> Evident.io > Cloud security is NOT self-Evident(.io)

Cloud security is NOT self-Evident(.io)

Published By: Evident.io
Published:  Nov 19, 2015
Length:  6 pages

Talking about how running infrastructure in the cloud is different from the traditional datacenter is practically a cliché now, but when discussing security in the cloud, it's unavoidable. Everywhere we look, people are talking about the challenge of being secure and compliant in the cloud. Truth be told, however, many classic security challenges are easier to address in the cloud. Visibility is better in the cloud. Want a list of assets? Ask the API. Want to reconfigure some firewall rules? Do it by asset label. Save a copy of a hard drive for forensic analysis? The command takes a few seconds, at most. These traditionally challenging use cases and a host more are easy to do with fully virtualized and elastic infrastructure.

This isn't to say that public cloud doesn't come without security issues and challenges. Evident.io is one vendor in a cloud security sub-segment that has recognized public cloud's Achilles heel: the management plane. Imagine the ability to create or destroy an entire datacenter with just the proper credentials, or a short script. What makes the cloud so valuable comes with some additional attack surfaces and vulnerabilities that must be addressed. The IaaS console is a big piece of where the differences between traditional and cloud infrastructure come into play.

Tagsevident, cloud security, security platforms, datacenter, firewalls, public cloud, api consumption