Analysis of open-source tools for protecting resources in cloud environments

Abstract

Cloud environments are becoming an integral part of the infrastructure of many com-panies due to their flexibility, accessibility and efficiency. However, due to their dynamic na-ture, they create new threats to data security, therefore, they require separate tools to combat them. The article compares existing open source tools for protecting cloud environments: Checkov, Falco, Keycloak. According to the article, the main benefits of open source software are: price, stability and community support. For each of the tools some flaws are found which make these tools vulnerable to mali-cious actors: Checkov implements CSPM process which does not monitor the runtime environment, so it cannot identify suspicious behavior, such as an unexplained spike in network activity. Falco is hard to integrate into existing systems as it requires agents to be added to each component. Also it does not has any information on the control pane so it does not view on the entirety of the cloud which allows attacks to target underlying infrastructure instead of workloads Keycloak has issues with scalability and can be difficult to configure and customize to integrate with some systems. Some systems might require some custom solutions to make integration possible and these solutions can lead to new vulnerabilities being introduced into the system. Also clients’ credentials might get compromised which can allow bad actors to access the system. These flaws make these tools not universal, so it creates the need to deploy and support several tools at once to protect the cloud, which leads to the complexity of the systems as a whole and increases their costs. Also, the complexity of the system can create new, non-obvious attack vectors. This demonstrates the need to create more advanced and universal tools that can simplify the process of protecting cloud environments.