Cloud Security Posture Management and RedSeal

Pilots know that to fly safely means keeping track of the weather. They track storm fronts because that is where the turbulence is. Pilots lose their wings if they fly blindly into the air.

Gaps in your security posture are where the cyber storm fronts are. The cyber storm is both on-prem and in the cloud. To do your job correctly, you need to get an accurate forecast today of the cyber weather.

The rush to move assets into the cloud has created all sorts of new stormy weather to contend with.

Pilots and Weather

A nationally recognized financial institution, a large well-resourced company, did not check the security gaps and was caught off guard when Paige Thompson, former AWS software engineer, exploited a misconfigured web application firewall to access one of their servers. That server contained 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers, and an undisclosed number of customers’ personal information. Thompson then attempted to share access to the information with others online, per CNN.

Had the organization’s cyber team acted like safety-conscious pilots and checked the weather first, they would have noticed the misconfigurations before someone on the outside did.

So, what is the cyber equivalent of checking the weather?

Cloud Security Posture Management

Cloud security posture management (CSPM) automates the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS).

Without CSPM, developers can create any number of instances in the cloud, and deploy them, with little oversight.

According to Threatpost, the team at Imperva created an internal compute instance that was misconfigured and publicly accessible. Worse, it had an AWS API key that enabled attackers to access a database snapshot and exfiltrate customer information.

It was reported that security researchers found MongoDB database, run by a vendor, that was left unprotected on a cloud server and contained 2.8 million CenturyLink data records belonging to several hundred thousand of the tech company’s customers.

Why? Most companies have a lack of central control and value speed over security.

If large companies like these are messing up the necessary security configurations in their cloud services, then medium and small sized firms are unquestionably doing the same thing, given their lack of resources.

How is the RedSeal Approach to CSPM Different?

The thing is, most enterprise networks are hybrid, spanning both public and private cloud environments along with physical network infrastructure. While you may have security tools for each environment, you probably cannot see how your whole network is woven together.

RedSeal’s cloud security solution is the only product that brings complex hybrid multi-cloud networks into one unified model. You’ll be able to understand all your network environments in one dynamic visualization, where your high-value assets are, and all the ways they are vulnerable to attack.

RedSeal shows you all possible network access — across, within and between public cloud, private cloud and physical network environments — whether the access is intended or not.

RedSeal allows SMBs to compete and defend themselves and overcome their lack of experience. The responsibility for security is different on different platforms, and smaller companies automatically assume that it has been taken care of, when it’s not. Moreover, different providers use different terminology for the same services.

You are only milliseconds away from the bad guy.

Pilots are grounded when they fly willy-nilly into a dangerous storm, if they are lucky enough to still be alive. Gaps in your security posture are the cyber storms you have to contend with and plan for. These storms are both on-prem and in the cloud. Today’s accurate forecast of the cyber weather comes from RedSeal.

Happy flying!

For more information, visit our page Understand Your Hybrid Multi-Cloud Network.