IBM Cloud Global

 View Only

Introducing the New Searchable Inventory in Workload Protection

By Victor Hernando posted Thu April 25, 2024 04:46 AM

  

When observing and browsing through your constantly expanding cloud infrastructure, you’ll eventually realize how challenging it can be to identify and correlate assets in multi-cloud environments.

Today, we are delighted to announce the general availability of the new Inventory in IBM Cloud Security and Compliance Center Workload Protection. This feature will assist customers in quickly browsing and locating assets within their cloud environment at cloud speed.

The Cloud Visibility Challenge

In today’s landscape, companies are increasingly deploying workloads and services across multiple regions and cloud providers. This introduces added complexity to ensuring security and visibility throughout the cloud infrastructure.

Cloud visibility poses several common challenges, including:

  • How can you achieve a unified experience to track resources from source to live assets across multi-cloud and Kubernetes environments?

  • How do you identify which resources comply with your policies and which ones are failing controls?

  • How should you prioritize what needs to be addressed first?

To cover these, and many other use cases, companies require a solution that offers flexibility, dynamism, and insights.

The new inventory feature in IBM Cloud Security and Compliance Center Workload Protection provides rapid access to the most relevant data concerning your cloud infrastructure, assisting in meeting these challenges effectively.

Introducing the New Inventory

The Inventory feature is a game-changer. Navigating through your cloud resources is not only much easier, but also more intuitive.

It offers a seamless interface that combines comprehensive visibility with dynamic searchability, making it the cornerstone of effective cloud security posture management.

Workload Protection consolidates various extensive data sources into a unified interface. These resources are being scanned on a regular basis while correlated with vulnerability scan information, posture control evaluations, and Runtime Insights. This comprehensive approach provides deep, granular data, such as the in-use packages within a specific container. 

Look Only for Instant Visibility

Let’s gain instant cloud asset visibility from a purely practical standpoint. 

 

Imagine you are tasked with managing cloud and Kubernetes security across multiple cloud providers.

Handling cloud assets such as deployments, cloud services, network resources, policies, roles, etc. can be overwhelming. 

Logging into multiple cloud providers and navigating through their different and unique naming conventions only adds to the challenge.

This is where Inventory comes into play. With just a few clicks, you can access all the data you need from your cloud providers and Kubernetes environments. 

Information such as resource type, origin, cloud security findings (e.g., posture, vulnerabilities, exposure to the internet), etc. is readily available just a few clicks away.

Need to locate Kubernetes assets in a specific namespace?

 

Simply use the namespace filter and select the desired one. No need to specify the cloud provider or the cluster name, the data will appear immediately.

Do you want to find all the resources that are failing a specific posture control in your infrastructure? This data, again, is a filter away.

A few quick filters and data is accessible, flowing seamlessly in a matter of seconds.

 

Now let’s go with the most exciting part of inventory in Workload Protection.

Fueled by Runtime Insights

By now, you might be familiar with the term “runtime insights” as it was briefly introduced earlier in this blog post. But what exactly does it entail?

 

It’s quite simple. Runtime insights provide visibility into the in-use packages and libraries within a specific container.

 

Now, let’s apply and bring this new dimension of data to the Workload Protection inventory.

 

When discovering new high-profile vulnerabilities with publicly available exploits in your cloud infrastructure, the first step is to quickly assess the scope of affected resources. Once the compromised assets are identified, the next step is to prioritize remediation efforts for those resources exposed to the internet and running vulnerable packages.

 

In such scenarios, typically, you or someone else in your organization would be leading remediation efforts, requiring collaboration with other teams for in-depth investigation. Questions like the following arise: 

  • Who owns the instance running the vulnerable image? 

  • Is there an SBOM? 

  • Are there any third-party vendor notes on their vulnerable image?

  • Is that vulnerability truly critical? Does it apply to our environment?

 

With Inventory in Workload Protection, all these questions become obsolete. Simply navigate to the Inventory and begin filtering data. You can filter by resource type or category if necessary, then pinpoint resources affected by a specific vulnerability by setting the appropriate filter. Ultimately, filter by publicly-exposed resources and in-use vulnerable packages.

By using the appropriate filters you will get key and meaningful data in seconds. All you need to triage, prioritize, and remediate your critical security issues is right there.

Conclusion

Unlike conventional solutions that rely solely on static posture checks, Inventory combines runtime insights, cloud integrations, vulnerability scans, and periodic cloud security posture controls in a single effective view.

Real-time information from the runtime agent and cloud integrations integrate seamlessly with our posture and vulnerability checks.

This integration not only grants unparalleled visibility into your environment, but also gives you meaningful context and findings across all your resources.

Inventory isn’t like any other tool that simply restates data; we augment each resource with precise context to help you quickly find what you’re looking for.

Its comprehensive cloud insights empower you to continuously safeguard your digital domain effectively.

Learn more about IBM Cloud Security and Compliance Center Workload Protection.

0 comments
9 views

Permalink