Security teams need to change their approach in order to be successful in the AWS Cloud. DevSecOps in the AWS Cloud is key.
DevSecOps in the AWS Cloud
Sure the controls you’re using are similar but their application is very different in a cloud environment. The same goes for how teams interact as they embrace cloud technologies and techniques. The concept of DevOps is quickly becoming DevSecOps which is leading to strong security practices built directly into the fabric of cloud workloads.
When embraced, this shift can result in a lot of positive change.
Teams Level Up
DevSecOps in the AWS Cloud
With security built into the fabric of a deployment, the integration of technologies will have a direct impact on your teams. Siloed teams are ineffective. The transition to the cloud (or to a cloud mindset) is a great opportunity to break those silos down.
There’s a hidden benefit that comes with the shift in team structure as well.
Working hand-in-hand with other teams instead of a “gate keeper” role means that your security team is now spending more time helping the next business initiative instead of racing to put out fires all the time.
Security is always better when it’s not “bolted on” and embracing this approach typically means that the overall noise of false positives and lack of context is greatly reduced. The result is a security team that’s no longer combing through log files 24/7 and other security drudge work.
The shift to a DevSecOps culture lets your teams focus on the tasks they are better at.
Resiliency
The changes continue to pay off as your security team can now start to focus more on information security’s ignored little brother, “availability”.
Information security has three primary goals; confidentiality, integrity, and availability.
The easy way to relate these goals is that security works to ensure that only the people you want (confidentiality) get the correct data (integrity) when they need it (availability).
DevSecOps in the AWS Cloud
And while we spend a lot of time worrying and talking about confidentiality and integrity, we often ignore availability typically letting other teams address this requirement.
Now with the functionality available in the AWS Cloud we can actually use aspects of availability to increase our security.
Leveraging features like Amazon SNS, AWS Lambda, and Auto Scaling, we can build automated response scenarios. This “continuous response” is one of the first steps to creating self-healing workloads.
When you start to automate the security layer in an environment where everything is accessible via an API some very exciting possibilities open up.
This cloud security blog was written by Mark Nunnikhoven, Vice-President of Cloud Research at Trend Micro. Mark can be reached on LinkedIn at https://ca.linkedin.com/in/marknca or on Twitter @marknca.
Learn More
For additional learning on AWS, please visit these video resources
1. AWS re:Invent 2015 | (DVO207) Defending Your Workloads Against the Next Zero-Day Attack
https://www.youtube.com/watch?v=-HW_F1-fjUU
Discussion on how you can increase the security and availability of your deployment in the AWS Cloud
2. AWS re:Invent 2015 | (DVO206) How to Securely Scale Teams, Workloads, and Budgets
https://www.youtube.com/watch?v=Xa5nYcCh5MU
Discussion on lessons from a CISO, featuring Jim Hoover, CISO Infor along with Matt Yanchyshyn from AWS and Adam Boyle from Trend Micro.
