Research | Our Q3 report details what's new in the world of ransomware.
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
Threat Advisories
The latest threat research report from ReliaQuest Threat Research research team.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
November 30, 2023
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
Spending on the public cloud isn’t slowing down anytime soon. Gartner predicted that it will reach $482 billion in 2022. That’s up 21.7% from the total of $396 billion a year earlier. Cloud management and security services will grow from $25,987 million in 2021 to $29,736 million the following year.
These budgets show that all organizations are struggling to ensure cloud security. A 2021 study revealed that organizations had suffered at least one security incident in their public cloud environment over the preceding 12 months. When asked about their security efforts, three in 10 teams said they had no formal sign-off for pushing to production. Four in 10 admitted that they didn’t have a DevSecOps workflow. Just over 70% noted that more than 10 individuals could make changes to the infrastructure in their AWS environments.
In this blog, we’ll do a cloud provider security comparison.
Learn how ReliaQuest can keep you secure in the cloud >
Taking into account the findings above, organizations should get familiar with the security policies of their public cloud provider, whether that’s Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP). There are three elements they should research in particular: the shared responsibility model, compliance, and networking/infrastructure.
The shared responsibility model divvies up security obligations between public cloud service providers (CSPs) and customers. The former is responsible for ensuring security of the cloud, while providing security in the cloud falls on the latter.
AWS is always responsible for protecting the hardware, software, networking, facilities, and other physical infrastructure for running cloud services. By contrast, the customer’s obligations vary depending on the type of cloud service they’ve selected (Infrastructure-, Platform-, or Software-as-a-service—IaaS, PaaS, Saas, respectively). There are also different levels of configuration the customer is responsible for.
There are three categories of controls AWS customers need to be aware of.
Read how to monitor and investigate AWS events >
In its documentation, Microsoft is clear that Azure customers own their data and identities regardless of cloud deployment type. Customers are therefore responsible for protecting their data, endpoints, account, and access management. And, of course, responsibility for protecting on-premises resources remains with the customer.
Like with AWS, physical security falls to Microsoft as the cloud service provider. The remaining obligations are typically shared between customers and Microsoft. Those controls include implementing multi-factor authentication (MFA) for identity and access management (IAM). Azure is responsible the effective functioning of MFA, but the customer is ultimately responsible for configuring it.
Let’s use Google Kubernetes Engine (GKE), which is powered by GCP, to describe how the platform approaches the shared responsibility model. Like the other cloud service platforms above, Google protects the underlying infrastructure. It encrypts data at rest, uses custom-designed hardware, protects data centers from physical access, and follows secure software development practices.
Meanwhile, the customer is responsible for maintaining their workloads including their application code, container images, and IAM policy. It’s also on them to enroll clusters in auto-upgrade or upgrade clusters to supported versions, monitor the cluster and applications so that they can respond to potential issues, and provide Google with details for troubleshooting.
In its documentation, AWS outlined the requirements for strong customer compliance. First, customers need to review the AWS shared responsibility model, security documentation, compliance reports, and other information so that they can document all their compliance requirements into a comprehensive security approach. Per those requirements, customers must then design and implement control objectives, identify and document controls owned by third parties, and verify that they’re meeting all their control objectives with effective security measures.
Microsoft said that customers must securely identify, label, and classify their data to be compliant. This holds true for wherever the data resides, whether in the cloud or on-premises.
Organizations can still use Microsoft products to meet their compliance obligations, though. For instance, customers can use Office Lockbox and Data Loss Prevention, capabilities that come with SaaS solutions such as Office 365 and Dynamics 365, to manage, classify, and configure their solutions to align with their compliance obligations. For PaaS, customers can leverage Azure Rights Management for data protection. Finally, IaaS customers need to consider data classification across all layers of the solution and audit deployed virtual machines within the solution itself.
For this one, let’s take Health Insurance Portability and Accountability Act (HIPAA) compliance as an example. First, customers need to determine whether they are a Covered Entity. If they are, they’ll need to enter into a Business Associate Agreement (BAA) with Google. Part of this process might involve confirming that they’re not intending to use or that they are not already using any GCP products that are not explicitly covered by a BAA.
With that agreement in place, Google is responsible for providing secure and compliant infrastructure. But as with the shared responsibility model, the customer needs to make sure that they’ve properly configured and secured the applications that they’ve built on top of GCP. To do this, customers can tightly control access to service accounts and their corresponding keys, account for any encryption requirements that might extend beyond what’s required by HIPAA, enable Object Versioning, and configure audit log export destinations.
In a whitepaper, Amazon noted that customers can choose a level of network security and resiliency that best fits their needs. It went on to explain that it’s implemented a firewall and other boundary devices along with secure access points to enable customers to build dispersed, fault-tolerant web architectures using its cloud services.
Microsoft noted that network controls include virtual networking, load balancing, and gateways. In its SaaS solutions, Microsoft manages and secures those controls for its customers. Most of the controls follow this same model in a PaaS solution, though customers have more ability to configure network-level service. In an IaaS solution, meanwhile, customers share responsibility with Microsoft for managing, securing, and configuring network solutions.
Google specified that GCP offers network security tools that customers can use to build a defense-in-depth security strategy. It went on to recommend that customers follow best practices when it comes to securing the network. Those actions include securing web-facing servers as well as micro-segmenting access to apps and services.
Maintaining security and compliance in the public cloud takes two: the provider and the customer. By familiarizing themselves with the policies of their cloud providers, customers can be sure they’re compliant and secure. In addition, some organizations turn to third parties like ReliaQuest to help manage their cloud security. With ReliaQuest Open XDR-as-a-Service, you can integrate disparate tools across the security stack—including the cloud—to build a single, complete view of threats. This contextual visibility enables organizations to visualize and respond to attacks.
Looking for tips on securing the cloud? Download our free white paper >
For more information, visit: Cloud Security Best Practices.