We’re in the midst of an ideological shift. As companies continue to move towards cloud-native software development and complex cloud infrastructure, they must stop thinking about security from a 2-dimensional perimeter-based perspective. The idea of a fenced property that funnels all traffic through select gates to control entry and exit is no longer viable.
In cloud-native environments, nothing is static — not even your infrastructure. Everything is becoming more dynamic, adaptive, and unpredictable. This shift has forced security teams to adapt and start thinking about their security tools and processes in three dimensions.
As the Customer Onboarding Manager at Threat Stack, I work with customers going through this ideological shift on a daily basis as they begin to deploy the Threat Stack Cloud Security Platform® and leverage the benefits of full stack security observability to gain the complete 3D image of their ecosystem.
Many of our customers are at the forefront of new cloud infrastructure and have recently introduced additional layers to their infrastructure stack, which in turn, increases their attack surface, introduces new potential risk, and requires more process automation — and increases the need to move from a 2D to a 3D approach to security.
Meanwhile, attackers are also adapting and evolving. You can see an example of this in a recent report from the Threat Stack Security Operations Center on a sophisticated cloud attack that clearly demonstrates the 3D aspects of modern, cloud-based threats. Think of it this way: Attackers can now parachute into your property from above, tunnel up from below, or find an overlooked hole in the fence. Once they’re inside, it’s extremely easy for them to move around if left unmonitored.
What this analogy is trying to convey is that attackers can now leverage new surfaces and processes throughout the entire software development lifecycle. Hopefully it has clarified the critical need to move away from the old school perimeter-based security monitoring approach and begin thinking in terms of full stack security observability and focusing on both the proactive and reactive aspects of security management.
Threat Stack is a perfect fit for this new 3D world of cloud-native security with our full stack security observability approach. Starting from the cloud-management console, up through the host, containers, orchestration tools, managed container services, and applications themselves, Threat Stack provides the full picture in a single, unified platform. With a complete understanding of their cloud environment, customers can easily adapt their mindset and start thinking about security in 3D.
With data coming into the Threat Stack Cloud Security Platform from every dimension of your cloud infrastructure, security teams can proactively reduce risk and respond to threats in real time. Even with all of this contextual data, I often work with customers that are struggling with extremely small security teams. For these customers, we add the Threat Stack Oversight℠ service to the mix in order to monitor for security incidents 24 hours a day, 7 days a week, 365 days a year (366 days this year!). And to help them on the proactive risk reduction aspect of modern security management, our Threat Stack Insight℠ service uses curated data analysis and a thorough understanding of the customer environment to proactively reduce risk on an ongoing basis.
To finish up the fence analogy, it’s sort of like if you took your fenced property and set up a sophisticated surveillance system, where there are sensors on the ground, motion detection technology, and video monitoring on an unprecedented scale and then added a full time team of people to monitor your security on your behalf. With this level of intrusion detection at play, parachuters and tunnelers don’t stand a chance.
If you’d like to learn more about Threat Stack’s Cloud Security Platform or the Threat Stack Oversight and Insight services, feel free to sign up for a demo. Our security and compliance experts will be happy to discuss your organization’s requirements.