As the cloud grows, so too does the playing field of participants. Between infrastructure management (IaaS, PaaS, fPaaS, SaaS, RaaS) security, CI/CD, and trying to navigate all of the nuances in between, it’s difficult to keep track of what each category of tooling includes. Within the cloud security space alone there are CASBs (cloud security access brokers), CWPPs (cloud workload protection platforms), and CSPM (cloud security posture management).
At the very top of the pyramid of cloud services are CMPT, or cloud management platform and tools. This is a huge umbrella of categories, even if we leave off the tools and simply focus on cloud management platforms (CMP).
Here are some of the categories that fall under CMP:
- Provisioning and orchestration
- Cost management and resource organization
- Cloud migration, backup, and data recovery
- Identity, security, and compliance
- Packaging and delivery
- Monitoring and analytics
- Inventory and classification
- Service requests
Gartner explores the differences between these offerings in depth, summarizing their findings as follows:
CASB, CSPM and CWPP tools offer an overlapping set of capabilities to address cloud risks, but no single group performs all the features of any one of the others… CSPM concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack.
Source: Gartner (January 2019)
In short, CSPM stands for cloud security posture management, previously CISPA or cloud infrastructure security posture assessment. The transition from CISPA to CSPM is a reflection of the shift in capabilities from this group of tools being primarily focused on reporting to including varying levels of automation. CSPM tools, per Gartner, include use cases for compliance assessment, operational monitoring, DevOps integrations (or in the case of DivvyCloud, DevSecOps integration), incident response, risk identification, and risk visualization.
DivvyCloud, which Gartner identifies as a CSPM, touches the following CMP categories as they specifically pertain to cloud security:
- Identity, security, and compliance
- Monitoring and analytics
- Inventory and classification
- Cost management and resource organization (at a peripheral level)
In the ideal implementation a CSPM should continuously manage cloud security risk. It should offer detection, logging, reports, and automation to address issues, ranging from cloud service configurations to security settings as they relate to governance, compliance, and security for cloud resources.
Having interoperability between monitoring and automation is a critical advantage of a CSPM. For enterprises grappling with multi-cloud and container environments, misconfiguration is the biggest threat to cloud security. So a CSPM tool is an excellent step towards implementing true cloud security best practices.
Gartner routinely recommends CSPM tools as elemental to cloud security by stating:
Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively and reactively identify and remediate these risks.
A best-in-class CSPM tool, like DivvyCloud, is designed to effectively manage the perpetual shift of cloud infrastructure. By combining continuous real-time monitoring and a range of automation (including automated remediation), a CSPM, along with the right cultural approach and processes, can enable an organization to solve cloud security issues around governance of multi-cloud, compliance based on a range of standards (CIS, NIST, HIPPA, etc.), and security concerns tied to common misconfigurations issues.
Interested in learning more? Try out our DivvyCloud demo today!