Author: Keshav Kamble
Over the past few months, I have spoken withdozens of partners, customers, and security visionaries. Everyone believes that the data center and cloud security ecosystems are evolving rapidly. While everyone has a different opinion on how to approach their security issues, they all agree on one central point: If we can catch a threat, we can deal with it.
What companies need now are smart approaches to threat detection.
Unfortunately, current methods for threat interception are inadequate. They are too complicated, too analytical, and too slow and too often fail.
If intercepting threats is so critical, why don’t existing solutions do it better?
It’s clear that you can’t deal with something you don’t know exists. As a result, any viable solution must optimize on two variables:
2) The time it takes to intercept the threat
Cloud Security requires innovative approach to threat detection focused on getting these two variables right.
First step requires identifying the threat deterministically. Deterministic threat detectionalso means solving grey-area problems related to the growing number of false positives that security staffs deal waste resources dealingwith.
Second step involve, extraction ofthe right detail from the event to understand the threat and its source. There is a delicate balance here: too little detail about a threat means dealing with it poorly; too much means dealing with it too slowly. That is why we group threats efficiently and collect the right amount of information to trigger the right actions.
What comes after threat interception?
Next, keep the threat in suspension until the right action is identified. This has to be lightning fast. Clearlywithout fast suspension, applications are slowedand scalability is reduced.
Finally, isolate the threat using a granular approach. Current methods of preventing the lateral movement of threats inside the application eco-system are ineffective. Granular segmentation, on the other hand, does stop the lateral spread of threats and also protects the application and data systems.
So keep monitoring, interception, and mitigation in mind when you consider your application security. Look for a reliable threat identification and interception system that gives you greater control over how you mitigate your threats.
For more information, read the Forrester report on the New Wave of Security Technology.