back caretBlog

SANS: A New Take on Cloud Shared Responsibility

Help Your Cloud SecOps Mature and Grow

There is a fairly common perception that organizations have a handle on their obligations under the shared responsibility model of cloud security. However, cloud security is complex and constantly evolving, and there is more nuance to shared responsibility than you may realize.

To better understand who is responsible for securing what is in the cloud—as well as the security controls and services best suited to help cloud security operations mature and grow—check out the latest report from the SANS Institute.


This SANS report reveals that, in the beginning, cloud service providers didn't write shared responsibility models for cloud security teams. They were business proposals intended to make organizations more comfortable with putting assets into the cloud. The tactic worked, and DevOps began driving deployment and change at a pace that can make tracking assets and building consistent monitoring use cases challenging.

Today, shared responsibility models no longer focus on development and DevOps. Instead, they point security teams in the right direction to protect cloud environments.

In the new report, you'll learn about new approaches to securing the cloud, as well as the next steps to take for improving visibility. You will also gain valuable insight into how cloud-focused security teams have traditionally used host-based agents, intrusion detection systems (IDS) and netflow, and logging and event monitoring tools for cloud security. Additionally, you can dig into the pluses and minuses of each product category.

SANS also dives deeper into key features to look for in network detection and response (NDR) solutions, including asset discovery and classification, network and application monitoring, and policies and automated actions.

One key area the report centers on is the most effective means of ensuring that you can securely leverage the scale and elasticity of cloud environments without introducing friction and blind spots. Major takeaways include:

  • Look for tool alignment from on-premises data centers to the cloud and give more weight to cloud-friendly and compatible tools/services that can operate in both multi-cloud and hybrid cloud scenarios.
  • Choose tools that integrate with cloud provider APIs and those of other complementary services in a security operations capacity.
  • Build cloud-centric detection and response workflows that leverage automation where appropriate to improve analyst effectiveness and efficiency.

To learn more about how and why you may need to take a new approach to shared responsibility in the cloud, download a complimentary report today.

Related Blogs

Sign Up to Stay Informed