• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
  • Hosts
  • Company
    • About
    • Careers
    • Contact

Application Security/ Articles/ Asset Management/ Attack Surface Mgmt/ Cloud Security/ Compliance/ Configuration Management/ Container Security/ Exploit Prevention/ Incident Response/ Patch Management/ Security Operations/ Vulnerability Management

Securing, Monitoring, and Remediating Immutable Infrastructure

Matt Alderman August 19, 2020

We’ve all heard the term Immutable Infrastructure, especially with cloud deployments, but what does it really mean?  What are the security and compliance impacts of Immutable Infrastructure?

Let’s start with a quick overview of Immutable Infrastructure.  Simply defined, Immutable Infrastructure means that the state of networks, servers, applications, etc. are not subjected to change in production, as they are built to an exact specification.  If a change to a specification is required, then a whole new set of infrastructure is provisioned based on the updated requirements, and the previous infrastructure is taken out of service as it is obsolete.

In theory, this is a great concept, but in reality it is much more complex.  What if I have a security vulnerability or incident that needs to be resolved immediately to prevent a breach of data?  Do we actually rebuild the environment or do we apply the patch or modify a setting in production?  You probably modify the environment in production, which means you just broke immutability.  Now then, how should we actually secure, monitor, and remediate our Immutable Infrastructure to get all of the benefits implied in leveraging this approach?

This is where Accurics has a holistic approach.  Instead of focusing on one area of Immutable Infrastructure, Accurics looks at the entire lifecycle, including:

  • Identifying misconfigurations of your Infrastructure as Code during the development of your templates
  • Validation of security configurations through policies during the build process
  • Monitoring of security configurations in production once the infrastructure has been deployed
  • Alerting on security configuration drift between the build templates and the actual runtime environments, and
  • Defining remediation steps needed to re-align the build templates with the actual running infrastructure

Accurics provides Immutable Security for Immutable Infrastructure by offering:

  • Policy as Code
  • Security as Code
  • Remediation as Code
  • Drift as Code

It is the most complete solution to secure your Immutable Infrastructure.  To see a demo of Accurics, watch the technical segment on Application Security Weekly here, watch their webcast here, or visit securityweekly.com/accurics for more information or to download TerraScan, a free tool to scan your templates.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related Posts

web-application-firewall-comparison-696x423

Application Security /

Building a More Secure AppDev Process

uptrend line arrows with bar chart in stock market on blue color background

Articles /

Ransomware Damage Claims Driving Insurance Hikes

Picture1

Asset Management /

Web App and API Security Needs to Be Modernized: Here’s How

‹ Prioritizing and Closing the Loop in Your Vulnerability Management Program › CyberRisk Alliance Acquires Security Weekly

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS feed RSS - Posts

Search

Latest Tweets

Tweets by @secweekly
© Security Weekly 2022
Powered by WordPress • Themify WordPress Themes