What if we could reorganize and reorient our teams to make security an enabler to development, and not a blocker? Public cloud platforms allow this evolution in a number of ways:

• Providing and extending security products/services into the platform natively
• Exposing the native security features as APIs
• Integrating security features into the core IT services (network, identity and access management, encryption, DLP, and more)
• In addition, there are some innate benefits:
  • A shared responsibility model where security responsibilities are shouldered by the cloud provider and the customer security team
  • At-scale and deep security experience offered by cloud provider
  • Updates and features incorporated into services on a continual basis

Each of the hypercloud providers has world-class teams of security professionals who number in the thousands. Their job each day is to battle against the myriad threats in existence and enable cloud consumers to circumvent these challenges successfully. As time has progressed, cloud providers have steadily moved up the stack in terms of the services they provide. Starting first with identity and access management (IAM), firewalls and the web application firewall (WAF), then on to agent-based OS security, such as Amazon Inspector or Azure Security Center, and data loss prevention (DLP), such as Amazon Macie.