Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
We all know the cybersecurity industry loves its acronyms, but just because this fact is widely known doesn’t mean everyone knows the story behind the alphabet soup groups of letters, we must deal with on a regular basis.
Let’s take a moment to discuss some of the more prominent security architectures specific to the cloud so we are all on the same page: CNAPP, CWPP, CIEM, and CSPM.
Simply put, CNAPP is the ‘full package’ of cloud-native security defenses I will discuss below: CSPM, CIEM, and CWPP. CNAPP is a defense in depth solution for the cloud, that includes protections for the cloud’s native resources as well as the workloads/applications running within it.
Figure 1: Relationship between CNAPP, CWPP, CIEM and CSPM
A key foundation to cloud security is governance, or the ability to watch over a set of resources in a well-defined, controlled, automated process.
Security teams use Cloud Security Posture Management (CSPM) tools to continuously monitor hundreds of pre-defined checks and report security risks for checks that fall outside of the defined parameters.
CSPM allows users to create policies that can be grouped into specific control sets that map to compliances, such as NIST or CIS.
In addition, a CSPM architecture may be able to perform some or all of the following:
Figure 2: Azure’s Defender for Cloud is an example of a CSPM (And CIEM and CWPP)
CIEM focuses on securing identities and access rights. Just like CSPM, it provides checks that are focused on identity, such as:
Workload protections are specific defenses that monitor commonly used applications.
Some examples are:
CNAP tools are very important for providing full-circle monitoring, control, and incident resolution on the security posture of a cloud environment. A good CNAP dashboard is an effective tool that should be part of every security architecture’s design.
References
About This Blog Series
Follow the full series here: Building Defenses with Modern Security Solutions
This series discusses a list of key cybersecurity defense topics. The full collection of posts and labs can be used as an educational tool for implementing cybersecurity defenses.
Labs
For quick walkthrough labs on the topics in this blog series, check out the story of “ZPM Incorporated” and their steps to implementing all the solutions discussed here.
Compliance
All topics mentioned in this series have been mapped to several compliance controls here.
David Broggy is Senior Solutions Architect, Implementation Services at Trustwave with over 21 years of experience. He holds multiple security certifications and won Microsoft's Most Valuable Professional (MVP) Award for Azure Security. Follow David on LinkedIn.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.