![Machine Identities and Cloud Native Security [News Digest 1] - cover graphic](/_next/image/?url=https%3A%2F%2Fcdn.venafi.com%2F994513b8-133f-0003-9fb3-9cbe4b61ffeb%2Fbe7545d3-ab60-451b-8ffe-d07f6b187b8f%2Fshutterstock_544308436.jpg%3Fw%3D864%26h%3D370%26fm%3Dwebp%26q%3D75%26fit%3Dcrop&w=3840&q=75&dpl=dpl_3EAuLccmwaq4KZ9GcZftJq5NbwLA){kind=small}
The widescale adoption and deployment of Kubernetes has decimated the perimeter, and thousands of microservices are now spread across multiple heterogenous platforms. This intense shift has made machine identity the new foundation of security.
Moreover, migrating from the datacenter to modern, cloud-native environments has resulted in staggering levels of complexity in managing machine identities. So, it’s more important than ever to keep abreast of cloud native security and how it’s evolving to maximize protection for machine identities. Here are the cloud native security stories that caught our eye this week.
Your Cloud Can Be Deleted At Any Moment
“Everything in the cloud has an Identity.” But traditional teams tend to focus more on identities for users and groups. But this paradigm doesn’t really hold up for the cloud and can result in “outdated identity governance models, that they fail to understand that the biggest risk lies elsewhere: machine identities.” Specifically, we’re talking about machine identities like AWS Roles, Azure Service Principles, GCP Service Accounts.
According to Eric Kedrosky at Sonrai Security, “I consistently see organizations that are barely aware of, let alone tracking the Identities in their cloud. More specifically, they are failing to manage their machine identities, from understanding how they work, to where they exist in their cloud and finally, how they are being used. This an alarming thought as it is these types of Identities putting your cloud at risk.”
Does this sound familiar? See what this could mean for your risk profile. Read the full story here.
Can Cloud Native Guardrails Help Your Development Team Deliver?
Research has shown that container misconfigurations are one of the top security issues for Kubernetes deployments. That problem can be resolved through guardrails that make policy enforcement automatic. While this approach does require a fair amount of planning and execution, it will prevent an even greater amount of security hygiene and clean up later in the game. But you’ll need to tailor your approach to meet the needs of your development team.
Traditional approaches to governance can be overly restrictive in a way that can slow development teams down. But that just doesn’t fly in cloud native environments. Platform engineers and developers are not likely to adopt governance models that have the potential of slowing down deliver in fast-paced development and delivery environments.
Danielle Cook at Fairwinds asks, ““What if cloud native governance actually worked more like the guardrails we have on curvy mountain roads. You may never need them, but they’re right there to stop you from hurtling off the cliff — or in software development, deploying code with security vulnerabilities and misconfigurations, compliance violations, and likely to result in excessive cloud costs.”
How developer-friendly are your governance efforts? Read the full story here.
90% of Organizations Cannot Detect, Contain and Resolve Cyberthreats Within an Hour
In a research report released this month, Palo Alto Networks found that cloud use is likely to expand their use of the cloud by about 25%. But the research also uncovered the startling fact that despite their increased reliance on the cloud, 90% cannot detect, contain and resolve cyber threats within an hour.
According to Palo Alto Networks, “Bad actors are working just as fast as developers to take advantage of organizations' vulnerabilities. What could go wrong often does go wrong and any cloud asset that is inadvertently exposed to the internet can be compromised within minutes. Detecting threats in real-time represents the new frontier of cloud security.”
How quickly can you detect and respond to security threats in the cloud? See report findings here.
Cover every cluster with ease and efficiency.
Related posts
- Simplify Cloud Native Machine Identity Management with TLS Protect for Kubernetes
- Container Security and Cloud Native Best Practices
- The Importance of Ecosystem for Cloud Native Solutions
- Cloud Native Machine Identity Management for Zero Trust