登录查看更多内容

How can you choose the best cloud security monitoring tool?

由人工智能和领英社区提供技术支持

Cloud security monitoring is essential for ensuring the availability, integrity, and confidentiality of your data and applications in the cloud. However, choosing the best tool for your needs can be challenging, as there are many factors to consider. In this article, we will guide you through some key steps and questions to help you make an informed decision.

在这篇协作文章中查找专家回答

由社区从 3 条内容中精选。了解更多

1 Assess your cloud environment

Before you start looking for a cloud security monitoring tool, you need to understand your cloud environment and its specific risks and requirements. For example, you should know what kind of cloud service model (IaaS, PaaS, or SaaS) and deployment model (public, private, hybrid, or multicloud) you are using, how many cloud accounts and resources you have, what are the compliance standards and regulations you need to follow, and what are the main threats and vulnerabilities you face. This will help you narrow down your options and focus on the features and capabilities that matter most for your cloud security posture.

添加您的观点

Jetro WILS

Strengthening Digital Security & Compliance for European Organizations ■ Cloud & Information Security Officer ■ Cybersecurity Advisor ■ Cert. NIS2 LI & ISO 27001:2022 ■ Cloud Auditor ■ PECB & Msft Certified Trainer
举报内容
An important dimension, in my opinion, is the technology operating model you're using. If you're combining on-premise with public cloud, you have a hybrid model. If you're using multiple public clouds, you have a multicloud model. If you have both, it's hybrid multicloud. The more diverse your architecture, the more complex your operating model and the more specialized cloud security tooling you need. If you have a primary public cloud provider, I recommend you start with their cloud security toolset. It integrates deeply into its stack, and most cloud providers support hybrid multi-cloud security monitoring. Only go to 3rd party tools as a last resort as it will add another level of complexity.

已翻译

赞

2 Compare different types of tools

When selecting cloud security monitoring tools, you should consider the various types available on the market and their respective strengths and weaknesses. Cloud-native tools, such as AWS CloudTrail, Azure Monitor, or Google Cloud Operations, offer deep visibility and integration with your cloud platform, but may not cover all aspects of cloud security or support other CSPs or on-premises environments. Third-party tools, like Splunk, Sumo Logic, or LogRhythm, provide more flexibility and functionality than cloud-native tools, but may require more configuration and maintenance or incur additional costs. Open-source tools, like Cloud Custodian, Prometheus, or Grafana, offer more customization and innovation than other tools but may lack support, documentation, or reliability. Ultimately, you should compare different types of tools based on your budget, scalability, compatibility, usability, and performance needs.

添加您的观点

Jetro WILS

Strengthening Digital Security & Compliance for European Organizations ■ Cloud & Information Security Officer ■ Cybersecurity Advisor ■ Cert. NIS2 LI & ISO 27001:2022 ■ Cloud Auditor ■ PECB & Msft Certified Trainer
举报内容
When using 3rd party tools in combination with a hybrid cloud (so on-prem plus public cloud), make sure you calculate data egress costs. If you're hosting this 3rd party security tooling on-premise, it means it pulls monitoring data FROM the cloud TO your on-premise setup, meaning the public cloud provider CHARGES you for that data stream. If you host the 3rd party security tooling in your primary cloud, it pulls data FROM your on-premises TO your public cloud, meaning it's data ingress, which is usually not charged. If you add multiple public clouds, the security tool will pull in data FROM the other clouds and thus generate data egress, which you'll get charged for. Think wisely about the architecture as you make your tool selection.

已翻译

赞

3 Evaluate the features and capabilities

Once you have a shortlist of potential cloud security monitoring tools, you should evaluate their features and capabilities in detail. You should look for data collection and analysis that supports various formats, protocols, and standards. Additionally, the tool should be able to present and communicate the data in a clear and actionable way. It should also protect the data from unauthorized access, modification, or loss, and comply with relevant laws and regulations. Moreover, the tool should be able to alert and notify you of any anomalies, incidents, or breaches in your cloud environment. Finally, it should help you remediate and respond to any issues or incidents in your cloud environment.

添加您的观点

4 Test and verify the tool

The final step is to test and verify the tool before you make a final decision. You should ask for a demo, trial, or proof of concept from the vendor or provider, and use it in your real or simulated cloud environment. You should also check the reviews, ratings, feedback, or testimonials from other users or experts, and verify the claims and promises of the vendor or provider. You should also consider the support, maintenance, and updates of the tool, and how they will affect your cloud security monitoring in the long term.

Choosing the best cloud security monitoring tool is not a one-size-fits-all solution, but a process that requires careful research, evaluation, and validation. By following these steps and questions, you can find the tool that suits your cloud environment and meets your cloud security goals.

添加您的观点

5 Here’s what else to consider

This is a space to share examples, stories, or insights that don’t fit into any of the previous sections. What else would you like to add?

添加您的观点

Jetro WILS

Strengthening Digital Security & Compliance for European Organizations ■ Cloud & Information Security Officer ■ Cybersecurity Advisor ■ Cert. NIS2 LI & ISO 27001:2022 ■ Cloud Auditor ■ PECB & Msft Certified Trainer
举报内容
As a first approach, I recommend preferring cloud native over 3rd party tools and prefer SaaS over hosted onprem. Cloud-native on your primary cloud has a deeper integration and no data egress charges. Using SaaS means you're free from updates, backups, and regular software maintenance. Do make sure your SLAs are solid, as cloud security monitoring is critical for your security posture. If you do decide to host yourself on-premise, make sure the software is running in a (geo-redundant) high-available setup, meaning if one node falls out, the other can take over. It's your digital equivalent of sentry guards in a hostile environment, and you don't want them sleeping.

已翻译

赞

Internet Services

+ 关注

给文章评分

我们借助人工智能创建了此文章。您认为这篇文章怎么样？

很棒不太好

举报此文章

查看全部

How can you choose the best cloud security monitoring tool?

1

2

3

4

5

1 Assess your cloud environment

2 Compare different types of tools

3 Evaluate the features and capabilities

4 Test and verify the tool

5 Here’s what else to consider

Internet Services

给文章评分

感谢您的反馈

更多Internet Services相关文章

更多相关阅读内容

How can you choose the best cloud security monitoring tool?

1

2

3

4

5

1 Assess your cloud environment

2 Compare different types of tools

3 Evaluate the features and capabilities

4 Test and verify the tool

5 Here’s what else to consider

Internet Services

给文章评分

感谢您的反馈

查看其他技能