FireMon Acquires DisruptOps to Extend Cloud Security Reach
FireMon, a provider of a platform for managing network security policies, today revealed that it has acquired DisruptOps, a provider of a platform for automating the management of cloud security.
Along with that move, Jody Brazil, currently the CEO of DisruptOps, will become CEO of FireMon, a company he helped found before launching DisruptOps in 2017.
Brazil said the combined entity provides IT organizations with the security tools required to secure both their on-premises and cloud computing platform supported by a single vendor.
DisruptOps created a platform that monitors cloud platforms in real-time to detect, for example, a misconfiguration that creates a security risk. It currently supports Amazon Web Services (AWS) and Microsoft Azure, with support for Google Cloud Platform (GCP) planned.
Most cloud resources are configured by developers, so there are plenty of opportunities for security mistakes. Unfortunately, Brazil noted, given the complexity of the tools employed to secure on-premises IT environments the situation is not much better. Nearly 100% of all security tools are misconfigured in some way, said Brazil. That issue creates a pressing need for tools that generate alerts whenever security policies are being violated, he added.
The overall security posture of organizations will only become more challenging to maintain as edge computing platforms start to expand the overall size of the attack surface that needs to be defended, noted Brazil.
Of course, many organizations are hoping that shifting responsibility for security further left toward developers—otherwise known as DevSecOps—will improve their overall security posture. The challenge is most developers lack the security expertise required to properly provision platforms using infrastructure-as-code (IaC) tools. While there are some instances of DevSecOps best practices being applied in the cloud, DevSecOps as a concept in on-premises environments is practically nonexistent. Those platforms are managed directly by security and IT operations staff using tools based on graphical interfaces.
Ultimately, those security and IT teams will require tools that allow them to manage security-as-code without requiring them to have programming skills, said Brazil. Right now, it simply takes too long for most security teams to implement a simple change request, he added.
In the longer term, Brazil noted artificial intelligence (AI) will start to play a larger role in security. The challenge is making sure those AI tools don’t wind up allowing a mistake to be propagated at scale, he added. Few security professionals are fired because of a security breach, but there are plenty of examples of security professionals being terminated because they accidentally took down the entire enterprise network, noted Brazil.
As a wave of consolidation continues to roll across the IT security landscape, it’s become increasingly apparent that the number of security vendors any organization needs to manage and secure the extended enterprise is declining. IT organizations will need to decide, however, what best-of-breed tools to employ alongside integrated platforms that provide a broad range of capabilities as the total cost of implementing IT security on an end-to-end basis declines.
