You may have heard about the idea of shifting left in security: as developers move more to the cloud, security professionals are looking more upstream – or left – toward where the development processes are initiated. As you progress from Development to Q/A and then Production (moving right), there is more underlying thinking about end-to-end security.
Let’s take this idea one step further and talk about something new – “swipe left” security.
At the highest level, the security industry is struggling to solve two key problems in parallel:
- collecting the right data
- evaluating it quickly
The first problem is related to the growing theme around “security analytics” – the breadcrumbs that help us understand if there are actual security incidents that need our time and attention. The attack surface of any enterprise today is bigger than ever. You have to look at network traffic at the packet level; you have to look at server, application and user logs; and you have to look at commands and processes that have been initiated. You also must cover all the environments: bare metal on premises, virtualized, containers and public cloud.