The ending of 2014 has highlighted many vulnerabilities, the most well-known being the Heartbleed and the Shellshock situations as well as the large scale data theft.
Today, companies and governments rely on well-distributed, complex and highly dynamic network architectures. As networks expand their perimeters, entry points are increased and hackers are constantly developing new ways to attack. Once the network perimeter have been tapped, it becomes difficult to fight against vulnerabilities, especially when hackers have installed and hidden malware on the that can remain dormant for long periods.
To anticipate these attacks and maintain a certain security level, the adoption of a continuous security model becomes crucial. A security model can monitor and analyze ongoing threats and alert emergency services.
However, the security models based on traditional client-server architectures are difficult and expensive to implement. Only Cloud oriented architectures, combined with powerful analytical resources can respond to the large scale problem of continued oversight. Companies struggle to find and retain the necessary resources.
Nevertheless, through the Cloud, continuous security can become a reality for many institutions as well as small and large businesses.
by Philippe Courtot, Qualys