/ Cloud Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Will Your Cloud Provider Play Nice With Your Third-Party Security Vendor? [Video]

DZone's Guide to

Will Your Cloud Provider Play Nice With Your Third-Party Security Vendor? [Video]

Watch this interview, which delves into the murky area of cloud security. At the end of the day, the important question to keep in mind is, ''Who configures what?''

by
David Spark
·
Sep. 01, 16 · Cloud Zone
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

See how the beta release of Kubernetes on DC/OS 1.10 delivers the most robust platform for building & operating data-intensive, containerized apps. Register now for tech preview.

When a company moves to the cloud, there are many parties responsible for security. Even with contracts, it may not always be clear where the boundaries of responsibility between the companies, the users, the cloud providers, and third-party security vendors lie. Security professionals I spoke to at both the Black Hat USA 2016 conference and Security BSides Las Vegas noted they’ve had clients who were surprised to discover a certain security service was not offered by their cloud provider, even though it was written out in the contract.

“You want to be clear on who is in charge of what when it comes to delivering your security needs in the cloud infrastructure especially when they’re delivered by a third party vendor,” said Keren Elazari (@k3r3n3), an independent security consultant, researcher with Tel Aviv University, and founder of Security BSides Tel Aviv.

The confusion really comes into play when an organization hires a third party vendor to work with the cloud provider.

Ultimately, Elazari said you simply have to ask, “Who configures what?”

For example, a web application firewall is delivered on the cloud and usually by the cloud as well. “You want to be clear that you can use those web application firewall services in the cloud and that the provider that is giving you the infrastructure for the cloud is going to play nicely with your security provider,” said Elazari.

New Mesosphere DC/OS 1.10: Production-proven reliability, security & scalability for fast-data, modern apps. Register now for a live demo.

Like This Article? Read More From DZone

Why it’s Critical to Foster a Relationship With Your Cloud Provider [Video]
The Impact of the Cloud's Shared Responsibility Model on Compliance
Overcoming Cloud Migration Pain Points (Black Hat 2016) [Video]

Free DZone Refcard

Getting Started With Kubernetes
DOWNLOAD
Topics:
cloud ,security ,application ,service ,cloud infrastructure ,cloud providers ,vendors

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of David Spark. See the original article here.

Opinions expressed by DZone contributors are their own.

Cloud Partner Resources

Now Available: Mesosphere DC/OS 1.10 with Kubernetes in beta
Whitepaper: Site24x7: Powerful, Agile, Cost-Effective IT Management from the Cloud
[Tech Guide] OpenStack Deployment Models
Kubernetes Deployment Models: The Ultimate Guide
Making Sense of the Container Ecosystem: Kubernetes Comparison eBook
Key AWS Elastic Load Balancer metrics you need to monitor
Tech Preview: Pure Kubernetes now runs on DC/OS 1.10
Register for a live demo of the new DC/OS 1.10
Three key metrics for monitoring AWS SNS performance and usage

Cloud Partner Resources

Now Available: Mesosphere DC/OS 1.10 with Kubernetes in beta
Whitepaper: Site24x7: Powerful, Agile, Cost-Effective IT Management from the Cloud
[Tech Guide] OpenStack Deployment Models
Kubernetes Deployment Models: The Ultimate Guide

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone