One of the biggest cloud security challenges is the overwhelming number of false positives and other alerts coming from enterprise security solutions. This wastes time and resources while obscuring potentially meaningful alerts that security teams need to see.
To share a vision for more effective cloud security posture management (CSPM), including a better way to handle alerting, Fausto Lendeborg, co-founder and Chief Customer Officer at Secberus, joined a recent episode of The Virtual CISO Podcast. The show’s host is John Verry, Pivot Point Security CISO and Managing Partner.
Solving the alert fatigue challenge
According to Fausto, enterprises are living in a “giant lake of alert fatigue.”
“We are coming from a world where there are too many alerts and engineers are just turning these tools off because who can spend so much time investigating these alerts?” asks Fausto. “The pain that we combat the most is the operational challenges that these enterprises have in trying to eliminate alert fatigue and reduce false positive rates. Because if you can do that, your mean time to remediate gets shorter.”
When you turn on an enterprise security solution and point it at 500 cloud environments, you’re going to get 50,000 alerts. How do you manage that? You can’t auto-remediate everything, you can’t fix everything, and you can’t send the data to the SOC to investigate.
Secberus helps solve the problem by routing the alerts to the right people via their preferred channels and then tracking how they’re handled. That reduces remediation times significantly, while also reducing overall cloud security risk.
“We believe that if you can solve the operational problem [of alert fatigue], you will then solve the security problem,” Fausto adds.It’s all about improving the signal-to-noise ratio for security teams.
To hear the entire episode with Fausto Lendeborg from Secberus, click here.
One of the biggest cloud security challenges is understanding what the service provider is responsible for and what the user is responsible for. This blog post will give you a feel for the issues: The Cloud Security “Shared Responsibility” Model is Evolving