Managing the Security Posture for Your Cloud Deployments
An enterprise’s Governance, Risk, and Compliance (GRC) policies provide guidelines on what the IT systems need to achieve to meet the security and compliance goals. Cloud Security Posture Management (CSPM) helps to proactively monitor, track, and react to security violations to meet the GRC requirements. This chapter provides patterns on how to build end-to-end visibility and integration of security processes and tooling throughout the organization to get the security posture for the cloud applications. The security and compliance posture provides a method to understand the security controls implemented and their effectiveness. This chapter discusses how to prepare the enterprise to respond to large volumes of alerts and events related to cloud security. Given the use of multiple tools and shortage of staff, enterprises need to adopt security orchestration, automation, and response to improve their effectiveness against...
