Preventing Misconfigurations

Preventing Misconfigurations

Misconfiguration of cloud services is the number one reason for security and compliance risk. When using cloud services (IaaS, PaaS, Serverless, FaaS, and CaaS), security is a shared responsibility between you and the cloud service provider (CSP).   

You, as the customer of the CSP, are responsible for securing how you use cloud services, including properly configuring identity and access management (IAM), storage and compute settings, threat analysis and defense, and the security of the application and data processed and stored in the cloud.

Therefore, secure cloud configuration must be a dynamic and continuous process. At a base level, there is the configuration of the cloud infrastructure (e.g., blocking SSH ports, and IAM). Next, there is the configuration of the CSP security controls (e.g., enabling log monitoring and encryption). And, finally, SecOps teams must address changes to settings (e.g., detecting and acting on a threat actor turning off logging to cover their tracks).

With DivvyCloud by Rapid7, all changes — no matter how they are implemented (via console, provisioning tools, or programmatically) — are detected through a two-tiered monitoring approach that includes API polling and event-driven harvesting for faster detection of changes and automation in real-time. This allows you to identify misconfigurations and resolve them with automated, real-time remediation.

With DivvyCloud by Rapid7, you can accelerate innovation through the use of cloud and container services while minimizing the risk of misconfigurations.