Threat Detection - Cloud Hosted vs In-house

 The year was 2000. I was in college, and I can remember it vividly: moving from place to place and hauling around my stack of all-powerful 200MHz computers that were my prized lab computers. That all changed when I stumbled across a piece of software that would one day forever change the industry. It was one of the first versions of VMware. Right away, I saw the benefit. Less hardware means less everything. Less stuff to move and store, less hardware to maintain, less money spent on hardware, and perhaps most importantly, I could now focus on the one thing I care about the most - the software.

Every year, it’s the same conversation within a company. How can we do more with less? It’s really a question of efficiency. With the 1-to-1 removal of hardware-to-OS, it meant that you could have multiple Operating Systems per box. With faster and more efficient hardware, the ratio just continues to raise.

In the last couple of years, there’s been a new efficiency movement, the cloud. During this last year, the cloud has started to become realized. It represents a complete removal of hardware. This, of course, means no upfront hardware cost, no facilities, and the service-related expenses for deployment and upkeep are minimized. Typically, you also get access to technologies that would otherwise represent a high barrier of entry at a minimal cost – i.e. load-balanced and high-availability hardware, high level physical security, and backup power management systems, just to name a few.

With the expansion of cloud infrastructures and virtual datacenters, the next logical step is the services and platforms attached to them. This is where WatchPoint comes in. We deliver an industry-leading Carbon Black threat detection and response platform along with our in-house security expertise. Just as cloud infrastructure service offers high levels of efficiency with low entry costs, our service offers a similar parallel. Getting a good security program up and going is no small feat. I know; I’ve been living it for the last two years now. That being said, you have two options.

• Bring everything in-house: 

1. Deployment: test, staff, provide security training, create and man 24x7 rotation, procure and deploy hardware, procure platform licensing, deployment, and training, develop threat detection tuning, threat response protocol, threat triage and research process, procure research and analysis tools, install deployment agent
2. Day-to-Day: respond to threat notifications: triage, validate and communicate, improve threat intel, monitor platform performance and apply updates, monitor agent performance and availability, daily hunt for threats

• Try WatchPoint, and see the benefits from day one:

1. Deployment: download and install agent
2. Day-to-Day: receive threat alerts from WatchPoint and respond

Request a demo of WatchPoint today.