Sep 21, 2022
Here at Orca Security, as part of being the pioneer and continued leading innovator of agentless cloud security, we’re proud of the vastness and quality of our resources on cloud security topics. From on-demand webinars and case studies, to eBooks on topics like Cloud Detection and Response and Shift Left security, the 2022 State of Public Cloud Security Report, to sharing analyst reports from Gartner and others.
Like orcas, we swim fast and we dive deep. Yet to be honest, sometimes I still feel like I need a refresh on the “How did we get here?” question. Cloud application development and related security risks are evolving at such a breathtaking pace that I feel like a wider, bird’s-eye view is needed. Or, at least, maybe an orca’s sonar understanding.
We’re very excited to have partnered with Wiley on the recently published eBook, Agentless Cloud Security For Dummies. Written by Lawrence Miller, a veteran Security Architect, the book details how agentless cloud security is an innovative approach that accelerates deployment, provides deep visibility into cloud workloads and configurations, covers all cloud assets, delivers prioritized alerts, and helps you meet compliance mandates. We think it will be a valuable read, even for seasoned security practitioners.
Trust me, I know you’re not a dummy (Me? That’s a different story). I am confident though that this is a page-turner, and sure to win numerous literary awards. Well I’ll leave that up to you to decide.
Let’s talk about what’s in the book.
This chapter explores several important security challenges that practically every organization operating in the cloud today must address. It also delves into the evolution of cloud security tools so you can understand their capabilities and limitations.
A multi-faceted look at some of the risks in cloud environments—misconfigurations, malware, data at risk, overprivileged identities, lateral movement—and some of the security capabilities organizations need to protect their cloud resources.
This chapter covers the evolution of cloud security tools and their strengths and limitations: cloud security posture management (CSPM), cloud workload protection platforms (CWPP), and cloud infrastructure entitlement management (CIEM). It then details how agentless cloud-native application protection platforms (CNAPP) bring unique and tangible benefits.
What should be your main considerations when evaluating agentless cloud security solutions? This final chapter spills the beans.
Within the eBook, there are valuable statistics, graphs, and diagrams to further explain the subject matter.
The release of the eBook is timely, as despite further investments in both cloud computing and cyber security solutions, risks due to human error, lack of patching, and lack of visibility remain widespread.
In the just released 2022 State of Public Cloud Security Report, the Orca research pod analyzed data captured from billions of cloud assets on AWS, Azure and Google Cloud. What they found was worrying, and in need of attention from security, DevOps, and compliance teams. Among the findings:
So there are clearly wide gaps between the ideal cloud security best practices and the current reality. The report provides recommendations on what actions organizations can take to reduce their attack surface and improve cloud security postures.
To identify, prioritize, and remediate these risks, an effective cloud security platform is needed.
But an agent-based approach only complicates things, for a variety of reasons:
The eBook therefore recommends an agentless approach to cloud security. In addition to avoiding all the drawbacks listed above, agentless solutions offer faster and easier deployments that adapt much more easily as your cloud estate evolves, covering any new assets without requiring any updates or manual configuration. They also provide 100% coverage of assets (including those that run older and customer operating systems), reduced organizational friction, and lower operational costs.
As Gartner advises, “Cloud-native workloads are usually ephemeral, and traditional stand-alone protection that requires agent deployment will be operationally challenging.” (subscription required).
We fully agree.