Thursday, March 8, 2018
Quick question: When it comes to staying ahead of security threats, which is most important; finding effective methods of monitoring cloud resources, guarding against the loss of sensitive data, or checking security configurations? That answer, of course, is all of the above.
Continuous monitoring in the cloud is vital for staying ahead of security concerns. Doing so effectively consists of two main elements. One is baseline monitoring, which can be accomplished by gathering and processing logs made via cloud service provider Application Programming Interfaces (APIs). The second is scanning within the cloud for vulnerabilities. Any scanning tools used in the cloud must integrate with the cloud provider APIs. This allows the scans to be quicker and more efficient because they are operating through account and API integration. They also allow simple methods for exporting results, which gives analysts more time to look at data and decide how to act on it.
In fact, according to a recent study, the typical organization is managing an average of 363 APIs within the network of their applications. These APIs become a liability that needs protecting because they are often open to the public in order to allow external developers access. This is smart business, but it also carries some pretty big risks. One way to protect against the loss of sensitive data is using a secure protocol. This encrypts the data from the sender before sending it so that it reaches the server and must be decrypted and processed there.
A good security program would also monitor your configurations so that there are no unauthorized users. Because APIs are essentially a contract, a well-designed API clearly lays out what controls are in place and what security credentials a developer must have in order to build an application that uses the API. For example, an API team using Aperture can add security controls on every interaction and turn what used to be looked at as a security risk into a way of sharing data and services with third parties, while maintaining a high level of control.
APIs, whether sending or pulling data from a database or pushing jobs into a queue, help users interact with the application in a more automated and efficient way. And as APIs continue to play a prominent role in cloud security, we must be prepared to take a good, hard look at the tools being used in order to ensure they are up to the job.
Digging more into the recent the new cloud capabilities of Palo Alto’s Next-Generation Security Platform, we see security services, such as Aperture, infused into the platform meant to provide continuous data security and compliance via cloud APIs. What this could ultimately lead to is the continuous monitoring of cloud resources to guard against the loss of sensitive data, and protect against security configurations.
Have some thoughts to share? We want to hear from you. Start a discussion below.
Check out these Fuel blogs for further reading: