Cloud Native Security as Software Eats the World
For many organizations, becoming a software company hinges on making a successful shift to cloud native platforms. This makes sense as a rapidly growing number of organizations, both in the private and public sectors, can achieve very tangible benefits by making the transition. The ultimate goal is typically being able to vastly improve the digital experience for the end-use customer.
Large organizations, such as banks, or government agencies, are increasingly aware of “the whole notion of software eating the world,” John Morello, vice president of product for Palo Alto Networks’ Prisma, said. “There is the sense that everybody’s got to become a software company or, at least, become a software-competent company,” Morello said. “The reason that people are choosing banks, choosing what car they drive or choosing where they shop, in a lot of cases is driven by that digital experience.”
But when relying on cloud native platforms to become a software company, many risks are involved. Chief among them: data security.
In this latest edition of The New Stack Makers podcast, Morello and Aqsa Taylor, a product manager for Prisma Cloud Compute, discuss what organizations should know about security before making the cloud native shift. The themes covered include, among other things, what a cloud native security platform should offer and the evolution of security in the cloud native era.
There are, of course, underlying similarities between IT security processes and compliance, whether your operations are contained on the servers in a data center or are completely on the cloud. However, there are some challenges and things that are different with securing cloud native applications, Morello said. “You typically have a lot more entities that you’re dealing with and those entities change much more frequently. Security is largely in the hands of the developer versus a dedicated operations team,” Morello said. “And because the security of the application is […] so dependent upon the security of that cloud infrastructure, it’s really important to think about security as the entire stack security, not just for the application, or the infrastructure in isolation.”
Having full-stack security in a way that the individual components can inform and protect each other is also a key consideration, Morello said. “I think that’s really the biggest difference with cloud native versus traditional kinds of legacy security approaches,” Morello said.
Palo Alto meets the evolutionary security needs of organizations making the shift to cloud native security platform in a number of ways, Taylor said. “When working with customers, especially large-scale customers, what I’ve seen is there are different teams involved. So, there’s the infrastructure team and the applications team — and then there’s the CI/CD, developers and all of that,” Taylor said. “Now, as a security tool, what we provide from Prisma Cloud is the ability to bring all those together.”
The end result is you have a single panel and “you’re looking at your ‘shift left security.'” Taylor said. “You’re giving developers visibility into what they’re building — you’re showing the vulnerabilities and compliance in the very beginning of the cycle,” Taylor said.
Watch the full conversation with these and other security thought leaders at the Cloud Native Security Live, 2020 Virtual Summit. Engage and interact with other developers, DevOps pros and IT leaders who all have so much at stake in container technologies and DevSecOps. Hosted by Prisma in partnership with The New Stack, join us Feb. 11, 2020, for a full day of discussions about cloud native security — brought to you live online wherever you may be.