Couldn’t agree more! Hoff hits a key security issue for the cloud space. Speaking from the WAF standpoint, complexity is the main issue. For a cloud provider to offer full security services for any customer, they will have to migrate a host of issues.
- Right up front, hardware WAF’s are out (scaling dictates software). The anti-virtualization appliance solutions will cripple a provider. Imagine 500 applications (each a separate customer for the cloud provider) in need of 500 sets of WAF boxes. This could mean 1,000’s of appliances pending the traffic capacity of each box.
- Granular black / white / grey listing filters are a must. For the 500 customers, each will have very different WAF needs and in order for the cloud provider to have a reasonable offering, the WAF must cover each customer’s needs, otherwise it will have little value. Further, rulesets must be grouped by customer > by application > by filter > by detect or protect.
- Integration with source code analyzers is key. By linking the two tools, the cloud provider will be able to monitor and react proactively to attacks across all 500 applications. Think of the value the provider would be able to offer customers (new revenue streams?).