Agent-based security has been the traditional approach and has the advantage of running directly with workloads or individual endpoints. Depending on the environment, agent-based security isn’t necessarily shoddy. But with workloads moving to the cloud, agentless security is becoming more common thanks to cloud systems' APIs. An agentless solution can reduce deployment complexity and endpoint resource consumption.
There are a number of CSPMs that implement agentless data collection capabilities.
Microsoft Defender for Cloud's "enhanced:' (ie. paid) features include agentless scanning for machines.
AWS Security Hub collects data from AWS services without requiring an agent to be installed. It uses AWS CloudTrail and other AWS services to collect data, which can then be used for security and compliance monitoring.
Google Cloud's Security Command Center uses Google Cloud APIs and services to collect data for its agentless data collection option.
Palo Alto steps into the fray with Prisma Cloud and provides visibility into security and compliance risks by scanning the root volumes of snapshots on hosts. Its agentless scanning can be implemented for any of the big three public cloud providers.
Another contender is Orca Security which bills itself as "the pioneer of agentless cloud security." It works by collecting data directly from your cloud configuration and a workload's runtime block storage. It claims that "within minutes" it can find and prioritize the most critical cloud risks. It handles security across the full application lifecycle, including build, deploy, and run.
Lacework, perhaps a somewhat lesser-known CSPM, stepped up to the plate in June of 2022 with agentless data collection for cloud environments, including the big three and Kubernetes. It now uses a combination of agentless and agent-based technologies to gather data. Lacework touts its agentless option as a way to get a business up and running quickly with cloud security and says it can then be combined with Lacework agents as needs shift.
Note that while agentless data collection can reduce deployment complexity and resource consumption, it may have some limitations in terms of data granularity and depth of visibility compared to agent-based approaches.
Search for a product comparison in Cloud Security Posture Management (CSPM)
Find out what your peers are saying about Wiz, Palo Alto Networks, Microsoft and others in Cloud Security Posture Management (CSPM). Updated: October 2024.
CSPM solutions help organizations identify and remediate security risks and compliance challenges within cloud environments. CSPM tools use automated scans to identify potential security issues, and then provide recommendations for remediation.
Agent-based security has been the traditional approach and has the advantage of running directly with workloads or individual endpoints. Depending on the environment, agent-based security isn’t necessarily shoddy. But with workloads moving to the cloud, agentless security is becoming more common thanks to cloud systems' APIs. An agentless solution can reduce deployment complexity and endpoint resource consumption.
There are a number of CSPMs that implement agentless data collection capabilities.
Microsoft Defender for Cloud's "enhanced:' (ie. paid) features include agentless scanning for machines.
AWS Security Hub collects data from AWS services without requiring an agent to be installed. It uses AWS CloudTrail and other AWS services to collect data, which can then be used for security and compliance monitoring.
Google Cloud's Security Command Center uses Google Cloud APIs and services to collect data for its agentless data collection option.
Palo Alto steps into the fray with Prisma Cloud and provides visibility into security and compliance risks by scanning the root volumes of snapshots on hosts. Its agentless scanning can be implemented for any of the big three public cloud providers.
Another contender is Orca Security which bills itself as "the pioneer of agentless cloud security." It works by collecting data directly from your cloud configuration and a workload's runtime block storage. It claims that "within minutes" it can find and prioritize the most critical cloud risks. It handles security across the full application lifecycle, including build, deploy, and run.
Lacework, perhaps a somewhat lesser-known CSPM, stepped up to the plate in June of 2022 with agentless data collection for cloud environments, including the big three and Kubernetes. It now uses a combination of agentless and agent-based technologies to gather data. Lacework touts its agentless option as a way to get a business up and running quickly with cloud security and says it can then be combined with Lacework agents as needs shift.
Note that while agentless data collection can reduce deployment complexity and resource consumption, it may have some limitations in terms of data granularity and depth of visibility compared to agent-based approaches.
Hi,
Defender Cloud Security Posture Management has agentless data collection.