Workload and code have become the nucleus of all deployments regardless of whether they are in the cloud or not. Traditional security monitoring like Network IDS does not translate to these workload-centric modern architectures, especially as the rate of change in the environment increases with automated continuous deployment and infrastructure-as-code.
Meanwhile, the Security and DevOps communities find it difficult to collaborate, instead of empowering. Yet their roles increasingly overlap as they share the responsibility of security and compliance. This is increasingly frustrating to organizations — it appears that they cannot have both, which is unacceptable to them as security and technology platforms become more frequent boardroom topics.
The problem is that security has been left behind. Too often security has been viewed as a gating checklist instead of a symbiotic component of system-building. As such, the pendulum swung completely to a Trust model without any Verify. For example, while you cannot lock your developers out of production any longer, as they will build a better system if they are forced to run it, that does not mean that developers require unrestricted administrative access to customer data without approval.
It is time to center the pendulum between Trust and Verify, and the most logical place to gain this visibility is the workload. It is ubiquitous across cloud, hybrid cloud, and on-premises deployments, which means it doesn’t matter who owns the infrastructure. The system’s security posture has already been described through configuration management and role-based architectures. Immutable infrastructure, containers, and blue-green deployments make visibility and security easier to implement, not harder.
When done, here are some questions workload visibility can answer for you:
As the chief technology officer at Threat Stack, Sam Bisbee is responsible for leading the company’s strategic technology road map for its continuous security monitoring service, purpose built for cloud environments. Sam brings highly relevant experience in distributed systems in public, private, and hybrid cloud environments as well as proven success scaling SaaS startups. Sam was most recently the CXO at Cloudant (acquired by IBM in February 2014), a leader in the database-as-a-service space, where he played a senior technical and product role.
©2015, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org