Domain 13 - Security as a Service

Question 1

What are the benefits of SecaaS?

Answer 1

1. Cloud-computing benefits - reduced cap/ex, agility, scalability, redundancy etc.
2. Staffing and expertise - SecaaS providers encapsulate their security expertise in their product; not possible by individual industries.
3. Intel sharing - across all their customers. enhances everyone’s security.
4. Deployment flexibility - supporting distributed locations
5. Insulation of clients - provides a defensive layer between the workload and the internet
6. Scaling and Cost - uses cloud native models - pay as you grow.

Question 2

What are the potential concerns with SecaaS?

Answer 2

1. Lack of visibility - level of detail available in monitoring and incidents may be less; there may be gaps
2. Regulatory differences between regions
3. Handling of data collected during scans that could potentially be regulated
4. Data leakage (e.g. as part of a security investigation, or due to weak tenant isolation controls)
5. Changing providers maybe difficult leading to lock-ins
6. Migrating from on-prem to SecaaS may require lot of planning

Question 3

What are some example of SecaaS?

Answer 3

• Identity, Entitlement and Access Management Services (this may include Policy Def, Policy Enforcement, MFA, Identity Federation etc.)
• CASB - deployed between CSP and CSC (security monitoring)
• Web Security Gateway (proxy that detects malware, filters URLs)
• Email Security (spam filters, malicious attachments, encryption, digital signatures)
• Security Assessments (vulnerability assessments, application security like DAST/SAST/IAST/RASP, cloud platform assessment that inventory cloud assets and check configurations).
• Web Application Firewalls with DDoS defenses
• IDS/IPS systems
• SIEM tools (log data aggregation and analysis)
• Encryption and Key Management
• BCP/DR tools