Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.

Kelly Sheridan, Former Senior Editor, Dark Reading

January 18, 2019

9 Slides

If your company struggles with visibility into cloud security metrics, it's not alone. Cloud security is fundamentally different from on-prem security and requires different practices as companies move applications, services, and data to this new environment. 

 

You can no longer view security as a "fence around everything," says Chris Ford, vice president of product management at Threat Stack. "In this new world of highly changing infrastructure, you need visibility into all the different areas of infrastructure where you can detect risk and begin to put security posture in place. "This all depends on your ability to observe behaviors."

When it comes to today's cloud security practices, companies are in "reactive mode," says Balaji Parimi, CEO of CloudKnox. They're focused on protecting their cloud environments by using tools that provide visibility into anomalous activity and then responding to it, he explains.

"While there is some merit to these 'reactive' tools, companies must prioritize pre-emptive measures in order to prevent catastrophic scenarios," Parimi says. He advises they evaluate tools that will help prevent, or at least minimize, risks linked to poorly provisioned identities.

Watching for overprovisioned or incorrectly provisioned identities is one of the ways companies can improve security monitoring in the cloud. Here, experts share their best practices for how to approach cloud security monitoring and what to watch for in their cloud environments.

Feel free to share your own in the comments. 

About the Author(s)

Kelly Sheridan

Former Senior Editor, Dark Reading

Kelly Sheridan was formerly a Staff Editor at Dark Reading, where she focused on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights