We are the Cloud Defenders. You may have heard of us if you’ve ever journeyed to the land of cloud native security – that’s where we live. Perhaps you’ve seen our fortress floating by from your own datacenter castle or marveled at our secure container ship on the Kubernetes Sea.
Since we pledged our fealty to the realm of cloud, many things have changed. Our developers are now able to move at previously unfathomable speeds. Their new architectures are robust, sparkling with splendor. However, our security and compliance brigades are in turmoil.
Our perimeter has become shrouded by a mysterious fog of ephemeral cloud resources, nearly undetectable by our security tools. Each tool was crafted for a special purpose, but none is equipped to vanquish the full scope of threats our kingdom faces. There is no way for us to take asset inventory or understand the scope of our risk when the fog is constantly changing like a shadow. Our developers sprint quickly forward, discovering stunning new possibilities, but often outpacing our security and compliance armies as they push the perimeter ever outward.
No matter how triumphant our applications, our kingdom will surely collapse on itself if we cannot unite our scattered cloud defenders into a secure army.
Our Mission: An Empire United by CNSP
King CISO has called upon us to unite our security functions under one flag. Our mission is to clarify our borders and offer continuous protection without stifling agility, integrating all our security functions under one cloud native security platform. Let us introduce ourselves, one by one:
SecOps
I investigate and report on security risks within our company. Ever since we began our voyage through the cloud, I have been consumed by security alerts that attack me like screeching bats. Relentlessly, they shriek and squawk, thousands of them begging for my immediate attention – but they are disparate, leaving me with no context which might help me prioritize them. I know there must be a way to bring order to this chaos and automatically prioritize alerts based on holistic security awareness. I just need to find out how.
Audit and Compliance
I’m responsible for maintaining compliance across all our clouds. As I traverse our mountain of cloud storage, taking asset inventory, I discover what seems to be an ever-changing landscape. Workloads and resources seem to appear at random – running, I try to map them to compliance policies. But I simply can’t keep up, and my current tools don’t scale to address the cloud. There has to be a way to continuously discover assets and monitor compliance in realtime. We just need to figure it out.
DevOps
The cloud has opened up a whole new world for me – and introduced new risks. I used to walk for months to the waterfall and back in order to push out new features, but now I can sprint through the Agile Trail, sprinkling bits of code into the CI/CD pipeline, producing new features as quickly as I can. However, I face what feels like a multi-headed hydra of demands. I’m moving so fast that the security team cannot always track me, but I can’t slow down when we’ve got customers to please and I’ve got KPIs to hit. There has to be a way to integrate security throughout the entire development lifecycle. We just need to figure out how.
NetSec
I oversee the collective security of the network and, now, the cloud. This new cloud realm presents one of the biggest challenges I’ve ever encountered. Sometimes I find myself traveling through an obscure storm of security breaches, manually configuring security groups as I discover them. But this is not sustainable. This storm appears to stretch far beyond the horizon, and the developers won’t slow down and wait for me. There has to be a better way.
Join Our Campaign
We are the Cloud Defenders. We are everyday heroes facing the challenges of this uncharted terrain in pursuit of growth and technological advancement – but we need the right tools to accomplish this quest.
Explore our full story in this interactive experience.
The post Join the Adventures of the Cloud Defenders appeared first on Palo Alto Networks Blog.
Article Link: http://feedproxy.google.com/~r/PaloAltoNetworks/~3/qONQRt5yXDU/