Here at Orca Security, as part of being the pioneer and continued leading innovator of agentless cloud security, we’re proud of the vastness and quality of our resources on cloud security topics. From on-demand webinars and case studies, to eBooks on topics like Cloud Detection and Response and Shift Left security, the 2022 State of Public Cloud Security Report, to sharing analyst reports from Gartner and others.
Like orcas, we swim fast and we dive deep. Yet to be honest, sometimes I still feel like I need a refresh on the “How did we get here?” question. Cloud application development and related security risks are evolving at such a breathtaking pace that I feel like a wider, bird’s-eye view is needed. Or, at least, maybe an orca’s sonar understanding.
We’re very excited to have partnered with Wiley on the recently published eBook, Agentless Cloud Security For Dummies. Written by Lawrence Miller, a veteran Security Architect, the book details how agentless cloud security is an innovative approach that accelerates deployment, provides deep visibility into cloud workloads and configurations, covers all cloud assets, delivers prioritized alerts, and helps you meet compliance mandates. We think it will be a valuable read, even for seasoned security practitioners.
Trust me, I know you’re not a dummy (Me? That’s a different story). I am confident though that this is a page-turner, and sure to win numerous literary awards. Well I’ll leave that up to you to decide.
Let’s talk about what’s in the book.
What you’ll find in Agentless Cloud Security
1. Understanding the Need for Agentless Cloud Security
This chapter explores several important security challenges that practically every organization operating in the cloud today must address. It also delves into the evolution of cloud security tools so you can understand their capabilities and limitations.
2. Securing Cloud Environments and Applications
A multi-faceted look at some of the risks in cloud environments—misconfigurations, malware, data at risk, overprivileged identities, lateral movement—and some of the security capabilities organizations need to protect their cloud resources.
3. Looking at the Future of Cloud Security: CNAPP
This chapter covers the evolution of cloud security tools and their strengths and limitations: cloud security posture management (CSPM), cloud workload protection platforms (CWPP), and cloud infrastructure entitlement management (CIEM). It then details how agentless cloud-native application protection platforms (CNAPP) bring unique and tangible benefits.
4. Five Criteria for Evaluating Agentless Cloud Security
What should be your main considerations when evaluating agentless cloud security solutions? This final chapter spills the beans.
Within the eBook, there are valuable statistics, graphs, and diagrams to further explain the subject matter.
Current Cloud Security Challenges in 2022
The release of the eBook is timely, as despite further investments in both cloud computing and cyber security solutions, risks due to human error, lack of patching, and lack of visibility remain widespread.
In the just released 2022 State of Public Cloud Security Report, the Orca research pod analyzed data captured from billions of cloud assets on AWS, Azure and Google Cloud. What they found was worrying, and in need of attention from security, DevOps, and compliance teams. Among the findings:
- The average attack path only needs 3 steps to reach a crown jewel asset, which means an attacker only needs to find three connected and exploitable weaknesses in a cloud environment to exfiltrate data or hold an organization to ransom.
- 78% of identified attack paths use known vulnerabilities (CVEs) as an initial access attack vector, highlighting that organizations need to prioritize vulnerability patching even more.
- Many basic security measures such as Multi-Factor Authentication (MFA), least-privilege permissions, encryption, strong passwords, and port security are still not being applied consistently. For example, 42% granted administrative permissions to more than 50% of the organization’s users, 71% use the default service account in Google Cloud, and 7% have Internet-facing neglected assets (i.e. unsupported operating system or unpatched for 180+ days) with open ports 80, 443, 8080, 22, 3389 or 5900.
- Even though cloud-native services are easily spun up, they still require maintenance and proper configuration: 69% have at least one serverless function exposing secrets in the environment variable, 70% have a Kubernetes API server that is publicly accessible, and 16% of containers are in a neglected state (i.e. unsupported operating system or unpatched for 180+ days).
So there are clearly wide gaps between the ideal cloud security best practices and the current reality. The report provides recommendations on what actions organizations can take to reduce their attack surface and improve cloud security postures.
The problems with agent-based cloud security
To identify, prioritize, and remediate these risks, an effective cloud security platform is needed.
But an agent-based approach only complicates things, for a variety of reasons:
- Agent deployment and maintenance create a significant operational burden for IT and security teams.
- The partial deployment of agents results in serious blind spots, making it impossible to get an accurate view of your cloud security risk posture.
- Using agents — especially in critical production environments — can impact performance or even crash critical applications.
- Because they do not adhere to the principle of least privilege, agents put the organization at risk for supply chain attacks.
- Team dependencies for agent installation and maintenance creates organizational friction.
The eBook therefore recommends an agentless approach to cloud security. In addition to avoiding all the drawbacks listed above, agentless solutions offer faster and easier deployments that adapt much more easily as your cloud estate evolves, covering any new assets without requiring any updates or manual configuration. They also provide 100% coverage of assets (including those that run older and customer operating systems), reduced organizational friction, and lower operational costs.
As Gartner advises, “Cloud-native workloads are usually ephemeral, and traditional stand-alone protection that requires agent deployment will be operationally challenging.” (subscription required).
We fully agree.
Want more information on agentless cloud security?
- Download Agentless Cloud Security For Dummies.
- Register for the upcoming webinar, The Future Is Agentless: Cloud Security for Modern Environments, scheduled for Nov 08 2022, 11:00am EDT.