Cloud security posture management & workload protection - key differences

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to cloud tech talks this is pretesh i'm back with another video in this video i'm going to try and explain the difference between cloud security posture management and cloud workload protection these are both components of the overall cloud security framework and there are lots of tools which are able to achieve this for you as an organization so uh hopefully after this video you get a better understanding of what the difference between the two is and that will help you choose the right tools and platforms to be able to do so so let's get started so here i've divided the the board into two parts uh the bottom part i'm going to focus on on the security posture management and once we're done with that i'll explain the cloud workload protection part as well so um at the bottom here let's assume we have different clouds right so for the purpose of today's example let's say it's aws we have azure gcp right these are three different clouds they have servers running here so server one server two server three and uh essentially what this means is when an organization is using all of these clouds or one of those clouds they are using one servers they're using databases are also configuring their network systems on on the clouds uh and so on and so forth right so uh this is essentially the part where you configure the cloud for you you configure the infrastructure this is the infra part right and what you do in order to protect this environment or in order to protect this side of your cloud is called cloud security posture management you have to look at it from the perspective of how your cloud looks how your posture is in the cloud that's where the terminology of posture comes into play and this is why people call this cspn cloud security posture management now uh this is as far as infrastructure side is concerned now you move to the other side let's talk about workload protection so here as opposed to only utilizing the cloud let's make another layer here let's say there is a combination of public or private cloud services and this is essentially where your application environment is run right so if you talk about private clouds let's talk about openshift from red hat vmware they have something called as tamsu you have aws aks eks so this is azure and um amazon kubernetes engine and so on and so forth right so there are multiple other uh google has its own as well now if you uh and there is native kubernetes as well right so let's say kubernetes let's put it here and as part of this you have your apps running containers right so let's say it is uh doc your docker application right so this is app one app two app three f4 and five uh however these are all individual container services right so these are the these have to be classified as containers running on this docker platform running on the platform of kubernetes which is essentially leveraging one of these clouds uh as well right so the difference between this and this uh is the kind of applications and kind of workloads you run here right so let's talk about the app itself so application itself is running is running on a container which we spoke about which we spoke about here these containers right then there is the security part of the code uh the testing configuration and everything else right so um everything that you do here is very different from how you're protecting your infrastructure because in this case you are trying to protect the workload itself which could be an app which could be a micro service running on your kubernetes platform running on any of these clouds and also from the perspective of going deeper into every core that you write going deeper into every test that you run and essentially that pipeline of devops that you're managing inside this environment right that is why this is called cloud workload protection and that's why it's different right so these are two different functions there are tools and services available in the market which do a combination of both and there are tools which are only dedicated to security posture management or otherwise only dedicated to cloud workload potential protection as well and this is essentially what it what i wanted to explain to you so when i uh dig deeper into these concepts i will make individual videos about what's the importance of running security for each of these things that you see written here and what's the importance of running security for infrastructure level uh cloud as well and when a combination all of this matters and how you you know bring in a an efficient practice for security in the cloud so this was all about cspm and cwp i hope this was useful for you until next time this is prathesh signing off from cloud tech talks thank you

Info

Channel: CloudTechTalks

Views: 3,029

Rating: undefined out of 5

Keywords: cloud security, cloud security posture management, Cloud workload protection, cspm, cwp, cwpp, DevSecOps, cyber security, cybersec, cloud, monitoring, threat detection

Id: dPeyK2GAI3o

Channel Id: undefined

Length: 6min 20sec (380 seconds)

Published: Fri Apr 08 2022