<aside> 📘 relates:

TL;DR;

主要是 CSPM、DSPM,核心点如下:

  1. vendor independent,不依赖于某个云,而是关注于跨云管理
  2. DSPM 以数据为核心,关注敏感数据发现,尤其是数据在哪、谁在访问、访问方式等
  3. CSPM 以配置为核心,提出云时代最大的安全风险就是配置错误

除此之外还有一些其他的概念:

  1. CWPP 这是比较传统的云主机防护 agent
  2. CASB 跨云 API 的跳板机
  3. CIEM 跨云的权限管理(IAM)
  1. NSPM 跨云的网络策略管理
  2. ASPM 安全左移,更关注 dev 侧的安全发现

总的来说,一个大趋势就是跨云、下云,让用户摆脱云的控制。 而且部署方式也从 agent 到 agentless 的演变,提供安全 SaaS 云, 以 API 的形式对多云进行远程扫描。

</aside>

How Can DSPM Help You?

The most important benefit of DSPM is accelerating your organization’s ability to continuously keep its cloud data safe and secure. Assessing and acting on data security posture is different from other types of security posture, such as issues affecting the general cloud, applications, network, devices, identify, and so forth. Unlike these, DSPM focuses like a laser beam on your data.

<aside> 📘 6 Categories of Cybersecurity Posture | LinkedIn

</aside>

Specific benefits of DSPM

As part of keeping your cloud data safe and secure, DSPM specifically will help your security, IT operations, and DevOps teams to:

A modern DSPM platform automates the process

Frankly, the challenge of securing multi-cloud data surmounts purely manual efforts to implement and maintain DSPM processes for various teams of enterprise stakeholders. If your organization desires the benefits of DSPM (and it should!), automated systems are mandatory to ensure DSPM processes are systematic, comprehensive, and effective.

The automation of DSPM entails use of a DSPM platform. A modern DSPM platform has one major focus: to quickly and accurately assess security posture of your organization’s cloud data and ensure rapid remediation of vulnerabilities – both for security of the data and for compliance mandates covering various types of sensitive data.

The DSPM platform will not replace existing security tools used for posture management of the network, applications, clouds, and so forth. Indeed, the DSPM platform should and must ingest contextual data, alerts, and other metrics from your existing infrastructure of tools for security, IT operations, and DevOps. These data are crucial for informing the DSPM platform of your entire data infrastructure as it relates to security and compliance. The data fuel algorithmic analysis and processes using artificial intelligence and machine learning (AI/ML) to automatically accomplish what subject matter experts are unable to achieve with manual efforts alone.

The DSPM platform also must seamlessly integrate with security and operational services from all your organization’s cloud service providers. These shall include major providers such as Amazon Web Services (AWS), Microsoft Azure (Azure), and Google Cloud Platform (GCP). In general, whilst security and operational tools provided by a cloud service provider may be effective within the provider’s cloud, interoperability with data security-focused systems in other clouds is poor to non-existent. For this reason, a DSPM platform is mandatory for systematic, comprehensive, and effective cloud data security posture management integrated across the extended cloud environment.

How Does DSPM Work?

One of the biggest questions for cybersecurity is, “Where is our data?” You can’t begin to secure data until you know where it is – especially critical business, customer, or regulated data. As we’ve learned in this new era of agile, your data can be almost anywhere in the cloud. Getting better visibility is the first step to a process of securing cloud data called Data Security Posture Management.