An organization's emphasis on strong collaboration between security and IT operations teams is the right mindset: Integrate the tools and the processes of both groups to reduce risk. But an organization's methods of achieving that can often create an even greater mess than the one it's meant to solve.
Companies become saddled with a collection of point solutions that are tied down with multi-year contracts. These contracts operate across multiple operating systems, and are beholden to an endless spectrum of applications, services, databases, as well as developers, devices and different users — making it nearly impossible to customize and evolve cloud-based tools over time.
LimaCharlie, a provider of security infrastructure solutions which launched as an open-source project back in 2016, is on a mission to change all that. The company just announced the arrival of its SecOps Cloud Platform, which it bills as the first of its kind to offer simplified SecOps through a fully cloud-first infrastructure.
The company envisions the SecOps Cloud Platform as a Lego-like sandbox environment where every security stakeholder is empowered and equipped to develop novel solutions of their own – not by way of a collection of random tools that must be manually stitched together, but via an ecosystem of solutions that can interoperate “in an un-opinionated way.”
It’s an ambitious undertaking, but not without precedent. The widespread acceptance of multitenant IT public cloud platforms in the last decade gave LimaCharlie a blueprint to build on that success. Just as IT public cloud providers broke the mold by embedding API development, documentation and interoperability into their environments, LimaCharlie is now doing the same for the cybersecurity audience – providing a neutral, vendor-agnostic foundation that enables SecOps teams to experiment and build their own appropriate solutions.
Here's a look at why the SecOps Cloud Platform is so urgently needed, some of the key features and what it allows security stakeholders to do that hasn’t been done before:
Why is now the time to change?
There is a sense of urgency behind LimaCharlie’s platform rollout: Enterprise security teams need a hosted environment of communicative protection solutions – rather than a siloed collection of tools.
A 2022 survey by Gartner found that 75% of organizations pursued security vendor consolidation in 2022. However, there is no practical SecOps environment that streamlines the procurement, deployment and integration of security tools.
During a July 19 LinkedIn Live event to unveil the SecOps Cloud Platform, a panel of security experts described the urgency for such a solution:
“From an enterprise perspective, anything you can do to simplify your stack and how you integrate in with the diversity of operating systems and applications, the better off you will be,” said Bruce Potter, founder and CEO of Turngate and The Shmoo Group. “Every minute that you spend managing that diversity is a minute that takes you off target and away from the actual work of securing your enterprise.”
Fellow panelists agreed, including Fred Wilmot, SVP of product management and CISO at Interpres Security, and Sean Higgins of Higgins Cybersecurity Consulting.
“The cost of switching from tool to tool, and each tool has a different way of doing things, if you can bring it all into one central location, it makes it a lot easier to get things done,” Higgins said.
Key features of the SecOps Cloud Platform include:
1: Multi-tenancy as the core segmentation mechanism, which means its cloud security infrastructure and supporting tools can serve multiple customers at once
2: Ability to ingest telemetry from any location for long-term retention/search/alerting
3: Ability to filter and forward data from any source to any destination
4: End user agent can investigate, respond to and deploy other solutions across all platforms
5: Ability to act across all cloud solutions and platforms, with the option to extend custom actions and workflows
Bottom line
The SecOps Cloud Platform is designed to cut down on complexity and give IT operations, developers, vendors, and enterprise users a solid, flexible foundation on which to build their cloud deployments securely.
Instead of requiring security pros to stitch together a patchwork of point solutions from multiple vendors that resist easy integration, SCP provides a modular, scalable cloud sandbox that security and operations can use to collaborate and expand cloud-based offerings.
“Security teams frequently stitch together security programs between black box solutions and open source software that is costly to maintain and do not natively integrate,” said Maxime Lamothe-Brassard, Co-founder & CEO of LimaCharlie. “The cybersecurity tools we use need to evolve from the one-size-fits-all silos into a modern toolset designed for today's cybersecurity professionals. The SecOps Cloud Platform is a new paradigm effectively generating the same type of transformation IT Cloud Providers have done for IT, but for cybersecurity.”