The threat landscape continues to expand as both the frequency and the financial impact of cyber security incidents increase. As a result, traditional host-based security evolves to counter new attack vectors and types of infections. On rare occasions however, two separate, independently evolving technologies can come together in a way that benefits both – and so it is, with host-based intrusion detection systems (IDS) and the cloud.
Great applied technology typically needs enabling partner technology, and it will struggle to make headway until that partner appears. For decades, Intrusion Detection System (IDS) technology struggled to deliver efficient, high quality intrusion monitoring, and is only now experiencing success with the arrival of an unintentional enabling partner technology – cloud computing.
To truly appreciate why companies like Threat Stack point to the Cloud as a watershed event in their corner of the software industry, one must push past the hype and worn platitudes about “the Cloud with a capital C.” The reality is that it is the side effects that have caused such a large impact, like cost of operation as a function of scaled purchasing power and the forcing of software-only solutions.
This has certainly been felt in intrusion detection systems (IDS). They have traditionally been deployed as network hardware devices enabled by access to the network infrastructure, but are struggling to find relevance in a world where the traditional network boundary no longer exists.