Blog | Jul 02, 2020

Why a Cloud-Native Platform is a Requirement for Modern Cybersecurity

If you ask anyone who works in cybersecurity what they like about their job, odds are pretty high that somewhere near the top of the list is “things are always changing.”

It’s almost a cliché that cyberthreats are always evolving, but of course, it remains true. Threat actors are nothing if not inventive and many have the skills and motivation to continually refine their strategies and tactics. Accordingly, cybersecurity must always change proactively to anticipate and stay one step ahead of attackers’ moves and reactively in response to new threats.

The Evolution of Cybersecurity

But change applies to more than just tactics, techniques and procedures. Over the longer term, cyberdefense has trended away from a collection of distinct tools and technologies—each of which aims to provide protection against a particular type of attack—and has morphed into a broader data problem.

Delivering effective cybersecurity today requires being able to consume a vast stream of telemetry and events from a wide range of signal sources. It requires being able to process that data to identify attacks while avoiding false positives and false negatives. It requires equipping a team of expert analysts and threat hunters with the tools they need to investigate incidents and research advanced, evasive attacks. And it requires having the ability to continuously upgrade detection and defenses because, as we know, things are always changing.

These requirements demand changing the very technology foundations upon which cybersecurity solutions are built—moving from traditional security products and legacy MSSP services to modern cloud-native platforms.

Cloud-Native is a Platform Imperative

While “cloud ready” means a solution can be deployed in the cloud, “cloud native” goes much farther: cloud native means a platform was architected, was designed and was built specially for the cloud. This new report from 451 Research weighs in on what a best-in-breed, cloud-native cybersecurity platform should deliver in order to effectively stop cyberthreats in the digital age.

Cloud native is about how a platform is developed, not about where it’s deployed. A cloud-native approach employs a service-based architecture in which processes and activities are self-contained and optimized to leverage the agility and flexibility afforded by the cloud itself.

A cloud-native platform offers important advantages over legacy approaches—advantages that provide real, important benefits for cybersecurity providers and the clients who depend on them. For example:

  • A cloud-native architecture is more easily extensible, which means more features, sooner, to enable analysts and protect clients
  • A cloud-native platform offers higher performance because the microservices inside it can maximally utilize the cloud’s vast compute, storage and network resources; this performance is necessary to ingest and process the vast streams of data which need to be processed to keep up with real-time threats
  • A cloud-native platform can effortlessly scale to handle increased workloads without degradation to performance or client experience

Differentiation that Makes a Real Difference

Building a cloud-native platform takes time, expertise and investment—it requires completely rearchitecting systems and overhauling software development methodologies. This level of commitment means there’s no quick catch-up option for providers who’ve been left behind with legacy architectures.

But there’s no doubt that the investment is worthwhile. At eSentire, we’re proud to be pioneers in delivering effective, efficient and scalable cybersecurity solutions; consistent with this track record, we started the long and challenging shift to cloud native years ago—and our clients are already enjoying the benefits of Atlas, our cloud-native platform.

Leveraging patented artificial intelligence (AI) technologies, Atlas learns across our global customer base and immediately extends protection to every customer with each specific detection. This ability to rapidly learn and work at cloud scale, combined with expert human actions, stops breaches and reduces customer risk in ways unattainable by legacy security products, traditional MSSPs and other MDR providers.

For example, extensive automation and rapid orchestration enables us to stop threats that avoid firewalls and antivirus—on average once per minute for every customer—essentially keeping pace with evolving and newly appearing threats in real time.

Filtering Out the Noise

Finding the right security provider can be a real challenge, with many companies making the same claims. Sometimes it can seem like they’ve just copy and pasted from each other’s website. In fact, we see this every day amongst our competitive set from those claiming they provide Managed Detection and Response (MDR). Self-serving side note: We invented the MDR category 20 years ago and provide the best-of-breed and highest-efficacy MDR. So don’t be fooled by fast-following legacy MSSPs that merely bolt on the MDR term.

There are real differentiators that make real differences to the protection you need. The right security provider hunts, identifies and—crucially—contains attacks as they happen on your behalf, preventing breaches in real time. The wrong provider overwhelms your already-taxed IT or security team with alerts and forces them to interpret the data and attempt to contain threats on their own.

A cloud-native platform is one of those differentiators—and it’s a lasting one—so it’s definitely worth asking your security provider if their platform is cloud native.

But that’s not the only question you should ask. To help you make informed decisions about who to trust with your long-term cybersecurity needs, read Five Essential Questions to Ask Your Service Provider. You already know one of the questions—“Is your security platform cloud native?”—but the other four are just as important.

Dustin Rigg Hillard

Dustin Rigg Hillard

Chief Technology Officer

Dustin’s vision is founded on simplifying and accelerating the adoption of machine learning for new use cases. He is focused on automating security expertise and understanding normal network behavior through machine learning. He has deep ML experience in speech recognition, translation, natural language processing, and advertising, and has published over 30 papers in these areas.