Taking a data-driven approach to a Zero Trust model

As organizations move their workloads to the cloud and work to stay competitive in today’s fast-paced markets, organizations must continue to innovate and to do it securely. Utilizing data is one way to do this, which means protecting this data is even more vital. But protecting their data has become increasingly difficult as organizations deal with the daunting task of needing to know where all their data is stored, how their data is used, what their data is used for, and who or what they should have access to. Security teams face a regularly moving target, and it’s hard for them to keep up. This situation has forced a rethinking of security philosophies. One of these philosophies is Zero Trust.

Learn how CAZENA uses Lacework^® to monitor all access to and from their environments. 

What does Zero Trust mean for an organization building modern applications in the cloud? 

Traditional security approaches are oftentimes used for the cloud. How we work on-premises is not how we work in the cloud though. And as organizations build more and more in the cloud, limiting accessibility to critical data can have an adverse effect on the cloud native application pipeline. Applications and organizational requirements that drive them are in constant flux. Keeping track of the applications, their normal behavior, and their changes, can be daunting. Security expertise is hard to come by these days — let alone knowledge of the applications themselves. 

If you’re on an IT team faced with implementing Zero Trust, you are probably worried about:

• Identifying what is normal in your cloud environment
• Determining who can talk to whom
• Understanding the network without impacting to the application
• Making changes to the network without impacting the way people work

Now let’s imagine that a developer in your organization is building an application in the Amazon Web Services (AWS) cloud, and as a security operations member, you are tasked to help secure the software development life cycle. How do you identify which microservices are being utilized and what are the normal API calls? 

Here’s your answer.

The Lacework Polygraph^® Data Platform helps you find the truth about what’s happening across your AWS cloud. We help you uncover risk — from finding misconfigurations to prioritizing vulnerabilities based on runtime data — and help you prove compliance faster, without the overhead. We give you the ability to continuously monitor for signs of trouble in your cloud accounts and workloads using behavior-based threat detection.

The Platform observes changes and deviations in your AWS containers, workloads, and clouds, and then provides high-fidelity alerts with context when something of significance occurs. Our machine learning and behavioral analytics models baseline normal behavior and then alert you to any deviations from normal behavior. A combined agentless and agent-based approach provides the visibility needed to have maximum security for cloud accounts and systems.

Bottom line: the Polygraph Data Platform does not trust that anything new or unique is safe, providing you with a zero trust model for modern application security. 

We’d like to tell you more on this topic! Our solution brief “Applying Zero Trust model to AWS CloudTrail logs” delves further.  We also invite you to learn about our many integrated solutions with AWS at www.lacework.com/aws.

Categories

• Cloud Security