With Great Power Comes Great Responsibility

Moving applications and infrastructure to the cloud offers a degree of flexibility and scalability that can be a boon to almost any organization. Having continuous software and asset availability in cloud environments with elastic, as-needed infrastructure is extremely valuable. Sharing security responsibilities with a cloud service provider can even unburden security and IT teams to a degree.

However, that same powerful elasticity of cloud environments and the ephemeral nature of the assets that can spin up and down present new challenges for organizations trying to ensure the secure configuration and integrity of those assets. Security teams still need to fortify ephemeral cloud infrastructures for effective security, continuous compliance, and reliable IT operations.

So, what are some of the new problems they face, and how can Tripwire Enterprise (TE) help?

Onboarding Assets

As a cloud environment responds to resource demand, there can be large spikes of new assets to monitor. This occurs when updated systems are deployed to take the place of existing infrastructure or when a failure states trigger new builds. In the case of an elastic asset, which only exists to handle a temporarily increased burden, the total lifecycle can be very short.

If you’re reliant on scheduled tasks to scan critical files or validate secure configuration, you might have trouble catching these short-lived assets before they spin down. Rolling updates are a great way to maintain a consistent, immutable infrastructure while staying on top of new patches and installed package updates.

As large numbers of new assets come online to take over for the systems that are being decommissioned, it’s important to know that everything is rolling out with a secure configuration and your baseline for critical files is captured. If automation in your environment responds to an unwanted change or (Read more...)