Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google Cloud Platform. Show all posts
Risk Management
Cloud Cyber Security cybersecurity best practices cybersecurity posture Enterprise enterprise cybersecurity Google Cloud Platform Infrastructure Risk Management

Posture Management Emerges as Strategic Cybersecurity Priority Amid Cloud and Data Fragmentation

 

Posture management is rapidly evolving into a cornerstone of enterprise cybersecurity as organizations grapple with increasing digital complexity. With infrastructures now sprawling across cloud platforms, identity services, and data environments, the traditional model of siloed risk monitoring is no longer sustainable. As a result, cybersecurity leaders are embracing posture management not only to gauge exposure but also to orchestrate defenses in real time. 

This shift reflects a broader industry movement toward unifying visibility and control. “From a business perspective, large organizations have M&A — they have rollups; they have multiple divisions. They’re not centralized; they’re across globes,” said Erik Bradley, chief strategist and director of research at Enterprise Technology Research. “There’s no way that we’re ever going to see a consolidation on one platform.” 

Bradley shared these insights during a conversation with theCUBE’s Jon Oltsik and Dave Vellante at the RSAC 2025 Conference, hosted by SiliconANGLE Media. The discussion focused on how posture management is becoming integral to modern security operations by improving visibility, minimizing tool sprawl, and enabling strategic risk reduction across complex IT environments. Security teams are increasingly recognizing the limitations of point solutions. 

Instead, they’re exploring how posture management can serve as a foundational layer across enterprise-wide platforms. “We’re carving up terminology and confusing the market,” said Oltsik. “IT is moving so quickly and it’s so specialized that you need specialized posture management tools for cloud, identity, and data.” Leading cybersecurity vendors like CrowdStrike and Palo Alto Networks are embedding posture management into broader security suites, aligning it with automation, identity access controls, and even password management. 

These integrations aim to reduce operational overhead while enabling faster, more accurate threat detection. According to Bradley, these vendors view posture management as both a preventive control in peacetime and a readiness tool in active cyber warfare scenarios. However, challenges persist—particularly around data fragmentation. Although many vendors tout strong telemetry capabilities, few offer complete visibility across all domains. 

This leaves enterprises vulnerable to gaps in their defenses, especially as they try to consolidate vendors and reduce redundancy. “No CSO is going to go all-in with one provider,” Bradley emphasized. “They’re focused on consolidating redundant vendors and streamlining operations without sacrificing visibility or security.” 

As cybersecurity evolves, posture management is no longer a niche function—it’s becoming the backbone of a resilient, scalable defense strategy.
Read more »
multicloud environment
Aviatrix cloud service providers Cyber Security Flexera Google Cloud Platform Microsoft Azure multicloud environment

Businesses Rely on Multicloud Security to Protect Cloud Workloads


On Thursday, cloud networking company Aviatrix unveiled its new Distribution Cloud Firewall security platform, which integrates traffic inspection and policy enforcement across multicloud environment.

According to Rod Stuhlmuller, VP of solutions marketing at Aviatrix, the company utilizes native cloud platform features and its own technology to give businesses a centralized look into the security of their cloud workloads and the flexibility to send out the same guidelines to different clouds.

"The architecture is really what's new, not necessarily the capabilities of each of the features[…]It's very different than having to reroute traffic to some centralized inspection point for whatever security capabilities you're talking about — that just becomes very complex and expensive to do," he said.

According to a survey by Flexera, “Flexera 2023 State of the Cloud Report,” a vast majority of companies (87%) have switched to a multicloud architecture, with the majority (72%) adopting a hybrid strategy that integrates both private cloud infrastructure and public cloud services. According to Flexera, managing multicloud architectures and securing cloud infrastructure are among the top concerns for businesses, with 80% and 78% of them grappling, respectively.

Security may suffer if businesses distribute workloads among numerous cloud service providers (CSPs). According to Patrick Coughlin, vice president of technical go-to-market for Splunk, a data and insights cloud platform, companies may rapidly lose visibility into the security of their cloud infrastructure because CSPs handle security policies, traffic inspection, and workload deployment differently.

The Multicloud Security Mess

Initially, many providers built virtual versions of their firewall appliances and used them as entry points to cloud infrastructure, but John Grady, principal analyst for cybersecurity at Enterprise Strategy Group, says that managing those virtual firewalls has gotten harder, especially when using multiple cloud platforms.

"Virtual firewall instances have been around for a while, but there's been an acknowledgement over the last couple of years that these deployments can be complex and cumbersome and don't take advantage of the key benefits the cloud offers[…] we've seen a general shift toward more cloud-native network security solutions," says Stuhlmuller.

Finding a solution to the expanding complexity is essential as more enterprises use numerous infrastructure-as-a-service (IaaS) solutions from the leading cloud providers, Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

By employing their native security groups, Aviatrix, for instance, enables businesses to develop an abstracted policy that can be applied across all cloud platforms without the administrator having to visit each one. The number of containers and virtual machines that need to be upgraded for businesses with expanding workloads, driven by microservice-based software architecture, can soar, according to Stuhlmuller.

"It's not that we're putting firewalls everywhere, but we're putting the inspection and enforcement capability into the network into the natural path of traffic, with a [single management console] that allows us to do central creation of policy but push that distributed inspection enforcement out everywhere in the network," he says.

Forrester Research lists Palo Alto Networks, Trellix, Trend Micro, Rapid7, and Check Point Software Technologies as additional significant vendors that concentrate on cloud workload security, but with various approaches to the technologies.  

Read more »
Subscribe to: Posts (Atom)