Getting Started with Microsoft Azure Live Demo
October 16, 2019
Cyber Insurance Is No Substitute For Robust Cybersecurity Systems
October 16, 2019
When it comes to securing your cloud infrastructure, there is no shortage of challenges. You want to retain the visibility and control you had on-premises, while taking advantage of all the benefits the cloud can provide. The adoption of cloud-based services, for example, makes it easier for your development teams to quickly build and push services into production. However, this can unintentionally create Shadow IT, where you don’t know what services are running and if they’re secure.
Today, we’re excited to announce the beta of Security Health Analytics, a security product that integrates into Cloud Security Command Center (Cloud SCC). Security Health Analytics helps you identify misconfigurations and compliance violations in your Google Cloud Platform (GCP) resources and take action. In this blog, we’ll look at how Security Health Analytics can help you stay in control of your Google Cloud security, including a real-world example from a customer, AirAsia.
Staying in control of security in Google Cloud: AirAsia
AirAsia is the largest low-cost carrier in Asia as measured by passengers, and serves more than 150 destinations across 23 markets. Skytrax has named it the world’s best low-cost airline for 11 years running. As a company with a reputation for getting customers where they need to go without breaking the bank, AirAsia has several security practices in place to ensure that their budget goes to keeping their customers’ travel costs low, and not to recovering from security breaches.
AirAsia’s large IT operation requires the ability to provision virtual machines (VMs) and spawn containers in Google Kubernetes Engine (GKE). The company also uses App Engine to build applications in Google Cloud. They chose Google Cloud because it offers far more flexibility, agility, and cost-effectiveness than other computing methods.
While running these critical workloads in Google Cloud, AirAsia uses Security Health Analytics to see if their resources are configured properly and compliant with CIS benchmarks.
“Being able to go to the new Security Health Analytics dashboard eliminates the guesswork of what we have running and if it is secure,” says Muhammad Faeez Bin Azmi, Information Security and Automation Solution Architect. “Now anyone on our team, even non-security professionals, can go to this dashboard and see a list of the misconfigured assets and compliance violations across all of our GCP resources. We can also see the severity of misconfigurations, which helps us prioritize our response.”
To see what this looks like, below is an example Security Health Analytics Vulnerabilities dashboard showing potential security issues–called findings. When you click on a finding, you get a step-by-step remediation plan for how to solve the particular issue, such as an open firewall (shown below) or overly privileged access to a storage bucket, and a link that takes you directly to the impacted resource.
