Threat Intelligence

1/18/2019
09:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

8 Tips for Monitoring Cloud Security

Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
Previous
1 of 9
Next

(Image: Gorodenkoff - stock.adobe.com)

(Image: Gorodenkoff stock.adobe.com)

If your company struggles with visibility into cloud security metrics, it's not alone. Cloud security is fundamentally different from on-prem security and requires different practices as companies move applications, services, and data to this new environment. 
 
You can no longer view security as a "fence around everything," says Chris Ford, vice president of product management at Threat Stack. "In this new world of highly changing infrastructure, you need visibility into all the different areas of infrastructure where you can detect risk and begin to put security posture in place. "This all depends on your ability to observe behaviors."

When it comes to today's cloud security practices, companies are in "reactive mode," says Balaji Parimi, CEO of CloudKnox. They're focused on protecting their cloud environments by using tools that provide visibility into anomalous activity and then responding to it, he explains.

"While there is some merit to these 'reactive' tools, companies must prioritize pre-emptive measures in order to prevent catastrophic scenarios," Parimi says. He advises they evaluate tools that will help prevent, or at least minimize, risks linked to poorly provisioned identities.

Watching for overprovisioned or incorrectly provisioned identities is one of the ways companies can improve security monitoring in the cloud. Here, experts share their best practices for how to approach cloud security monitoring and what to watch for in their cloud environments.

Feel free to share your own in the comments. 

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
gif-washco
50%
50%
gif-washco,
User Rank: Apprentice
1/18/2019 | 10:37:22 AM
Oopsy: IaaS is "Infrastructure as a Service"
There is a reference in this article (page 3) on IaaS as "Internet as a Service". It is really "Infastructure as a Service".
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469
PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146
PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727
PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.