Another great paper from my GTP colleague Anton has just been published, this one on security monitoring for public cloud environments. One of my favorite quotes from that paper is this one:
“It is useful to remember that traditional threats and vulnerabilities apply to cloud environments: malicious software, unsafe access credentials, poorly written software with security bugs, unsecure Web applications, privileged users going rogue, data theft by various parties (internal and external), and denial of service attacks.”
This fact affects not only the monitoring processes and requirements that Anton writes about on this paper; this also affects another “bread and butter” security process: Vulnerability Management. It doesn’t matter if something is running in the cloud or in your data center, if it is vulnerable it is a target and eventually will be attacked. If you need to stop and think how to extend your security monitoring processes to the cloud, you also have to think about how to extend your vulnerability management processes to those same resources. Cloud security is still security.
This question is one of the things I’m currently working on. More to come about that soon 🙂