Cloud Native Application Protection Platforms (#CNAPP) are only as good as their ability to be instrumented & operationalized by the #cloudsecurity teams who manage them.
In today's 🧵, we give a shout out to the key players on a ☁️ sec team & how CNAPP can help them succeed!
Cloud Security Architect - Responsible for designing & implementing the overall security strategy for the org's ☁️ environment, they have a deep understand of infra & sec best practices & design secure solutions to meet the orgs app needs!
Architects benefits from CNAPP platforms in a few ways:
a. Understanding the topology of the env they're protecting
b. Building ThreatGraphs of exploitable risk within their env to understand where controls are necessary!
c. Posture management against the environment
Cloud Security Engineer - This role is responsible for the day-to-day management & maintenance of cloud security controls; b/c of this they have experience with #cloudsec tooling & help implement appropriate technology controls in the environment for detection & protection.
Security engineers benefit from CNAPP by:
a. One system to implement security posture across multi-cloud
b. Granular control of protection based on attacker TTP & known bad threat intel
c. One system for detection & protection across Iaas, PaaS, SaaS!
Cloud SecOps Analyst - In charge of monitoring the org's ☁️ environment for security incidents & responding to them. Their experience with security incident response helps to quickly identify and contain threats!
Cloud SecOps Analyst benefits from a CNAPP b/c:
a. Reduce 97% of alerts coming from individual tooling, which saves them 20+ hours of week of manual effort.
b. Allows them to focus on the alerts that matter w/i the env in a timely way to instrument appropriate response!
Cloud Compliance Analyst - They manage & ensure the org's ☁️ env is compliant with relevant regulations & standards such as HIPAA, SOC 2, and PCI-DSS, and implement controls to meet those requirements.
Compliance professionals benefit from CNAPP b/c:
a. CNAPP provides a centralized management console for multi-cloud asset inventory
b. CNAPP provides a singular posture assessment across a multi-cloud env against important regulatory standards. Ensures continuance compliance!
Cloud Sec Manager - Tasked with identifying and assessing risks to the org's security posture, & developing/implementing strategies to mitigate those risks. They need to adopt a risk framework to prioritize spend of sec resources across the env for protection & remediation.
Managers benefit from CNAPP due to:
a. Consolidating costs across disparate security tooling
b. Increased efficiency & ROI from staff
c. Reporting that can highlight risk across business units better centering cost/profit centers w/ their risk posture!
We hope you enjoyed this 🧵. If you enjoyed it, like/RT this post & give us a follow @deepfence!
Want to learn more about how our CNAPP can help you succeed? Schedule a demo w/ @ryancsmith2222, head of product!
go.deepfence.io/15-minute-demo
Deepfence
@deepfence
Securing your apps in production across the entire cloud native continuum – clouds, Kubernetes, containers, serverless, and more