Native Cloud Security Analytics

April 22, 2020

Traditionally, managing risk for on-premise environments was done by putting sensitive information behind firewalls to protect and minimize risk of intrusion and data exfiltration. But today, nearly all organizations are moving towards a Hybrid Cloud. The Marriott data breach revealed in February 2020 leveraged legitimate insider credentials. The detection was more than a month after the breach occurred. However, malicious activities can happen accidentally by setting up the VMs and AWS resources to allow public access to any IP. According to Gartner, "through 2025, 99% of cloud security failures will be the customer's fault." Due to the shared responsibility model, most cloud providers require for use organizations can potentially increase the attack surface if not planning for security, compliance and risk mitigation as key pillars of migration and hybrid use.  

 

While the cloud providers have evolved their toolsets, but still fall short of organizing all the requisite information to detect anomaly and threats. Organizations are simultaneously attempting to use traditional, on-premise tools like SIEM, IAM, and CASB that also fall short of security and compliance objectives because there is no business context that filters past high-risk, low value alters. Not all risk is equal. There are numerous where traditional tools are incapable of injecting business logic, so high-value targets (resources and data with business and compliance relevance) are never prioritized.  

 

Data visualization has increasingly become a necessity of deciphering through complex relationships between a vast network and numerous access possibilities. Each cloud provider, with the intent of flexibility, has enabled numerous methods of securing resources. Accounts, Groups, Policies, Roles, and more recently, Active Directory accounts and groups are managed in silos. They typically require heavy scripting to gain visibility into who and what has access to your VMs, EC2, S3, Serverless and Container resources.

Tony Pai

Chief Operating Officer at Anomalix

Tony has a unique blend of technical and business skills to lead Anomalix’s day-to-day operations as well as ensure the successful delivery of professional services. Prior to Anomalix, Tony spent 14 years as an equities trader for various financial institutions, 12 years as an IT Security consultant and is a licensed attorney in the state of Illinois. Tony earned his bachelor’s degree in Economics from the University of Illinois at Urbana-Champaign and a JD from The John Marshall Law School.

View Linkedin