What Is Cloud Security Posture Management (CSPM)?

Last updated at Tue, 16 May 2023 19:04:04 GMT

As the cloud grows, so too does the playing field of participants. Between infrastructure management (IaaS, PaaS, fPaaS, SaaS, Raas) security, CI/CD, and trying to navigate all of the nuances in between, it’s difficult to keep track of what each category of tooling includes. Within the cloud security space alone there are Cloud Security Access Brokers (CASBs), Cloud Workload Protection Platforms (CWPPs), and Cloud Security Posture Management (CSPM).

At the very top of the pyramid of cloud services are Cloud Management Platform and Tools (CMPT). This is a huge umbrella of categories, and as a subset is a Cloud Management Platform (CMP), which includes numerous categories, including:

• Provisioning and orchestration
• Cost management and resource organization
• Cloud migration, backup, and data recovery
• Identity, security, and compliance
• Packaging and delivery
• Monitoring and analytics
• Inventory and classification
• Service requests

Gartner explores the differences between these offerings in depth, summarizing its findings as follows: “CASB, CSPM and CWPP tools offer an overlapping set of capabilities to address cloud risks, but no single group performs all the features of any one of the others. … CSPM concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack.”

Cloud Security Posture Management (CSPM), was previously known as Cloud Infrastructure Security Posture Assessment (CISPA). The transition from CISPA to CSPM is a reflection of the shift in capabilities from this group of tools being primarily reporting-focused to a shift that includes varying levels of automation. According to Gartner, CSPM tools include use cases for compliance assessment, operational monitoring, DevSecOps integration, incident response, risk identification, and risk visualization.

DivvyCloud by Rapid7, which Gartner identifies as a CSPM, touches the following CMP categories, as they specifically pertain to cloud security:

• Identity, security, and compliance
• Monitoring and analytics
• Inventory and classification
• Cost management and resource organization (at a peripheral level)

In the ideal implementation, a CSPM should continuously manage cloud security risk. It should offer detection, logging, and reports, and provide automation to address issues, ranging from cloud service configurations to security settings as they relate to governance, compliance, and security for cloud resources.

Having interoperability between monitoring and automation is a critical advantage of a CSPM. Misconfiguration is the biggest threat to cloud security, and enterprises grappling with multi-cloud and container environments can leverage a CSPM tool to make progress toward implementing true cloud security best practices.

Gartner routinely recommends CSPM tools as elemental to cloud security by stating, “Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement, and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively and reactively identify and remediate these risks.”

A best-in-class CSPM tool like DivvyCloud by Rapid7 is designed to effectively manage the perpetual shift of cloud infrastructure. By combining continuous real-time monitoring and a range of automation (including automated remediation), a CSPM (along with the right cultural approach and processes) can enable an organization to solve cloud security issues around governance of multi-cloud, compliance based on a range of standards (CIS, NIST, HIPPA, etc), and security concerns tied to common misconfigurations issues.

Interested in learning more? Speak with a DivvyCloud expert today! Watch DivvyCloud’s on demand demo to learn how we help customers like GE, 3M, Autodesk, Discovery, and Fannie Mae stay secure and compliant.