Security

For Cloud Security, Detection is Not Enough

Eshel Yaron

,

Software engineer

,

Imagine receiving a bad diagnosis at the doctor’s office – but no treatment plan. The same thing happens daily with cloud security. Most large corporations have tools to detect security issues, vulnerabilities, and misconfigurations (the “diagnosis”) but offer only a “band aid” solution (regardless of the source of the wound) instead of an efficient, effective “treatment plan” for remediation. 

In the cloud today, infrastructure and development teams rapidly iterate and modify their organizations’ environments. Change is frequent. Detections of security issues are off the charts. It’s difficult for security teams to grasp and manually address every technical detail in this varying environment. To gain the upper hand in security, you have to adopt processes and paradigms to drive down risk, avoid breaches, and efficiently and effectively remediate.

EFFECTIVE REMEDIATION IS ESSENTIAL FOR RISK REDUCTION

The Dazz strategy is developer-led remediation, a security paradigm that empowers developers to fix security findings with maximum impact and minimum friction. We partner with engineering and R&D teams, giving them greater buy-in and improving efficiency as we fix security issues. 

New risks rise daily – changes in environment, best practices, or vulnerabilities. It’s a challenge for security to handle this assault alone. They may not have required permissions to perform remediation actions. The scale may be too great. Authorization may be necessary for decisions and compromises. 

When a misconfiguration exists in a cloud environment, there is an engineer who configured the environment to do something useful for the business. Dazz sees value in allowing the engineers who configured the environment, who deployed the infrastructure in the first place, to participate in making the specific remediation that changes their decisions. Sharing responsibility with the developers reduces bottlenecks in an organization’s development process and increases productivity. With developer-led remediation, there are fewer guardrails and manual steps along the way, increasing parallelism and improving efficiency.

HOW DO I IMPLEMENT DEVELOPER-LED REMEDIATION IN MY ORGANIZATION?

First, get the right processes in place between your security and development teams to facilitate developer-led remediation. Establish clear criteria to determine fixed ownership of the different security findings the detection tools reveal. For example, if there’s an alert from the CSPM, it must be crystal clear and agreed upon among all stakeholders in development and the R&D side as to who is responsible for fixing this issue and an appropriate timeline. It shouldn’t be ambiguous or debatable. All must be on the same page. The specific criteria will differ from organization to organization, but establishing responsibility is key to developer-led remediation. 

Once you establish responsibility, the next step is to remove friction for the fix owners. Get their buy-in. Really talk to them and understand what works best for them, what tools they’re using, what workflow best allows them to perform the remediation at scale as part of everyday work.

Next, identify the tools and data that you need for remediation. To remediate effectively, you need context and root cause analysis for each and every security finding. At scale, tens to hundreds of thousands of security findings will require fast, across-the-board analysis. Performing root cause analysis and tying security findings back to their context in development facilitates developer-led remediation.

By automating the process of determining ownership, developers assume responsibility for security findings automatically and without friction. The tools identify the owners for each finding, notify them, and provide the context they need to solve it.

The tool also eliminates duplicate and false positive findings – and the friction that can result from these findings.

DEVELOPER-LED REMEDIATION WITH DAZZ

Dazz supports developer-led remediation by integrating with the different services across your pipeline via read-only API integrations. Dazz maps your pipeline to discover and aggregate alerts from your cloud security detection tools. Security findings are reduced to their root causes. We perform this mass root cause analysis at scale for all your findings, from all your security detection tools, and all your cloud environments. This gives you the context to fix the issue at the source.

Dazz also integrates with the code scanners and your ticketing systems in order to actually meet the developers where they are and get them the security findings and remediation tasks via tickets or other notification mechanisms. We integrate with your code repositories, container repositories, and your CI CD pipelines. This provides unique visibility to the development side of each and every security finding. We perform the trace back for each security finding and provide security with visibility to the development and deployment workflows in your organization.

Whether in the doctor’s office or in the cloud, detection is only the beginning. Developer-led remediation is the best approach for successful cloud security and reduced risk in today’s cloud environments. Dazz provides the essential building blocks for the great remediation program your organization needs.

See Dazz for  yourself.

Get a demo