2- Detect and Mitigate Workload Vulnerabilities
Deploying applications and data in IaaS does not protect you from vulnerabilities and weaknesses that affect them. As mentioned in the introduction, the cloud provider is not responsible for the workload security in its infrastructure.
While vulnerability management is a “must have” in traditional environments, workloads are changing faster in the cloud. You need to adapt your approach to perform security analysis more frequently, more automation, and more in-depth analysis.
The benefits of using our Elastic Workload Protector technology :
a. SCAN more often without affecting Workloads. Thanks to our patented technology, we can perform an intrusive server analysis without any impact on the servers running.
b. PRIORITIZE with a quick assessment of the real and residual risk of your information system. Track your evolution of compliance with market security standards. ( CVE , CIS , PCI , OWASP , ANSSI )
c. REMEMBER considering the consequences of cyberattacks on your business and put in place an effective plan of action.
3- Discover your hidden assets in your IaaS
- Virtual Servers or Ghost Workloads
Few solutions have the ability to detect servers or services without activity. These could be launched for tests and forgotten by their owner. They consume resources so they turn out to be a cost. Since they are not used, they are not updated which makes them an entry point into the infrastructure. ( The Gartner research firm mentions that 28% of servers turn out to be ghost servers )
- Orphan storage
Storage disks that are not attached to computer resources. They allow anyone to connect to any server. These storage disks may contain sensitive or critical data that may be compromised.
- Harmful workloads (like usage control)
Example: Using the cloud to decrypt passwords or launch attacks.
Example: Detecting side channel attacks from your own account can be detected with Elastic Detector simply by detecting suspicious activity on your own account (multiple launches and endings on a virtual machine).
- Many new services and APIs
These introduce a new attack surface. It is very easy to make mistakes on lines of code that have a big impact (eg disabling all firewalls takes 1 line of code !!!).
AWS has more than 50 different services and publishes new ones each month. It’s hard to keep up the pace and easy to make mistakes early. You can not be an expert on everything
- dormant resources
In Cloud in IaaS, it is very easy to deploy a new server and simply stop the old one. This server is forgotten and is not updated while you patch, for example. In this case, when you restart this server for any reason (checking the old version of the website for example, restore due to a server crash, etc.), it will become the most critical server and the most vulnerable of your infrastructure.
Automation, following the DevOps culture, is the best way to reduce these risks. It makes it possible to manage most of the work and especially that which is the most alienating. Elastic Workload Protector has been developed according to this culture and proves to be the most effective solution on the market