Protection implied and complied

Themen:

5. Aug.. 2020

CSPM - Cloud Security Posture Management (CSPM) solutions are the latest wave in the quest to protect cloud workloads and keep customers secure. CSPM solutions evaluate cloud infrastructure and identify misconfigurations or violations to an organizations’ “best practices.” By doing so, they identify issues that could lead to data breaches or leakage, as well as play a role in compliance.

CSPM looks at the problem differently than other solutions (though there is overlap). CSPM starts with a set of known “best practices” – some of the solutions in the market leverage published benchmarks like the CIS Benchmarks – and turn them into configuration rules that can be applied against current configurations. CSPM has the ability to identify misconfigurations at any point in an organization’s infrastructure and alert security professionals to the issue as well as the recommended solution.

Many CSPM products focus on alerting and are closely integrated with native cloud services like AWS Guard Duty and Security Hub, and Microsoft Azure Security Graph API. Only a subset of CSPM solutions currently work with Azure, and a smaller subset still offers remediation tools.

In addition to identifying misconfigurations that can lead to vulnerabilities, because CSPM solutions approach this task from a set of benchmarks or best practices, they also factor in organizations’ ability to demonstrate compliance. In a post-GDPR world, compliance has gained significantly for nearly all organizations as it impacts not only customers in EMEA but companies doing business with any customers in EMEA.

CSPM solutions also offer the promise of extensibility. The rulesets they leverage can be enhanced, and the vendors offering CSPM solutions are actively working with other standards organizations to include rules that would help ensure IT compliance in other areas, such as PCI-DSS. CSPM solutions are also quickly embracing multi-cloud environments. Most larger organizations have deployments in two, three, or even four (or more!) cloud infrastructures. CSPM solutions can be agnostic in this regard: some can apply their configuration rules across a multi-cloud ecosystem, further aiding organizations in managing properly configured and compliant IT infrastructures.

Barracuda Cloud Security Guardian

Gain visibility and ensure security compliance over your cloud workloads.

Rich Turner

Rich ist Director of Public Cloud Product Marketing bei Barracuda. Er stieß im Rahmen der Übernahme von C2C Systems im Jahr 2014 zum Team. Rich ist einer der Public-Cloud-Experten von Barracuda – er arbeitet direkt mit den Cloud-Ökosystemen und wurde in E-Books von Microsoft zum Thema Public-Cloud-Security zitiert. Er schreibt außerdem häufig für die eigenen Cloud-Blogs von Barracuda. Für unsere Cloud-Initiativen hilft er bei der Entwicklung von Strategien und deren Umsetzung mit unseren Partnern und Vertriebsteams.

Wenn Sie mit Rich in Kontakt treten möchten, können Sie sich auf LinkedIn mit ihm vernetzen und ihm auf Twitter folgen.

Sie können Rich eine E-Mail an rturner@barracuda.com schicken.

Den Blog durchsuchen

Der Ransomware Insights Bericht 2025

Wichtige Erkenntnisse über die Erfahrungen und Auswirkungen von Ransomware auf Unternehmen weltweit

Zum Report

Managed Vulnerability Security: Schnellere Behebung von Schwachstellen, weniger Risiken, einfachere Compliance

Erfahren Sie, wie einfach es sein kann, die von Cyberkriminellen bevorzugte Schwachstellen zu finden.

WEBINAR ANSEHEN