Michael Pitcher, vice president of technical cyber services at Coalfire’s federal business, has said government agencies should perform continuous monitoring operations in the cloud to protect cloud-based assets from cyber vulnerabilities.
Pitcher wrote in a blog post published Friday that agencies should understand their continuous monitoring approach as the cloud becomes a part of the next phase of the Department of Homeland Security’s Continuous Diagnostics and Mitigation program.
He noted that there are potential measures that agencies can implement to facilitate continuous monitoring in the cloud and those include the deployment of agents; adoption of built-in services and third-party applications; Infrastructure as Code review; custom approach development; and use of sampling for validation.
He discussed how agents work to facilitate continuous monitoring operations.
“Agents can check in with a master to maintain the inventory and also perform security checks once the resource is spun up, instead of having to wait for a sweeping scan,” Pitcher wrote.
“Interfacing with the master node that controls the agents and comparing that to the inventory is a great way to perform cloud-based ‘rogue’ asset detection, a requirement under CDM.”