Telemetry-driven approaches to security are now required for those looking to close gaps in their cloud-native infrastructure, according to the founder of data security company Uptycs Inc.

Observability needs to be viewed across the entire environment. That includes from software, where it’s developed, all the way to where it’s deployed — from “laptop to the cloud,” says Ganesh Pai (pictured), founder and chief executive officer.

“That’s why technologies like us exist — not only to span across accounts, but go across cloud and get visibility into your workload,” he said.

Pai spoke with theCUBE industry analysts Savannah Peterson and Paul Gillin at the recent AWS re:Invent conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed scaling security in a cloud developer environment. (* Disclosure below.)

State-related changes

Pai’s company has learned from how telemetry has been performed in observability platforms overall. That telemetry has been done through numerical perspectives.

“We use a similar approach, but we don’t look at numbers,” he said. “We look at what’s changing and then the rate of change — what’s actually changing allows us to figure out if there’s something malicious.”

What’s the reason for the telemetry angle? “The only way you can do it at scale is by getting the telemetry and not doing it on the actual workload,” Pai stated.

Interestingly, Pai explains how misconfigurations can be detected. Misconfigurations are a major element in the vulnerabilities chains that are behind security breaches. Figuring out if there are any changes to your misconfigurations is key.

“If you were to look at AWS and if you were to think of it as orchestration plane for your workload and services, they provide an API which allows you to get visibility into what your configuration is looking like,” Pai said.

Add a baseline of configuration and a passage of time, and you can get to see the changes that are occurring compared to how it has been configured.

“You get the chance to remediate any kind of misconfigure and hence vulnerabilities,” he added.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent:

(* Disclosure: Uptycs Inc. sponsored this segment of theCUBE. Neither Uptycs nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE