How AI Helps Drive Cloud More Safely

Clouds run. When we put applications and data services into cloud computing deployments, somebody somewhere in a datacenter oversees a blade server running a cloud instance that spins up a disk on said server and brings our cloud ‘volume’ to life. All of this is good, but in the increasingly automated world of autonomous computing and Artificial Intelligence (AI), we can do better if we take the somebody somewhere element out of the aforementioned equation to some degree - and perhaps sometimes completely.

Fixing cloud problems

When we come to fixing cloud robustness issues caused by flaky code installations, the presence of malware or other cyber risk elements, or through misaligned cloud connection points and as a result of plain old misconfiguration, we measure the amount of time needed because that’s when things are unsafe. Sometimes called the Mean Time To Remediation (MTTR) and sometimes called the vulnerability resolution window, this period is now being squeezed even more tightly in mission-critical for cloud-native applications.

Today’s modern continuous integration & continuous deployment (CI/CD) processes mean that software code can be pushed to ‘live’ cloud production environments multiple times a day. Unfortunately, this means that any gaps stemming from vulnerabilities, misconfigurations and other issues can be opened equally as fast. Given these fundamentals, how can AI help to shore up our cloud?

“With threats evolving faster than ever, today’s software application development engineers and their operations counterparts need to find ways to work effectively in concert so they can identify and quickly resolve critical issues fast. Determining where and how best to prioritize resources can prove a complex proposition that makes the implementation of fast and effective DevSecOps collaboration frameworks difficult to achieve,” asserts Gilad Elyashar, chief product officer at Aqua Security.

Multiple pain points

He suggests that, for cloud-centric cloud-native cloud-first software engineers today, the goal is a simple one. By streamlining when and how misconfigurations and vulnerabilities get identified and fixing these earlier in the development lifecycle, security gaps and potential attack paths that pose the greatest risk to the business are addressed prior to release. But that’s just part of the challenge. In addition to enabling developers to discover and address vulnerabilities in their application code, teams also need to help them overcome multiple pain points associated with the remediation process itself.

“That’s where AI-guided remediation can help,” said Elyashar. “According to the US government’s Cybersecurity and Infrastructure Security Agency (CISA), the average time it now takes adversaries to exploit a vulnerability following discovery is just 15 days. Combine this rapid-time-to-exploit with the growing volume of quickly appearing vulnerabilities that increase the attack surface of publicly facing cloud applications… and the importance of reducing the MTTR becomes starkly apparent. Until now, however, developers and security teams have struggled to overcome the challenges that get in the way of effectively co-delivering against this ambition.”

Resolving the DevSecOps conundrum

The Aqua team state that the overwhelming volume of vulnerabilities poses a significant challenge for security and development teams alike. Indeed, the never-ending backlog of code-based vulnerabilities makes it challenging to effectively resolve all critical issues across teams. Many in the industry are now pointing to where generative AI may have an impact by transforming vulnerability remediation in multiple ways. Elyashar suggests that by using today’s AI-guided remediation solutions, development and security teams can take advantage of automatically generated prescriptive remediation steps for misconfigurations and vulnerabilities across container images and other artifacts, multiple clouds and multiple workload types.

“Highly adept at automating code analysis and generating potential fixes for security vulnerabilities, these powerful Large Language Models (LLMs) make it possible to speed time-to-remediation while reducing developer workloads,” he said. “By using AI-guided remediation, CISOs can ensure that developers, who may not be security experts, receive the prescriptive contextual guidance that will empower them to remediate quickly and efficiently. With AI-guided remediation in play developers and security teams no longer need to spend countless hours manually reading advisories, searching for patches or building verification steps before acting. Instead, AI guides them with clear and concise instructions on how to complete the fix.”

Accelerating resolution processes

The proposition here is that by utilising the predictive capabilities of LLMs, developers can pinpoint vulnerabilities in their codebase in an easier and more consistent way - all while as code is being written. By eliminating the guesswork, AI-guided remediation allows developers to focus on the task at hand without having to waste time deciphering the complexities of the remediation process itself.

Elyashar says that AI-guided remediation also bridges the gap between development and security teams in a way that improves upon developer and security team workflows. A move that opens the door to enhanced collaboration and shared ownership of DevSecOps responsibilities, while eliminating many of the traditional causes of friction between teams.

“AI-guided remediation empowers security teams to expedite the resolution of vulnerabilities and misconfigurations, while simultaneously fostering a culture of shared ownership and enhanced collaboration between developers and security experts,” stated Aqua’s Elyashar. “By providing step-by-step instructions on how to fix issues, this innovative AI-powered capability dramatically reduces MTTR for security teams, which in turn will help minimize risk exposure.”

Beating out remediation headaches

Enabling code builders and code defenders to work smarter and get more done by tapping into the power of generative AI is hoped to reduce the burden on security teams, who historically have been called upon to help beat out the remediation details for each identified vulnerability instance.

In a world where cyber threats are evolving at an unprecedented pace, AI-guided remediation is being put forward as a means of gaining the contextual guidance needed to help software application developers, who may not necessarily be security experts, arm themselves with the information they need to collaborate and remediate quickly.

If not quite the ‘electronic security expert in your pocket’ that vendors selling the sizzle on this software sausage would have us believe, there’s certainly a place for an accelerated resolution process and a drive down safer cloud journeys through the use of AI.

Just remember, mirror, signal and then manoeuvre, not the other way around.