What an amazing coincidence! After all the UEBA / UBA excitement (that is, sadly, still ongoing….) and after my short threat hunting paper (out already!), we are about to revisit the cloud security topic.
In any case, we are going to modernize the paper a bit, given that cloud usage has grown and “mainstreamed” – and finally more people are actively seeking ways to secure stuff in the cloud.
Also, we want to refocus the paper more towards threat detection and response in the cloud, since security monitoring sounds a bit vague to some.
Now, some of you will see this and say “Ah, I know cloud threat detection – it is spelled C.A.S.B.” Well, you’d be wrong – while detecting threats to your SaaS usage is in fact largely about CASB, the situation across PaaS and IaaS is more complex [and, no, I don’t cover CASB, but we do mention them in the paper]. For IaaS, we now have another 4-letter acronym – CWPP (yes, really, it is called that!). How do you pronounce that?
Another central question for many [still] is: can you bring your legacy detection controls with you in the cloud AND should you? Will you have a good time if you do?
In any case, we will share more of our plans as they crystallize…
BTW, right after this quick foray into the cloud, we will go back into vulnerability management (that we have not touched since 2015). If you are a vulnerability assessment (VA) vendor or a vendor that deals with vulnerability assessment data, please schedule a briefing.
Related blog posts on cloud security:
- Cloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)
- My Cloud Security Monitoring Paper Publishes! (2012 – as are all the posts below)
- Cloud Security Monitoring: The “Who” Question
- Is Cloud Secure? WTFC!
- Cloud Security Monitoring: IaaS Conundrum
- Cloud Security Monitoring for IaaS, PaaS, SaaS
- More On Security Monitoring of Public Cloud Assets
- Cloud Security Monitoring!
- Cloud IS Different: So Monitoring Must Be Different?
- Many Faces of Application Security Monitoring
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.