Get My Score

Blog

Control Your Cloud

Hybrid Solutions that natively work in the Cloud and On-Premise, equally well

This is the fourth blog in a series detailing workload best practices.

The first blog, 'Securing Modern Workloads', is available here

The second blog, 'Control Your Cloud', is available here

The third blog, 'Agility in Security', is available here

-------------------

As you are juggling between on-premise, cloud-first and cloud-only strategies?  Wouldn’t it be nice if you could just lift-and-shift your current security tools? Hybrid cloud security tools natively work in both environments equally well.

As you are embracing the digital transformation for your organization, you should evaluate your security tools and ensure they have these important criteria: 

  1. Mix and match the workload origin
  2. Product design and security controls
  3. Minimize operational complexity
  4. Pricing 

Let us look at these briefly.

Mix and match the workload origin for a Hybrid Cloud

Digital transformation to migrate workloads to the cloud may take anywhere between 6 months to 24 months. During this time, it is important for you to maintain the security posture of the current on-premise workloads and at the same time begin to look at the security posture of your migrated workloads. It would be great if you could continue to use the same tools that could offer you a monothematic view of both your on-premise and cloud workloads. Adopting new tools might take some time and may not produce composite reports combining your on-premise and cloud workloads.

For example, take this scenario. You have a web server farm with 10 on-premise Red Hat Linux servers. You begin to transition them in the cloud. Mid-way through the complete migration, you have 5 web servers on the cloud and 5 on-premises. Now suppose you need to have PCI security controls report at the OS level for your web farm. What do you do? A tool of your choice should continue to give you a comprehensive PCI security report at the web farm level irrespective of heterogeneity of the web farm composition. 

0
0
0
s2sdefault
Control Your Cloud

This is the third blog in a series detailing workload best practices.

The first blog, 'Securing Modern Workloads', is available here

The second blog, 'Control Your Cloud', is available here

-------------------

A lot is being talked and written about agile practices and how they are transforming various aspects of modern IT. Agility in security, a.k.a. SecDevOps or DevSecOps or SecOps or Security Orchestration or Security Automation, is getting called out as well.

Let’s see what we are doing in this space. 

  • Security Assessment of CloudFormation Deployments
  • Vulnerability and Compliance assessments for Docker Containers
  • API endpoints for integrating with backward-integration and forward-integration 

Security Assessment of CloudFormation Deployments

AWS CloudFormation is the cornerstone of IT stack deployments. You may leverage  AWS Quick Starts to build a secure and compliant cloud infrastructure. Quick starts, such as PCI Quick Start, come with a pre-built-in template that you may use to deploy a PCI compliant infrastructure. AWS lays out the Shared Security Responsibility Model for PCI.

0
0
0
s2sdefault
Continuous Security Assessment for Docker

Container security extends into all aspects of the container ecosystem, and not just to the well-known registries like Docker or those offered within the cloud service providers. Securing a container deployment may include best practices for companies supporting: the developer workspace, continuous integration, build automation, testing frameworks, release automation, and operations tools.

0
0
0
s2sdefault
Control Your Cloud

This is the second blog in a series detailing workload best practices.

The first blog, Securing Modern Workloads, is available here

The Cloud Security Alliance has done a phenomenal work in defining various cloud controls you should act upon or at least be aware of when determining your responsibility and choosing qualified vendors or training in-house personnel. One such work is a Cloud Controls Matrix that highlights the Shared Security Responsibility Model and provides architectural references.

0
0
0
s2sdefault
Securing Modern Workloads

This is the first blog in a series detailing workload best practices.

Per WikipediaA workload is the amount of work an individual has to do. There is a distinction between the actual amount of work and the individual's perception of the workload. Workload can also be classified as quantitative (the amount of work to be done) or qualitative (the difficulty of the work)”.

0
0
0
s2sdefault
Google Cloud Platform Partner

It’s the week of Google Cloud NEXT and, as a Google Cloud Technology Partner, we are glad to see our efforts to add Google Cloud Platform (GCP) into the Cavirin family of cloud security products succeed. The March 2017 release of Cavirin's platform will include support for continuous security assessment of workloads on GCP, and marks a major milestone in our company’s vision to be the provider of consistent security solution across workloads running on multiple cloud providers’ platforms.

0
0
0
s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.