Cloud Hosting

A SOC Tried To Detect Threats in the Cloud You Wont Believe What HappenedNext

Now, we all agree that various cloud technologies such as SaaS SIEM help your Security Operations Center (SOC). However, theres also a need to talk about how traditional SOCs are challenged by the need to monitor cloud computing environments for threats. In this post, I wanted to quickly touch on this very topic and refresh some past analysis of this (and perhaps reminisce on how sad things were in2012).

Back in my analyst days, Ive noticed that some traditional organizations tried to include their cloud environments in the scope of their security monitoring at some point in their cloud migration journeys. Surprisingly (Hey you surprised about it? No? Thought so!), some of these projects have not gone well. SOC teams were not equipped to deal with various cloud challenges (old paper on this). There were also cases where both business and IT migrated to the cloud, but security was left behind and had to approach cloud challenges with on-premise tools and practices. Essentially, security was left behindagain.

Here, we wanted to quickly summarize some of the challenges, covering the usual range of people, tools, and processes:

Huge thanks to Iman Ghanizada (the Certs Guy) for his contributions to thispost.

Related posts:

A SOC Tried To Detect Threats in the Cloud Your Wont Believe What Happened Next was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from Stories by Anton Chuvakin on Medium authored by Anton Chuvakin. Read the original post at: https://medium.com/anton-on-security/a-soc-tried-to-detect-threats-in-the-cloud-your-wont-believe-what-happened-next-4a2ba0ab5d81?source=rss-11065c9e943e------2

The rest is here:
A SOC Tried To Detect Threats in the Cloud Your Wont Believe What Happened Next - Security Boulevard