The control plane provides management and orchestration across an organization’s cloud environment. This is where configuration baselines are set, user and role access provisioned, and applications sit so they can execute with related services. It’s akin to air traffic control for applications. As organizations increasingly shift both their business and apps to the cloud and adopt more services, the use of the control plane becomes critical.
While the control plane is referring to management and orchestration, the data plan is what actually carries or forwards traffic. One way to look at it is that the control plane and data plane work together and need to be in sync because the control plane will provide configuration updates and determine which path to use, while the data plane will be responsible for forwarding or moving that data traffic or information from one place to another.
Yes, and due to the reach and influence an adversary could potentially gain through the control plane, this risk should not be overlooked. In fact, the reach a persistent adversary would be able to gain in the control plane would go beyond what would be capable in a traditional network-based campaign, and they might even be more motivated to attack here because this area hasn’t already been commoditized.
If the control plane is compromised, an attacker would have the means to modify access and configuration, which would enable them to move towards their goal. This could mean attacks that leverage cloud storage, virtual machines or containers resulting in huge losses for organizations in terms of resources, data or business-critical applications.
Organizations operating in the cloud benefit from the speed and scale it offers, however, adversaries will also attempt to turn those benefits into an advantage that they can use for cyberattacks. The infrastructure, identity, data and services in the control plane are all in play for attackers. Organizations can give themselves a chance to defend and unlock attack progressions with the right technology and partner ecosystem that allow them to aggregate the correct signals.
Learn why prevention tools of the past are ineffective when it comes to cloud security.
Learn what the biggest challenges are for cloud security, and how to overcome these challenges.
550 S. Winchester Blvd., Suite 200
San Jose, CA, USA 95128
© 2020 Vectra AI, Inc. All rights reserved.