{"id":4987,"date":"2023-08-14T08:00:33","date_gmt":"2023-08-14T12:00:33","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=4987"},"modified":"2023-08-21T09:58:17","modified_gmt":"2023-08-21T13:58:17","slug":"only-up-building-secops-in-the-cloud","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/","title":{"rendered":"Only Up: Building SecOps in the Cloud"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4988\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg\" alt=\"SecOps\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud-768x384.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p><em><strong>Solutions Review\u2019s\u00a0<a class=\"fui-Link ___1idfs5o f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh ftqa4ok f2hkw1w fhgqx19 f1olyrje f1p93eir f1h8hb77 f1x7u7e9 f10aw75t fsle3fq f17ae5zn\" title=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" href=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Link Contributed Content Series\"><u>Contributed Content Series<\/u><\/a> is a collection of contributed articles written by thought leaders in enterprise software categories.\u00a0 Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up&#8211; into the cloud.<\/strong><\/em><\/p>\n<p>SecOps in 2023 is a lot like IT was in 2003&#8211; cumbersome. However, just as Amazon transformed IT with AWS and EC2 to enable flexible and scalable services, there is the potential to transform SecOps with a cloud platform, which could also enable efficient and cost-effective services.<\/p>\n<p>SecOps has been bound by multiple-point solutions and tied down by multi-year contracts. Even worse, many of these solutions lack any sort of meaningful customization or require a second layer of solutions just to manage the first. However, just as the cloud-enabled economies of scale, easy configuration, and integration via APIs, SecOps now has the opportunity to embrace the same transformation.<\/p>\n<p>There are multiple operating systems, an endless spectrum of applications and services, databases, developers, devices, and different users. Security teams frequently have to stitch together integrations between intractable black-box solutions and open-source tools. SecOps has become a burden and the cloud could lighten the load.<\/p>\n<br \/>Widget not in any sidebars<br \/>\n<h2><strong>Only Up: Building SecOps in the Cloud<\/strong><\/h2>\n<hr \/>\n<h3><strong>Fundamental Building Blocks<\/strong><\/h3>\n<p>IT primitives are the basic building blocks that establish a foundation for other systems and services. Cloud primitives include features such as VMs, databases, containers, and load balancers.<\/p>\n<p>SecOps primitives for the cloud serve the same purpose as IT primitives for the cloud. They provide the key capabilities, not as a collection of random tools, but as a set of solutions designed to interoperate in an agnostic way. A SecOps cloud that provides the appropriate primitives eliminates the need to purchase point solutions, which can be translated into cost savings for the platform. Likewise, a SecOps cloud that prioritizes ease of integration between solutions eliminates the need to develop piecemeal integrations, enabling greater efficiency and flexibility.<\/p>\n<p>At a minimum, for the core value from a SecOps Cloud Platform to be realized, the following capabilities should be present<\/p>\n<ul>\n<li><strong>Multi-tenancy:<\/strong> Multi-tenancy utilizes common infrastructure to enable enhanced efficiency. Each tenant\u2019s resources, such as compute instances, are isolated and their data is segregated and encrypted to ensure security.<\/li>\n<li><strong>Entity-based telemetry ingestion and retention:<\/strong> Telemetry data provides the foundation for entity-level visibility, threat detection, incident investigation, compliance monitoring, and scalability. Entity-based means that storage and ingestion comes from first-class origin, not generalized logs.<\/li>\n<li><strong>Automation:<\/strong> By enabling real-time event triggers, rapid incident response, proactive threat hunting, security policy enforcement, automation of routine tasks, incident remediation, and adaptive security measures, automation based on telemetry becomes a crucial cloud primitive.<\/li>\n<li><strong>Forwarding:<\/strong> Forwarding telemetry data to any destination as a first-class concept provides organizations with the flexibility, interoperability, and customization needed to integrate with a wide range of security tools and systems. It enables centralized visibility, extensibility, and compliance, empowering organizations to build a robust and tailored security operations environment.<\/li>\n<li><strong>Agency:<\/strong> Generalized agency mechanisms enable not-yet-known actions against not-yet-known threats in real-time on other environments, such as cloud services and endpoints, enabling organizations to continuously adapt and respond to the evolving threat landscape.<\/li>\n<li><strong>Extendibility:<\/strong> APIs facilitate automation and integration with security tools, customization, extensibility, orchestrated workflows, ecosystem collaboration, developer enablement, and scalability.<\/li>\n<\/ul>\n<p>Moving SecOps to the cloud offers the same benefits as the public cloud, simplifying the procurement, deployment, and integration of best-of-breed cybersecurity solutions, tailored to each organization\u2019s specific needs through generic capabilities. Powerful new systems can be put into place at the speed of cloud, and at scale.<\/p>\n<h3><strong>Enabling Innovation<\/strong><\/h3>\n<p>The SecOps cloud is fundamentally open through APIs, documentation, interoperability, affordability, and multi-tenancy. This creates a neutral space for all cybersecurity professionals, whether they are enterprise users, service providers, or security vendors. Think of the SecOps cloud as a fabric, a sandbox for innovation, or a vehicle to disseminate data and insights into other systems in cost-effective ways. This enables enterprise users to have the right solutions for their specific needs, seamlessly integrated into their environment for a fraction of the cost and complexity of integrating multiple vendors.<\/p>\n<p>For service providers (e.g., MSSPs), the SecOps Cloud offers a reliable, scalable way of building services without specific vendor lock-ins, long commitments, or high costs. Onboarding a new customer (i.e., tenant) is just an API call away&#8211; regardless of their existing security stack. Likewise, security vendors can prototype new products and bring them to market faster than ever before since they do not need to reinvent existing technologies and components every time.<\/p>\n<p>One-size-fits-all security solutions lack the flexibility to address the complexities of modern networks and evolving threats, leaving organizations with a collection of fragmented tools. The public cloud has transformed IT systems&#8211; now it is time to put the SecOps cloud to work for the cybersecurity community.<\/p>\n<p>This is the future of security operations.<\/p>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>Solutions Review\u2019s\u00a0Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories.\u00a0 Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up&#8211; into the cloud. SecOps in 2023 is a lot like IT was in 2003&#8211; cumbersome. However, just as Amazon transformed IT [&hellip;]<\/p>\n","protected":false},"author":823,"featured_media":4988,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Only Up: Building SecOps in the Cloud<\/title>\n<meta name=\"description\" content=\"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Only Up: Building SecOps in the Cloud\" \/>\n<meta property=\"og:description\" content=\"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-14T12:00:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-21T13:58:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Maxime Lamothe-Brassard\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Maxime Lamothe-Brassard\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/\",\"name\":\"Only Up: Building SecOps in the Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg\",\"datePublished\":\"2023-08-14T12:00:33+00:00\",\"dateModified\":\"2023-08-21T13:58:17+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d804d210d6bf2f26a346b1e24c27f45\"},\"description\":\"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg\",\"width\":800,\"height\":400,\"caption\":\"SecOps\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Only Up: Building SecOps in the Cloud\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d804d210d6bf2f26a346b1e24c27f45\",\"name\":\"Maxime Lamothe-Brassard\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/bef7c945687d219f689f30688534cb62?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/bef7c945687d219f689f30688534cb62?s=96&d=mm&r=g\",\"caption\":\"Maxime Lamothe-Brassard\"},\"description\":\"As part of the Canadian Intelligence apparatus, Maxime previously worked in positions ranging from the development of cyber defense technologies, counter computer network exploitation (CCNE), and Counterintelligence. Maxime led the creation of an advanced cybersecurity program for the Canadian government and received several Director\u2019s awards for his service. After leaving the government, Maxime provided direct help to private and public organizations in matters of cyber defense and worked for CrowdStrike, Google, and Google X. Maxime left Google X - where he was a founding member of Chronicle Security - in 2018 to co-found LimaCharlie.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/maxlb\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Only Up: Building SecOps in the Cloud","description":"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/","og_locale":"en_US","og_type":"article","og_title":"Only Up: Building SecOps in the Cloud","og_description":"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2023-08-14T12:00:33+00:00","article_modified_time":"2023-08-21T13:58:17+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg","type":"image\/jpeg"}],"author":"Maxime Lamothe-Brassard","twitter_misc":{"Written by":"Maxime Lamothe-Brassard","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/","name":"Only Up: Building SecOps in the Cloud","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg","datePublished":"2023-08-14T12:00:33+00:00","dateModified":"2023-08-21T13:58:17+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d804d210d6bf2f26a346b1e24c27f45"},"description":"Maxime Lamothe-Brassard of LimaCharlie says the only place left for SecOps development to go is up-- into the cloud.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/08\/Only-Up-Building-SecOps-in-the-Cloud.jpg","width":800,"height":400,"caption":"SecOps"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/only-up-building-secops-in-the-cloud\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Only Up: Building SecOps in the Cloud"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d804d210d6bf2f26a346b1e24c27f45","name":"Maxime Lamothe-Brassard","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/bef7c945687d219f689f30688534cb62?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/bef7c945687d219f689f30688534cb62?s=96&d=mm&r=g","caption":"Maxime Lamothe-Brassard"},"description":"As part of the Canadian Intelligence apparatus, Maxime previously worked in positions ranging from the development of cyber defense technologies, counter computer network exploitation (CCNE), and Counterintelligence. Maxime led the creation of an advanced cybersecurity program for the Canadian government and received several Director\u2019s awards for his service. After leaving the government, Maxime provided direct help to private and public organizations in matters of cyber defense and worked for CrowdStrike, Google, and Google X. Maxime left Google X - where he was a founding member of Chronicle Security - in 2018 to co-found LimaCharlie.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/maxlb\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/4987"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/823"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=4987"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/4987\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/4988"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=4987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=4987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=4987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}