Expel insider · 4 MIN READ · KAITLIN WAITE · OCT 25, 2024 · TAGS: Cloud security / Managed security / MDR
TL;DR
- Expel’s Scott Gold was joined by Aaron Stanley from dbt Labs, Jason Waits from Inductive Automation, Ashok Mahajan from AWS, and Shashank Golla from Wiz
- They discussed the challenges of cloud security today (there’s some good news), how the Wiz and Expel integration help (especially for AWS customers), and what they expect in the future of cloud security
- You can watch the full webinar on-demand here
A group of managed detection and response (MDR), cloud native application protection platform (CNAPP), cloud service provider, software-as-a-service (SaaS), and supervisory control and data acquisition (SCADA) software companies walk into a bar…
Okay, so there’s no punchline to that joke, but they did all walk into the same (virtual) space to discuss cloud security at Expel’s recent webinar, Securing your cloud investment: an interactive panel with Expel, AWS, and Wiz.
Scott Gold, Senior Manager, Solutions Architecture at Expel, was joined by:
- Shashank Golla, Product Marketing Manager, Integrations at Wiz
- Ashok Mahajan, Senior Partner Solutions Architect at AWS
- Aaron Stanley, VP of Security at dbt Labs
- Jason Waits, CISO at Inductive Automation
Cloud security is a hot topic in today’s cybersecurity space. In a recent report, GartnerⓇ predicted over $1 trillion will be spent on public cloud services by 2027. That’s trillion, with a T. And Expel validated that finding—we tracked a 5% increase in cloud investments predicted in the next 18 months.
“What this means is that the shift in cloud is going to force an equivalent shift in security approaches and technologies,” said Gold. “Our traditional strategies become less and less effective as organizations continue to adopt cloud native approaches, services, and applications.”
But it isn’t without its challenges, with webinar attendees highlighting visibility—across everything from vulnerabilities to configurations—as a major focus and concern for managing future cloud investments and endeavors.
Current challenges in cloud security
Like any technology facing widespread adoption, cloud security isn’t without its challenges. The rise in cloud-based cyber attacks and the increased demand for better cloud security and detection response services proves that.
“Going from on-prem to cloud is not just a lift and shift. The cloud is a fundamentally different architecture and has different patterns. We can actually eliminate classes of vulnerabilities if we do that transformation correctly. I think that’s critical to understand about cloud adoption,” Stanley stated when asked directly about the challenges he’s seen and experienced.
In an Expel survey of cybersecurity buyers in 2023, buyers reported a continuing investment in cloud computing—shifting from non-cloud, on-prem, and remote/branch locations—to cloud SaaS/IaaS/PaaS, with a predicted growth of 5% over the next 18 months. The IBM Cost of Data Breach 2023 Report stated 82% of breaches involved data stored in the cloud.
So it’s safe to say that the cloud is a large landscape that’s only getting bigger, making it a more attractive target for bad actors as adoption rates continue to rise.
But it’s not all bad news. “The biggest challenge we see for cloud security and development teams is prioritization,” Golla stated. “Developers often ask, ‘Why is this security issue more urgent than the feature I’m building?’ The secret to solving this is context. When we show that a security issue is linked to a known vulnerability exploit that’s publicly exposed in production, developers understand why it’s critical to address it immediately.”
The benefits of using Wiz and Expel as partner solutions
That context comes from using Wiz and Expel together—especially if you’re an AWS customer. AWS is focused on security as their top priority according to Mahajan, and these two companies together enhance your visibility, detective control, and help define your incident response plan.
“This integration is particularly powerful for AWS users as it combines a deep understanding of your cloud environment with Expel’s advanced threat detection and response capability. It provides a more holistic approach to a secure AWS environment, from infrastructure configuration to real-type threat detection, helping organizations maintain a good security posture while leveraging the full ptonetial of the services AWS offers.”
Ashok Mahajan, Senior Partner Solutions Architect at AWS
Expel and Wiz customer, Stanley, says, “I really want to rely on this awesome combination of visibility, telemetry, and detection engineering to make sure that I’ve covered the basics so that I can hire great people to focus on the really interesting problems.”
When asked, Wiz identified three key challenges their customers face: visibility, risk prioritization, and embedding security into other teams. “Visibility is a huge challenge,” Golla explained. “Not just inventorying and ensuring security coverage of existing technologies, but also keeping up with teams using new services like container or AI technologies, which may be spun up without the security team’s awareness. Even once discovered, teams struggle with bandwidth to identify, prioritize, and address the most critical risks quickly.”
And that’s where Wiz and Expel can help. Wiz is an agentless solution that identifies issues and misconfigurations within clouds, and from there Expel’s advanced detection and response skills can provide the necessary context to these issues across your entire environment to help prioritize fixes. Stanley and Waits affirmed that this integration has significantly improved their ability to manage cloud security and focus on unique challenges (and keep up with AWS releases).
So what comes next?
The future of cloud security
There’s excitement for what’s next, even as the challenge of protecting the cloud remains at the forefront of cloud conversations. Additionally, our group of speakers is excited for the continued expansion of Wiz and Expel’s capabilities—both together and as individual solutions—as well as a shift to a security mindset for teams outside of SecOps.
Stanley says, “I think that there’s a lot of work for us to do as security practitioners to bring engineers closer to making good secure platforms, and it’s not by making every engineer a security expert. I think it’s the security team’s obligation, and a shared responsibility we have with engineers, to really bring them into the fold with tools like Wiz and the foundational features in AWS to tell them ‘we’ve solved a lot of your problems.’”
Cloud migrations will continue to rise, and shift and lift will happen whether it’s recommended or not. Either way, Mahajan stated, “Some choose to optimize a bit, whereas a few try and migrate and modernize at the same time. But I think no matter which option we choose, following the security best practices and using the right tools really helps make sure your accounts are secure.”
Watch the full session for interactive insights
So whether you’re working in a hybrid environment or are a connoisseur of cloud complexities already, this group hopes that integrations between companies like Wiz and Expel make it easier for you to implement DevSecOps at your organizations to prioritize vulnerabilities and mitigate risks together.
You can watch the full session to dive into these conversations—and peer questions and insights—here.
Questions or comments? Get in touch with an Expel expert like Scott Gold here.
