Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Azure Native and Third-Party Tools: New White Paper
Thanks in part to the ease of infrastructure implementation, public cloud service providers (CSPs) are quickly becoming more popular with enterprises. However, cybersecurity in the cloud is complex; while CSPs are responsible for the security “of” the cloud, you’re responsible for security “in” the cloud. Enterprises must still protect data and are responsible for the secure configuration of the resources provisioned.
Figure 1: Microsoft Azure shared responsibility model
Despite the many advantages offered by CSPs there are intricacies and Azure users might have a host of questions. For instance:
We’ve developed IaaS Security – Azure Native and Third-Party Tools to help you better understand the cloud infrastructure assessment tools provided by Azure and third parties. The paper offers tool-specific observations that allow security practitioners to understand the interdependencies of native and third-party tools and grasp the basics of configuration, key features, metrics, reports and other capabilities. This allows practitioners to make informed decisions about how and when to use which tools in their Azure-hosted environments.
Some key takeaways:
Manageability: Microsoft has taken multiple steps to ensure Azure’s IaaS cyber security controls can be managed with relative ease. Microsoft has accelerated its rollout of Azure security solutions over the last two years, and while many features exist in preview mode, they are generally functional. Optiv has seen a pattern of continual improvement in the security products launched within Azure; organizations will want to keep up to date with Azure changes more closely than they have with legacy Microsoft products.
Security Center: Provides insight into regulatory compliance, resource health and threat protection. Crucial to securely adopting and consuming CSP resources are identity, logging, visibility and service integration. For vulnerability management, the local Qualys agent scanning within Security Center provides competent vulnerability assessment from within the target VM but does not replace the traditional approach of network scanning to visualize what a remote attacker would see.
Azure Active Directory: Microsoft has an edge when compared to the offerings of competing Cloud Service Providers. Azure AD security features and visibility for access management would be better compared to common names in the identity space like Okta. However, it does not mean that there is feature parity between the two and the maturation of the products it the same. While Azure AD Security is fairly straightforward and there is the benefit of direct integration with other Azure security services, such as Security Center, Azure AD should be one consideration in a larger identity program conversation.
Azure Sentinel: Optiv found that a lot of Sentinel’s features were in preview mode. Microsoft places features in “preview” mode before they are graduated to general availability. The edge that Azure Sentinel has on other SIEMs is that Microsoft/Azure owns the infrastructure it is delivered on, which provides a pricing advantage, as well as the delivery model offered by Azure. A few simple clicks, with no third party needed, and the cloud-native SIEM as-a-Service is running. However, its features haven’t reached parity with other enterprise SIEMs.
Both native and third-party approaches have distinct advantages and disadvantages at present. You should expect to use both native and third-party security solutions in concert for the foreseeable future, and this research paper provides a rich understanding of how this can be best accomplished.
July 11, 2018
Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on....
January 29, 2017
Security OF the cloud versus security IN the cloud. This by no means is intended to be a riddle. In fact, the irony is that cloud computing has solved....
Let us know what you need, and we will have an Optiv professional contact you shortly.