In the recent Cloud Security 2017 Spotlight Report, 28% of respondents cited a lack of staff resources and expertise as a barrier to moving to the cloud.
We hear this concern all the time — it’s hard enough to keep up with all of the security tasks at hand, let alone add on the additional need to train employees on new technology. Given the huge cybersecurity skills gap in the market today, trying to hire people who know everything already is nearly impossible.
That’s why the Evident Security Platform (ESP) was designed to be useful for both Cloud newbies and Cloud experts, and everyone in between, too. The uptick in DevOps adoption means that more and more people are pushing code and setting up Cloud services. The experts you have on staff can’t manage all of the security risks alone — so the ESP platform is designed to guide everyone through the process of remediating risks.
Did you know that ESP provides recommended steps for remediation?
It’s true, when you look at the Alert Details screen, you will find a Description of the Alert, the Remediation Steps, and if you have enabled our User Attribution feature you will see who, when, how and where the risk was introduced into the system. The description and remediation steps will explain not only why you should be concerned about the Alert, but how you can resolve the problem.
I wish that I had Remediation Steps when putting things together from Ikea! My wife is the builder in our family. We have a saying “Her Tools, His Tech” because she is excellent at putting things together and building things. Even with simple things I screw them up.
That’s what is great about Evident though, we give you guided remediation to fix the problems fast and get your cloud infrastructure looking a little less attractive to the hackers that are lurking out there.
Here’s a sample of the Remediation Steps for an alert that flags when Multi-factor Authentication is not set-up properly. (Do us all a favor…please set up MFA on all your accounts!)
If you can follow instructions (unlike me most times) you can make your boss happy and secure your infrastructure by remediating the risks. And, you get hands-on, on-the-job cloud security training while you’re burning down the alerts!
I would HIGHLY recommend that enable our User Attribution feature if you haven’t already. It’s going to give you the who, when, and where of your alerts by correlating directly with your AWS CloudTrail events. For more information on this, check out docs page here.