Kubernetes, containers, and cloud native technologies offer organizations the benefits of portability, flexibility and increased developer productivity, but the security risks associated with adopting them continue to be a security concern for companies. In the recent State of Kubernetes Security report, 94% of respondents experienced at least one security incident in their Kubernetes environments in the last 12 months.
In this episode of The New Stack Makers podcast, Avi Shua, CEO and co-founder of Orca Security talks about how organizations can enhance the security of their cloud environment by acting on the critical risks such as vulnerabilities, malware and misconfigurations, as well as by taking a snapshot of Kubernetes clusters and analyzing them.
Alex Williams, founder and publisher of The New Stack hosted this podcast.
Cloud environments by design cannot be fully secured with traditional security approaches, especially with the fluidity of data and users involved in this type of infrastructure. As more companies recognize the increased attack surfaces that cloud environments create, they are applying new approaches that offer more efficient ways of defending them.
“Friction is the main thing that can harm security posture and prevent organizations from actually maintaining the security hygiene they need,” said Shua. Context and alert fatigue also add to the compounding issues security teams face, “organizations cannot really handle millions of alerts. And frankly, there aren’t any millions of critical alerts. The only way that organization can be secure, is to contextualize the issues and to focus on the very few attack chains that can actually make a real impact to the organization.”
The notion of perimeters becomes fuzzy in cloud architectures. Having a separate security approach to key areas such as identity, database and vulnerability management evokes “too many data points,” Shua said. “The only way that we can actually tackle the issue of security seriously, is by taking a full-stack approach that essentially looks at the issue as a graph and attack chain,” said Shua.
As organizations move to a multicloud environment, it creates complexity. “Complexity is one of the worst things for security because mistakes happen, and attackers get in using these mistakes, “said Shua. But by monitoring cloud infrastructure for gaps in security such as misconfiguration issues and compliance risks, they can help navigate ever-changing cloud security posture, and aid in “understanding the bigger posture which is usually the more complex issue.”