What is Cloud Security Posture Management (CSPM)?

Cloud security posture management (CSPM) is the answer to the increasing requirements for organizations to address cloud security risks and misconfigured public cloud services. The service is used for risk assessment, visualization, incident responses, compliance, monitoring, and DevOps integration. Customers typically adopt CSPM services to detect misconfigured resources, identify risky and insecure activity across cloud applications and services, and provide visibility to help security administrators triage and resolve cloud security issues.

Why is CSPM critical?

There are thousands of settings that need to be configured and maintained when defining and sustaining a cloud environment. As cloud is seen at as today’s IT “normal,” the challenges of securing cloud-based systems can become increasingly more complex. Considering that data is one of the most important assets for any organization, it is important to safeguard data from any and all unauthorized access and misconfigurations. From a compliance perspective, data breaches, failed audits, and failure to comply with regulatory requirements continue to result in reputational damage, loss of brand equity, comprised intellectual property, and fines for noncompliance. Finally, credential abuse has led the list of most popular attack vectors for years but may be shortly supplanted by cloud deployment misconfigurations.

Common cloud deployment misconfigurations

There are many ways cloud deployments can be misconfigured, either at the initial setup or during the lifetime of the cloud deployment. Many configuration mistakes are made in development by even the most experienced application developers. Open storage buckets may facilitate application construction and collaboration in development with the intention of fixing the issue at deployment. It is simple to miss a setting or forget to change a configuration given the sophistication of today’s applications. Some of the common misconfigurations include:

  • Defining overly permissive security access policies
  • Providing open access to unencrypted storage buckets
  • Unsecured internet connectivity paths
  • Improperly configured virtualized network functions
  • Application-specific setting per each defined instance

Why is traditional, on-premises security insufficient in the cloud?

Traditional on-premises security includes firewalls, intrusion detection/prevention systems (IDS/IPS), and other perimeter security measures to protect data centers. While these measures provide some protection, today’s cloud must continue to adapt to changes as organizations continue to migrate applications, data, and workloads to the cloud. Some of those security challenges that come up in a cloud include:

  • Manual processes cannot keep pace with scale or speed of the development of new threats of simple misconfigurations
  • Lack of centralization makes visibility of potential misconfigurations extremely difficult to achieve
  • The ‘perimeter’ of the cloud has blurred with employees accessing the cloud from anywhere

How does cloud security posture management work?

Cloud security posture management provides resources for security weakness related to configuration, and operators and users for risky activities. Upon detection, suggestions or assistance can be presented to take corrective actions based on configurations. Policy requirements can also be defined for groups of resources, enforce policies and automatically correct and log any violations. CSPM provides the tools necessary to identify, analyze, and remediate defined tenants and compartments. CSPM enables a comprehensive view of an organizations cloud infrastructure. This information will provide visibility by giving:

  • A summary of problems across SaaS, IaaS, and PaaS to reduce risk and ensure compliance
  • Security and risk scores
  • Actionable recommendations
  • A map where the suspicious user activity is coming from

Any action or setting on a resource that could potentially cause a security risk is a problem. Cloud security posture management will help detect misconfigured resources and insecurity activity across tenants in order to provide security administrators with the visibility to triage and resolve cloud security issues.


Benefits of cloud security posture management

  • Protect customer tenancies. Adopt a cloud security posture management strategy with a global and centralized approach to secure public cloud tenancies.
  • Automate the remediation of security problems. Automate the remediation of security threats for simple and complex issues using security recipes to help optimize security operations team resources.
  • Obtain a comprehensive view of risk posture. Assess and view the security and risk posture of cloud tenancies with a console user interface as well as programmatic interfaces such as cloud APIs, command line interfaces, software development kits (SDK), and more.
  • Automate the enforcement of cloud security policies. Prevent cloud security misconfigurations by enforcing security policy requirements for critical enterprise data from day one and reduce security risk throughout the cloud lifecycle.
  • Adopt a policy library with security best practices. Gain embedded security expertise to protect compartments with an integrated cloud security service and a security policy library to help configure and protect workloads.
  • Gain compartment-based security. Shift the security responsibility in the guest OS, application, and data layers with in-depth cloud security enforcement integrated to fulfill security obligations.