When researching how one can begin with and even enhance cloud safety, it gained’t take lengthy to encounter some form of agent versus agentless argument for cybersecurity controls. It comes up so typically, it’s rapidly turning into the safety trade’s Vim versus Emacs or tabs versus areas schism.
Just like these different arguments, the agent versus agentless debate is a straw man. In different phrases, it offers us with one thing to criticize with the intention to obtain a particular final result as a substitute of an trustworthy dialogue of what’s greatest for a company. All too typically, that final result is motivated by the architectural strategy of a most popular instrument.
Taking a step again to view the argument objectively reveals that there isn’t actually a debate in any respect. The truth is, the very best strategy is to leverage the ability of each.
Additionally see: High Cloud Firms
Historical past of Cybersecurity Brokers
An agent is an especially helpful program that runs in your methods. It’s there to take motion or collect information and report outcomes again centrally. Brokers are sometimes used for methods administration, automation, and cybersecurity.
Nevertheless, within the early days of the cybersecurity trade, brokers had a foul status for consuming giant quantities of system sources. They may destabilize methods and trigger extra hassle than they had been price.
However, fashionable brokers are extremely optimized and environment friendly. They use their place to collect distinctive information to drive insights that aren’t accessible utilizing different approaches.
An agentless information gathering strategy entails connecting safety controls on to a cloud service supplier with the intention to collect information about how an organization is utilizing its cloud atmosphere. Just like the agent, this strategy opens up entry to information that’s not accessible from servers and containers.
Every motion taken within the cloud providers used to construct options is logged by the cloud service supplier. This information path is vital to understanding how you utilize your atmosphere, and it’s what’s gathered by way of an agentless strategy.
For providers that run containers and servers, there’s some overlap within the information accessible. How a lot CPU is getting used, accessible cupboard space, community bandwidth accessible, and different frequent information factors may be polled by both an agent or agentless strategy.
Nevertheless, there’s a set of management aircraft information that’s solely accessible from outdoors of these providers and containers. To not point out the cloud providers that don’t have the power to run an agent. These managed providers are a precious piece of your cloud options, and also you want visibility into their actions as nicely, however they’ll solely be accessed by way of an agentless strategy.
Additionally see: DevOps, Low-Code and RPA: Execs and Cons
Strained Relationships With the Safety Group
Whereas each agent and agentless approaches present entry to distinctive information, the issue with deploying them is usually not on account of technical limitations however the relationship between the safety staff and the builders.
Safety groups are there to assist the enterprise, guaranteeing that it achieves its general targets whereas successfully managing the cyber dangers. Broadly, these groups merely don’t have sufficient time, folks, or sources to construct the safety follow wanted to attain the enterprise’s targets.
That makes coordinating and speaking with different groups extraordinarily tough. And it will get even tougher for organizations which are additional alongside of their cloud journey and have much more groups constructing that ought to be coordinating with safety.
For these groups making an attempt to construct an answer, they’re looking for the very best cheap answer to the enterprise downside their group is tackling. They need to make sure that the answer is dependable and safe but additionally that it’s performant, cheap, easy to run, and never cost-prohibitive. And they should transfer rapidly towards deploying that answer for the good thing about the enterprise.
This creates a pressure between the safety staff and the remainder of the enterprise, as they implement differing strategies towards assembly the enterprise’s general targets.
Additionally see: Safe Entry Service Edge: Large Advantages, Large Challenges
Each Agent and Agentless Approaches for Elevated Visibility
Regardless of the variations the safety staff and builders would possibly assume they’ve, in actuality, they’re working towards the identical goal—constructing resilient options that securely meet the enterprise’s targets.
So as to obtain these targets, you want visibility into your cloud environments, which may be gained from the information that’s solely accessible by way of agent and agentless connections.
Briefly, the agent versus agentless debate obscures the actual situation. Safety is considered one of a number of vital areas of a well-built answer. Groups must work collectively with the intention to guarantee a powerful, safe, and resilient answer – no matter mixture of strategies is required.
In regards to the Creator:
Mark Nunnikhoven, Distinguished Cloud Strategist, Lacework