You Can Not Secure What You Can Not See


"The future of application development and infrastructure is in public clouds — and for many organizations, it's not just the future; it's today. Securing data, apps, and services in this new environment is critical for enterprises to defend against breaches, data exfiltration, and the resulting economic losses." -- Praveen Patnala, The Role of Visibility in Securing Cloud Application

Praveen Patnala, from Valtix, says out loud what many operations and engineering teams are concerned about: the security game has changed as companies move to the cloud. The main focus of Praveen's article is to highlight that old ways of doing business are no longer viable when it comes to securing the new model of  cloud native infrastructure. 

Keeping track of cyber assets has become an impossible task unless you utilize an automated solution for constant discovery and monitoring of those assets. As Praveen says, "Public clouds don't have a defined perimeter. Every single resource can be exposed to the Internet with a single click - an open security group rule or an ACL, an open route table entry, a public IP address attached to an interface, or some combination of these." All of your cyber assets are at risk without constant visibility and monitoring.

We fully support initiatives that work towards securing a cloud native future. We couldn't agree more with the premise of creating more visibility of all of you cyber assets within cloud native applications, including discover of endpoints, remote or external APIs, vulnerable components, compliance controls, etc. Thanks, Praveen, for the thoughtful article.

You can read The Role of Visibility in Securing Cloud Application on the Dark Reading site.

Additional Resources



Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.


cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.