What is Cloud Security Posture Management (CSPM)

As the cloud grows, so too does the playing field of participants. Between infrastructure management (IaaS, PaaS, fPaaS, SaaS, Raas) security, CI/CD, and trying to navigate all of the nuances in between, it’s difficult to keep track of what each category of tooling includes. Within the cloud security space alone there are CASBs – Cloud Security Access Brokers, CWPPs – Cloud Workload Protection Platforms, and CSPM – Cloud Security Posture Management.

At the very top of the pyramid of cloud services are CMPT, or Cloud Management Platform and Tools. This is a huge umbrella of categories and as a subset is a CMP or Cloud Management Platform that includes numerous categories.

These include:

• Provisioning & Orchestration
• Cost Management & Resource Organization
• Cloud Migration, Backup, and Data Recovery
• Identity, Security, and Compliance
• Packaging and Delivery
• Monitoring & Analytics
• Inventory & Classification
• Service Requests

Gartner explores the differences between these offerings in depth, summarizing their findings as follows:

CASB, CSPM and CWPP tools offer an overlapping set of capabilities to address cloud risks, but no single group performs all the features of any one of the others….CSPM concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack.

                                               Source: Gartner (January 2019)

In short, CSPM stands for — Cloud Security Posture Management, previously CISPA or Cloud Infrastructure Security Posture Assessment. The transition from CISPA to CSPM is a reflection of the shift in capabilities from this group of tools being primarily reporting focused to a shift that includes varying levels of automation. CSPM tools, per Gartner include use cases for compliance assessment, operational monitoring, DevOps integrations (or we’d argue in the case of DivvyCloud – DevSecOps integration), incident response, risk identification and risk visualization.

DivvyCloud, which Gartner identifies as a CSPM, touches the following CMP categories as they specifically pertain to cloud security:

• Identity, Security, and Compliance
• Monitoring and Analytics
• Inventory and Classification
• Cost Management & Resource Organization (at a peripheral level)

In the ideal implementation a CSPM should continuously manage cloud security risk. It should offer detection, logging, reports, and provide automation to address issues, ranging from cloud service configurations to security settings as they relate to governance, compliance, and security for cloud resources.

Having interoperability between monitoring and automation is a critical advantage of a CSPM. For enterprises grappling with multi-cloud and container environments, knowing that misconfiguration is the biggest threat to cloud security a CSPM tool is an excellent step towards implementing true cloud security best practices.

Gartner routinely recommends CSPM tools as elemental to cloud security by stating:

Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively and reactively identify and remediate these risks.

A best-in-class CSPM tool, like DivvyCloud, is designed to effectively manage the perpetual shift of cloud infrastructure. By combining continuous real-time monitoring and a range of automation (including automated remediation) a CSPM, along with the right cultural approach and processes, can enable an organization to solve cloud security issues around governance of multi-cloud, compliance based on a range of standards (CIS, NIST, HIPPA, etc), and security concerns tied to common misconfigurations issues.

Interested in learning more? Speak with a DivvyCloud expert today!

Watch DivvyCloud’s 60 second video to learn how we help customers like GE, 3M, Autodesk, Discovery, and Fannie Mae stay secure and compliant.

DivvyCloud minimizes security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes). First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.