ANALYSIS OF METHODS FOR MONITORING SECURITY STATUS IN A CLOUD ENVIRONMENT
DOI: 10.31673/2409-7292.2025.012256
DOI:
https://doi.org/10.31673/2409-7292.2025.012256Abstract
The rapid spread of cloud computing is leading to new challenges in the field of information security. Organizations are
faced with the need to ensure reliable protection of data and applications in dynamic, multi-cloud environments. The article
examines the current issues of ensuring data security in cloud environments, taking into account the growing number of incorrect
configurations, which constitute the main share of security incidents. Three key approaches are considered: cloud security
posture management (CSPM), cloud workload protection (CWPP), and cloud application protection platforms (CNAPP). The
functional capabilities, advantages, and limitations of each approach are described in detail, and examples of their practical
application are provided. Special attention is paid to the role of artificial intelligence and machine learning in the monitoring
process. It is demonstrated how AI/ML help to detect hidden threats and anomalies, accelerate the processing of large volumes
of logs, and implement automated response. Examples of cloud services (Amazon GuardDuty, Azure Defender, Google Security
Command Center) that already implement advanced ML modules to detect complex multi-stage attacks and atypical patterns in
user behavior are provided. The key challenges of implementing these solutions are analyzed - from the excessive number of
notifications in CSPM, the complexity of deploying agents in CWPP, and the risks of dependence on a single vendor in CNAPP.
At the same time, it is emphasized that a properly configured monitoring system combined with human expertise can
significantly strengthen cloud security and minimize the risks of incidents. The article emphasizes the need for a comprehensive
approach that covers different layers of protection and demonstrates how the involvement of AI/ML contributes to the formation
of proactive, dynamic security strategies in cloud environments.
Keywords: cloud security, artificial intelligence (AI), machine learning (ML), CSPM, CWPP, CNAPP, cybersecurity.
References
1. 2021 state of cloud security posture management report. Cloud Security Alliance. URL:
https://cloudsecurityalliance.org/articles/2021-state-of-cloud-security-posture-management-report (дата звернення
20.12.2024).
2. Cloud misconfiguration. UpGuard. URL: https://www.upguard.com/blog/cloud-misconfiguration (дата
звернення 21.12.2024).
3. Guffey, J., & Li, Y. (2023). Cloud service misconfigurations: Emerging threats, enterprise data breaches and
solutions. In 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 806–
812). IEEE. https://doi.org/10.1109/CCWC57344.2023.10099296
4. Jimmy, F. (2023). Cloud security posture management: Tools and techniques. Journal of Knowledge Learning
and Science Technology, 2(3). https://doi.org/10.60087/jklst.vol2.n3.p622
5. Coppola, G., Varde, A. S., & Shang, J. (2023). Enhancing cloud security posture for ubiquitous data access
with a cybersecurity framework-based management tool. In 2023 IEEE 14th Annual Ubiquitous Computing, Electronics
& Mobile Communication Conference (UEMCON) (pp. 590–594). IEEE. https://doi.org/10.1109/
UEMCON59035.2023.10316003
6. What is CNAPP? Microsoft. URL: https://www.microsoft.com/en-us/security/business/security-101/what-iscnapp (дата звернення 15.01.2025).
7. Choubey, R. (2023). Machine Learning Algorithms for Cloud Computing Security: A Review. Tuijin
Jishu/Journal of Propulsion Technology, 44(4), 7372–7375. https://doi.org/10.52783/tjjpt.v44.i4.2564
8. Proactively harden your cloud security posture in the age of AI with CSPM INNOVA. Microsoft Defender
Cloud Blog. URL: https://techcommunity.microsoft.com/blog/MicrosoftDefenderCloudBlog/proactively-harden-yourcloud-security-posture-in-the-age-of-ai-with-cspm-innova/4297079 (дата звернення 15.01.2024).
9. GuardDuty features. Amazon Web Services. URL: https://aws.amazon.com/guardduty/features (дата
звернення 01.10.2024).
10. Cloud security glossary. Cloud Security Alliance. URL: https://cloudsecurityalliance.org/cloud-securityglossary (дата звернення 15.01.2024).
11. What is CNAPP? Microsoft. URL: https://www.microsoft.com/en-us/security/business/security-101/what-iscnapp (дата звернення 02.02.2024).
12. Vanitha, M., Navya Patel, M., Madhumitha, K., & Sathvika, J. (2024). Enhancing insider threat detection in
cloud environments through ensemble learning. International Journal of Communication Networks and Information
Security (IJCNIS), 16(5), 638–647. Retrieved from https://www.ijcnis.org/index.php/ijcnis/article/view/7870
