevSecOps – Communication Breakdown It’s so apropos because better communication could help avoid the majority of problems — at work and in life. Alas, a