{"id":4735,"date":"2022-09-27T15:55:56","date_gmt":"2022-09-27T19:55:56","guid":{"rendered":"https:\/\/solutionsreview.com\/network-monitoring\/?p=4735"},"modified":"2022-10-05T16:22:09","modified_gmt":"2022-10-05T20:22:09","slug":"dive-deeper-reconsidering-how-to-secure-cloud-infrastructure","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/network-monitoring\/dive-deeper-reconsidering-how-to-secure-cloud-infrastructure\/","title":{"rendered":"Dive Deeper: Reconsidering How to Secure Cloud Infrastructure"},"content":{"rendered":"

\"Cloud<\/p>\n

As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Josh Stella of Snyk<\/a> says it’s time to get in the bell and dive deeper into how we secure the cloud infrastructure.<\/strong><\/em><\/p>\n

\"SRVerizon recently released its 15th Annual Data Breach Investigations Report (DBIR), documenting another active year in the lives of cyber-criminals. The Verizon team put the state of cyber-crime into context, writing: \u201cFrom very well publicized critical infrastructure attacks to massive supply chain breaches, the financially motivated criminals and nefarious nation-state actors have rarely, if ever, come out swinging the way they did over the last 12 months.\u201d This should give a great many companies pause.<\/p>\n

Most organizations remain a step or more behind the \u201cbad guys\u201d despite their best attempts to thwart cyber intruders. Enterprises are bringing knives to a gunfight by applying old tools to a new threat landscape they have yet to grasp thoroughly. Because cloud attackers don\u2019t typically traverse traditional networks that can be monitored and addressed with familiar solutions, security teams are forced to navigate an unfamiliar and rapidly changing cloud environment\u2014 and are over-rotating on one area.<\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n

Beyond the Entry Point<\/strong><\/h3>\n

With the majority of new applications and developer workflows now in the cloud, most attackers don\u2019t have to work too hard to find an initial entry point into enterprise systems. They deploy automated technology to scan for any vulnerabilities in apps or infrastructure. In minutes, they can generate an array of options. While technologies to ensure security updates and proper cloud configurations are improving, they\u2019re still not enough\u2014 even when they\u2019re catching hundreds of misconfigurations a day. Sooner or later, someone will slip through and gain access to the cloud API control plane. This is an event for which companies are ill-prepared.<\/p>\n

In the cloud, developers use cloud provider APIs to build and manage their cloud environments, often programming these tasks using infrastructure as code (IaC) tools. They\u2019re defining and changing security-critical configurations in real-time, bringing a more significant risk of misconfiguration and, thus, vulnerabilities. In the wrong hands, the collection of APIs used to configure and operate the cloud is a potent and dangerous tool, and preventing this access must be a top priority for every cloud security team.<\/p>\n

Securing the Control Plane<\/strong><\/h3>\n

Here are the top steps teams should take to reduce risk at the control plane, where architecture is most vulnerable.<\/p>\n