Why Visibility Is Essential to Security in the Cloud
Another tectonic shift is taking place in how apps are built, namely via a services-based approach. Increasingly, apps are built as microservices communicating over well-defined APIs, which complicates visibility and security.
This collision of where apps live (public cloud) and how they are built (services-based) is creating a massive new category of traffic: app-initiated connections to software-as-a-service (SaaS), platform-as-a-service (PaaS), and the wide-open Internet. Typically, the service endpoints that apps are connecting to are identified by a fully qualified domain name (FQDN) or URL, which can translate to hundreds or thousands of Internet Protocol (IP) addresses during resolution. Those IP address lists are dynamic. At the same time, cloud service providers‘ native security controls, such as access control lists (ACLs), security groups, and route tables, are all IP-address-based.