First there was the cloud. Then there was the public cloud and the private cloud … which (as we know) spawned the hybrid cloud as the much-loved offspring of both.
Then there was multi-cloud, a grouping of compute resources where an organization uses different cloud services from different cloud service providers (CSPs) to run workloads for different applications, departments, subsidiaries or maybe even. for different specific workflow functions.
Then after all that came the notion of poly-cloud, the separation of the different parts of an application or data service workload between different CSPs, an action taken when price, performance, Latency, legislative or other requirements of a workload can be segmented precisely (and securely enough) to justify spreading that workload across different cloud providers.
What all of this creates is a world of many clouds and therefore many concerns… it is the world of multi-cloud poly-hybrid mechanics.
Continuous intelligence, through the ether
The complexity created here presents a challenge for companies looking to lock down cloud-based resources that now span an incredibly complex and interconnected IT resource landscape.
With the aim of delivering a degree of what it likes to brand as continuous intelligence, Sumo Logic has now built a multi-cloud and hybrid threat protection offering powered by Amazon Web Services Inc. (AWS). the Sumo Logic Cloud SIEM Powered by AWS is built on the Continuous Intelligence platform of the Sumo Logic brand, SIEM standing for security information and [software code] Managing events like it does.
This is not traditional consumer-level anti-virus malware protection that you might be prompted to install when you set up your new laptop; it is software code-centric security intelligence and protection with functions focused on areas such as compliance, security analytics, and SIEM cloud technologies.
The companies say they have worked together to offer out-of-the-box integration with leading AWS security services, as well as integrations with cloud-based SaaS and on-premises security services. It’s about creating technology that can perform deep internal inspection of cloud services and eliminate security blind spots in multicloud, hybrid (and even polycloud) environments.
Contextualized data intelligence
Sumo Logic and AWS both talk about contextualized data intelligence and, in this case, contextualized threat data. This does not mean the context surrounding the origin of the source of the malware, in this case it is contextualized cloud reports to highlight the weak points of a company:
- a) the installed stack of an organization’s virtualized cloud technology
- b) the “operational maturity” of an organization and its ability to act and repair the internal mechanisms of its cloud applications when called upon
- c) the ability of an organization to have created its own Security Operations Center (SOC) to work with cloud developers to lock down its IT stack
For businesses that do not have an internal or outsourced Security Operations Center (SOC), the offering will provide security monitoring, visibility and alerts. For organizations modernizing their SOC, the offering will provide threat correlation between sources with detection, automation and orchestration of machine learning.
Sumo Logic vice president Greg Martin says his company offers a comprehensive approach to quickly uncover activity that may indicate an “early stage IT event” (which could be related to risk) by identifying spikes and peaks. anomalies based on the basic historical data of the organization. .
“Unconstrained by the processing power of on-premises hardware, Sumo Logic’s Cloud SIEM solution addresses the challenges facing today’s security professionals by providing complete visibility into their IT ecosystem, development and development. applications and security, automating the manual work of security analysts, saving them time and enabling them to be more efficient by focusing on higher-value security functions, ”said Martin and his team. .
Dear CTO / CIO, how is our “security posture”?
It’s another one of those “does the CEO really question this element of the company’s operations at the board meeting”? Captains of the industry may not be familiar with the term security posture today, but as companies spanning a multitude of cloud computing supply channels begin to realize the extent of their own IT footprint , this is undoubtedly one of the buzzwords for any self-respecting entrepreneur. go forward.
“Businesses today are absorbing huge amounts of data from their cloud services and applications because everything tells you what it does in immense detail. This is what you can do with this data, this is where things get interesting. Security is one area, but this data can be applied to operations and to improve software development. When your business process is digital, you can see the impact of your decisions in real time, whether it’s a software update or an IT overhaul or something like a marketing project, ”said Christian Beedgen, CTO at Sumo Logic.
Organizations need to know that incoming data can be consolidated – and at this point, anyone can use it for their own understanding. Beedgen suggests that the smartest companies take the opportunity to consolidate their tools and develop their observability approaches across the enterprise, as this avoids duplication and reduces costs.
Long term trends
The long-term trend here is that companies have a lot of tools to collect data, which can lead to issues with the volume of data entering over time. Data obviously has a cost to store, so having multiple copies of the same data will result in more expense and Beedgen reminds us that this can lead to financial problems.
“Businesses thinking about their data strategy using cloud providers may feel like resources are infinitely scalable, but the reality is that the organization will eventually run out of budget. Consolidating and removing duplicate data in different tools reduces this problem, keeps the business on the right side of the data cost curve and ensures that you can continue to innovate, ”concluded Beedgen.
Many resources within our technology stacks are exposed (positively) to the benefits of automation and artificial intelligence (AI), so this factor needs to be factored into our cloud operations management layer. . In the case of this story, it is. Sumo Logic and AWS have brought together machine learning (ML) -based detection, integrated threat intelligence correlation, and research-based in-depth investigation to examine systems and deliver insights. This information is highlighted by rich data visualization (charts, dashboards, and data speed meters, essentially) so that any sales manager can see what’s going on.
Once we can say we’ve sorted out our security posture in the cloud, maybe we can all straighten our backs and figure out if we need a lumbar support pillow. Until then, sit up straight and keep an eye on the multi-hybrid-poly cloud engine room.