Hanging a steadiness between adequate visibility into cloud computing environments and the potential for an overdose of false positives and duplicate alerts is the important thing problem dealing with cloud security professionals, based on the State of Safety Remediation report from the Cloud Safety Alliance (CSA). The report, launched immediately, detailed a raft of vital points dealing with IT professionals tasked with fixing security issues in cloud environments. Together with false positives and visibility, overly complicated tooling, time-consuming handbook duties, and slower-than-needed response occasions have been cited as problematic by massive percentages of the two,000 IT and security professionals surveyed by the CSA.
Simply 23% of respondents mentioned that they’d “full” visibility into cloud environments, a determine that displays the growing complexity of containerized and serverless architectures, the examine discovered. “This lack of visibility can result in security gaps and complicates the administration and monitoring of those environments,” the examine’s authors wrote.
Duplicate alerts and false positives stressing security groups
But the sheer quantity of alerts themselves are already posing a problem to security groups, based on the examine, which discovered that 63% of respondents characterised duplicate alerts as a moderate-to-severe situation for them, much like the 60% saying the identical about false positives. Typically, it is a drawback attributable to the proliferation of various security instruments, lots of which have overlapping performance and poor or no integration with each other.
False alarms and duplicate alerts are solely a part of the issue posed by tooling sprawl, nonetheless. Properly over half (61%) of respondents mentioned they have been utilizing between three and 6 completely different detection instruments for security functions, with a powerful minority saying that they have been contemplating funds will increase to pay for extra monitoring. “The introduction of further instruments and not using a unified course of can result in siloed remediation efforts, overlapping vulnerabilities, and a disjointed method to risk prioritization,” wrote the authors.
The examine, which was sponsored by cloud security remediation vendor Dazz, argues that extra unified monitoring and administration options should be used, and that channels of communication between security and growth groups should be open and energetic. “As cybersecurity threats evolve, organizations should adapt by searching for higher visibility into their code-to-cloud setting, figuring out methods to speed up remediation, strengthening organizational collaboration, and streamlining processes to counter dangers successfully,” mentioned Hillary Baron, the examine’s lead creator and senior technical director for analysis at CSA, in a press launch.
