Guest blog by David Spark, Spark Media Solutions
“A lot of the same security vulnerabilities and a lot of the same risks exist in the cloud, they just exist in a different form,” explained Trevor Hawthorn (@packetwerks), CTO, Wombat Security Technologies, in our conversation at the Black Hat USA 2016 conference in Las Vegas.
For example, credential misuse has been around forever, but it has a new impact when it’s happening in AWS, said Hawthorn. Such a compromise to your API keys in a cloud environment could literally bring down your entire infrastructure.
Then there are the challenges of discovering security problems for a server instance that no longer exists. Can you go back in time and try to figure out what happened, asked Hawthorn.
Get telemetry data from the DevOps folks
The cloud either amplifies, or adds new layers to old security problems. One way to combat these issues is manage security at the code level by integrated it into the development process. Hawthorn spoke about some of the challenges.
The first step is around visibility, which has been an ongoing concern of cloud users. First step, suggests Hawthorn, is to make sure the development team is logging what you need and getting those logs to your security group.
Second, is to make sure security controls, such as integrating third-party vendor products, are being built in during the development process.
“Make the adoption of the security controls in the DevOps flow as frictionless as possible,” said Hawthorn.
Security within a cloud environment
On this issue, Hawthorn bangs the drum again on visibility. Luckily many cloud providers allow users to log traffic. You can see where the data flows within your network and within applications. This provides additional insight as to how your applications are working.
The Cloud Amplifies Old Security Problems – Black Hat 2016 from CloudPassage on Vimeo.