We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Cloud Network Monitoring and Related Security Services.

LateNaite
LateNaite asked
on
Medium Priority
117 Views
Last Modified: 2020-04-24
I am just curious what customers services to offer to customers who are migrated to the Cloud (AWS and Azure).  Some examples might be Cloud Alerts Monitoring, Security Controls such as Security Assessment/Hardening..etc.
Comment
Watch Question

Ugra Narayan PandeyCloud Security Expert
CERTIFIED EXPERT

Commented:
There are multiple services available for Cloud Alerts Monitoring, Security Controls like DLP, Access Control, Security Operation Centers, Third-party app installation restrictions, Web access restrictions, hardware insertion restrictions, etc.

https://www.cloudcodes.com/blog/security-monitoring-in-cloud-computing.html

https://www.cloudcodes.com/blog/topmost-cloud-security-controls.html
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
A nice side by side list of Azure and AWS service for

DevOps and application monitoring
Management
Security, identity, and access

https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services
Executive IT Director, MVE
CERTIFIED EXPERT
Most Valuable Expert 2019
Commented:
In the cloud, beware of the application program interfaces (APIs) since cloud infrastructures are unique in that they require specialized (APIs) for third parties to interface with the cloud. These APIs can cover everything from authentication to encryption, and if they aren't secure, attackers can easily take advantage of the APIs to compromise the link between the customer and provider.


Cloud APIs and web interfaces are vulnerable to attack. To avoid these defects:
• Review all cloud interfaces for security vulnerabilities.
• Implement multi-factor authentication.
• Require strong, complex passwords.
• Provide an account lockout feature after a certain number of failed access attempts.
• Ensure that all cloud interfaces use transport encryption.
• Implement tools like data leakage prevention and SIEMs to monitor and detect classified data leaked from endpoints, web portals, and cloud services.



Cloud-Monitoring-Tools [Source: https://www.heise.de/select/ix/2019/9/1908809453706059712]
Amazon CloudWatch      aws.amazon.com/de/cloudwatch/
AppDynamics APM      www.appdynamics.com/product/
Azure Monitor      azure.microsoft.com/de-de/services/Monitor/
Bitnami Stacksmith      bitnami.com/stacksmith
BMC TrueSight      www.bmcsoftware.de/it-solutions/truesight.html
CA UIM      www.ca.com/de/products/ca-unified-infrastructure-management.html
CloudEye (CES)      open-telekom-cloud.com/de/produkte-services/cloud-eye
CloudMonix      cloudmonix.com
Datadog      www.datadoghq.com/pricing/
Dynatrace      www.dynatrace.com/platform/cloud-infrastructure-monitoring/
LogicMonitor      www.logicmonitor.com
Monitis      www.monitis.com/de
Microsoft OMS      azure.microsoft.com/de-de/resources/videos/operations-management-suite-oms-overview/
New Relic (APM)      newrelic.com
Stackify Retrace      stackify.com/retrace/
VMware vRealize Hyperic      www.vmware.com/de/products/vrealize-hyperic.html


Others:
Read OWASP Top 10 Attacks
Read ENISA documents
Read  CSA Guide V4
The Notorious Nine: Cloud Computing Top Threats
https://cloudsecurityalliance.org/star/#_registry
https://resilience.enisa.europa.eu/cloud-security-and-resilience/publications/cloud-computing-benefits-risks-and-recommendations-for-information-security
https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment
https://www.enisa.europa.eu/publications/exploring-cloud-incidents
https://www.enisa.europa.eu/publications/cloud-security-guide-for-smes
https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf
https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=909505
https://www.qualys.com/research/security-alerts/
CSA  https://cloudsecurityalliance.org/star/levels/
https://www.experts-exchange.com/articles/31744/Cloud-Security-Threats-Risks-and-Concerns.html
https://www.experts-exchange.com/articles/32132/Better-Security-in-the-Cloud.html

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Related for cloud security include the CASB, CSPM and CWPP Capabilities

Cloud Access Security Broker
Cloud Security Posture Management
Cloud Workload Protection Platform

These are important platform or services for prevention, detection and response purpose in event of breaches happening and anomalous activities taking place.

https://outpost24.com/blog/find-the-differences-between-CASB-CSPM-and-CWPP
LateNaiteCEO and Founder

Author

Commented:
Thanks everyone for your suggestion.  I will go through all of these suggestions.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.