1 Introduction
Most organizations now depend upon cloud services to deliver business-critical applications and this has increased in response to the coronavirus pandemic. This hybrid IT delivery environment gives rise to many challenges in the areas of management, security, and compliance. These challenges arise because cloud services are not well integrated into the normal IT security processes and technologies used by organizations. CSPM (Cloud Security Posture Management) solutions provide a way to identify and control some of these risks.
As organizations go through digital transformation, they are adopting DevOps using IaaS / PaaS cloud services to create new applications and to modernize their existing ones. This avoids the need for capital expenditure as well as the lengthy procurement delays involved when new hardware is needed. In addition, some organizations are now using cloud services to back up their business-critical data. This increases the need to ensure that DevOps use of cloud services takes care of security and compliance.
While the major cloud service providers go to great lengths to secure the infrastructure of their environments, it is up to the tenant to secure their use of these services. This is often outside the skills of DevOps teams or is overlooked, and this can lead to the existence of critical vulnerabilities which can be exploited by cyber-adversaries. These vulnerabilities often include poorly secured accounts used by the tenant to administer the cloud service and that provides cyber adversaries with uncontrolled access to the cloud-based assets. Often, the normal governance controls do not cover these cloud accounts leading to excessive privileges and dormant credentials. The access controls on cloud-based assets are often improperly configured allowing public access to business resources and data. Sensitive or controlled data may be copied and even shared with third parties for testing purposes.
The tenant may not fully exploit the tools provided by the cloud service. The tenant may not actively manage and secure the complete inventory of cloud resources and assets being used. The tenant's in-cloud technical stack including network, OS, Middleware, and applications may be vulnerable through poor configuration and lack of up-to-date patches.
CSPM solutions provide the capabilities needed to address these challenges in a consistent way. They help to identify the in-cloud elements being used within IaaS / PaaS and their potential vulnerabilities. CSPM assists in protecting these in-cloud components by enforcing security policies and implementing best practice controls. They identify deviations from policies providing alerts and automatically remediate issues.
This report covers Oracle Cloud Guard which is an OCI (Oracle Cloud Infrastructure) service that helps tenants to monitor, identify, achieve, and maintain a strong security posture on Oracle Cloud.