Cloud Security Strategy - Adapt to Changes with Security Automation -
|
|
- Delphia Nicholson
- 6 years ago
- Views:
Transcription
1 SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan
2 Agenda New Normal of Security Architecture Security Best-Mix to Adapt to Changes Security Automation as a New Solution 11
3 Agenda New Normal of Security Architecture Security Best-Mix to Adapt to Changes Security Automation as a New Solution 12
4
5 Cloud has become the New Normal. Companies of every size are deploying new applications to the cloud by default. Andy Jassy, Chief Executive Officer, Amazon Web Services AWS re:invent
6
7 The only rational response to risk is to be proactive in how we engage with changes. If you are not disrupting your own markets, someone else will disrupt them for you. Eric Tucker, IT Chief Technology Officer, GE Global Research AWS Summit Tokyo
8 IT in the Cloud Era Ownership Utilization Electric Power Private Electric Generator Electric Utility Provider Computing On-premise Servers Cloud Service Provider 17
9 IT Capacity (On-premise) Surplus Capacity Surplus Capacity Rapid Growth or M&A Unpredictable Peak Lack of Capacity = Opportunity Loss 18
10 IT Capacity (Cloud) Freedom from Surplus Capacity Freedom from Surplus and Lack of Capacity Rapid Growth or M&A Unpredictable Peak Freedom from Capacity Sizing 19
11 The Value of Cloud Improvement Easier, Faster, Cheaper Innovation Can do what we couldn t do 20
12 The Value of Cloud Improvement Easier, Faster, Cheaper Innovation Can do what we couldn t do Disruption Bring the old value to naught Normal to New Normal 21
13 Normal Security Issues Are current security measures effective? How much should we invest in security? Is ROI optimized? 22
14 Can We Calculate Security ROI? Return Protected amount of money applied by security measures Investment Pure cost of security measures 23
15 Can We Calculate Security ROI? NO! Return Direct Cost Incident Response Expenses Existing Customers Lost Measurable Indirect Cost Business Opportunity Lost Prospective Customers Lost Unmeasurable Investment IT Investment Facility Investment Training What is the percentage of Security? 24
16 Security Investment Can Not Be Unraveled Security is becoming a fabric item. It s woven through every major technical decision. Mark McLaughlin President & CEO, Palo Alto Networks Ignite
17 Start with Risk (Risk-based Approach) NIST SP Security and Privacy Controls for Federal Information Systems and Organizations Select the appropriate security controls in accordance with the required security levels. Tailor security control baselines to achieve the needed level of protection in accordance with organizational assessments of risk. 26
18 Security Risk Formula Threats Vulnerabilities Informational Assets Malware Targeted Attack DDoS Attack Security Hole Misconfiguration Psychological Corporate Confidential Personal Information Intellectual Property 27
19 Risks keep changing Threats Vulnerabilities Informational Assets Social Event Corporate News Corporate Reputation Asset Investment Organization Growth Hiring & Deployment Business Growth M&A/IPO Company Split-up 28
20 Adapt Security Level to Risk Changes Changing Security Risk 29
21 Adapt Security Level to Risk Changes Optimal Security Level Changing Security Risk 30
22 From ROI to Adaptiveness Normal New Normal What we look at Return On Investment (ROI) Adaptiveness to changes Increased Security Level Adapted Security Level What it looks like Changing Security Risk 31
23 Agenda New Normal of Security Architecture Security Best-Mix to Adapt to Changes Security Automation as a New Solution 32
24 Categories by Adaptiveness Category Situational Security Adaptiveness High Usecases Incident response Forensics EDR UEBA Threat Intelligence Correlation Corporate Security Middle Access Control Vulnerbility Mngt. Encryption FW/IPS/IDS Data Protection Log Management Fixed Security Low Network Server Data Center Hypervisor Storage Facility 33
25 [REF] Electric Power Best Mix Electric Power Demand thermal electric power pumped-storage hydroelectric power nuclear electric power (H) 34
26 Security Best Mix Security Level Situational Security Adaptiveness High Cost High Corporate Security Middle Middle Fixed Security Low Low 35
27 Security Best Mix in the Cloud Era Security Level Situational Security (Security by the cloud) Corporate Security (Security in the cloud) Fixed Security (Security of the cloud) Power Source (Driver) Security Automation (Adaptability) Compliance as Code DevSecOps Based on regulatory compliance (Reusability/Repeatability) Economies of Scale by Cloud Service Provider (Cost) 36
28 Security Best Mix in the Cloud Era Security Level Situational Security (Security by the cloud) Corporate Security (Security in the cloud) Fixed Security (Security of the cloud) Power Source (Driver) Security Automation (Adaptability) What and How? Compliance as Code DevSecOps Based on regulatory compliance (Reusability/Repeatability) Economies of Scale by Cloud Service Provider (Cost) 37
29 Minimize the Gap to Adapt 1. Granular Response 2. Early Detection Security Level Adapted Security Level Changing Security Risk Time 38
30 Minimize the Gap to Adapt 1. Granular Response 2. Early Detection Many Small Services Independently Deployable Loosely Coupled Microservices Architecture 39
31 Minimize the Gap to Adapt 1. Granular Response 2. Early Detection Many Small Services Independently Deployable Loosely Coupled Microservices Architecture Massive Security Logs Threat Intelligence Event Driven / API Call Data Management Infrastructure 40
32 Minimize the Gap to Adapt 1. Granular Response 2. Early Detection Many Small Services Independently Deployable Loosely Coupled Microservices Architecture Massive Security Logs Threat Intelligence Event Driven / API Call Data Management Infrastructure Cloud Makes It Easier and Possible 41
33 Agenda New Normal of Security Architecture Security Best-Mix to Adapt to Changes Security Automation as a New Solution 42
34 Gartner s Adaptive Security Architecture Predict Proactive Exposure Assessment Harden and Isolate Systems Prevent Predict Attacks Divert Attackers Baseline Systems Remediate / Make Changes Continuous Monitoring and Analytics Prevent Incidents Detect Incidents Design / Model Changes Confirm and Prioritize Respond Investigate / Forensics Contain Incidents Detect
35 AWS Service Mapping Predict NACL SG Prevent Amazon Inspector 3 rd Party Data Feed AWS Config Amazon CloudFront AWS WAF Amazon CloudWatch AWS CloudTrail Amazon SNS AWS Lambda Amazon VPC flow logs 3 rd Party IDS Respond AWS CloudFormation Amazon EBS 44 Auto Scaling 3 rd Party SIEM Detect
36 Use Case: Mitigate External Attacks Predict NACL SG Prevent Amazon Inspector 3 rd Party Data Feed AWS Config Amazon CloudFront AWS WAF Amazon CloudWatch AWS CloudTrail Amazon SNS AWS Lambda Amazon VPC flow logs 3 rd Party IDS Respond AWS CloudFormation Amazon EBS 45 Auto Scaling 3 rd Party SIEM Detect
37 Automatic Update on WAF rule with IP Black List User Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Amazon EC2 Web servers Amazon RDS Database Attacker AWS WAF Web Application Firewall AWS WAF Security Automations
38 Automatic Update on WAF rule with IP Black List User Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Amazon EC2 Web servers Amazon RDS Database 1Execute hourly Attacker AWS WAF Web Application Firewall AWS Lambda Function as a Service Amazon CloudWatch Resource Monitoring AWS WAF Security Automations
39 Automatic Update on WAF rule with IP Black List User Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Amazon EC2 Web servers Amazon RDS Database 1Execute hourly Attacker AWS WAF Web Application Firewall AWS Lambda Function as a Service Amazon CloudWatch Resource Monitoring 3 rd party Reputation List AWS WAF Security Automations 2Check for malicious IP addresses
40 Automatic Update on WAF rule with IP Black List User Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Amazon EC2 Web servers Amazon RDS Database 1Execute hourly Attacker AWS WAF Web Application Firewall AWS Lambda Function as a Service Amazon CloudWatch Resource Monitoring 3Add to an AWS WAF block list 3 rd party Reputation List AWS WAF Security Automations 2Check for malicious IP addresses
41 Automatic Update on WAF rule with IP Black List User Attacker Amazon CloudFront Content Delivery Network 4Block the traffic from malicious IP addresses Elastic Load Balancing Load Balancer Amazon EC2 Web servers Amazon RDS Database 1Execute hourly AWS WAF Web Application Firewall AWS Lambda Function as a Service Amazon CloudWatch Resource Monitoring 3Add to an AWS WAF block list 3 rd party Reputation List AWS WAF Security Automations 2Check for malicious IP addresses
42 Contain and Notify an Incident by Scale-out Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Auto Scaling Group Availability Zone 1a EC2 Instances Availability Zone 1b
43 Contain and Notify an Incident by Scale-out Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Auto Scaling Group Availability Zone 1a EC2 Instances Availability Zone 1b 1Massive traffic
44 Contain and Notify an Incident by Scale-out 2Automatic traffic distribution by scale-out Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Auto Scaling Group Availability Zone 1a EC2 Instances Availability Zone 1b 1Massive traffic
45 Contain and Notify an Incident by Scale-out 3Notify the scaling event 2Automatic traffic distribution by scale-out Amazon CloudFront Content Delivery Network Elastic Load Balancing Load Balancer Auto Scaling Group Availability Zone 1a Amazon SNS Notification Service EC2 Instances Availability Zone 1b 1Massive traffic
46 Contain and Notify an Incident by Scale-out 3Notify the scaling event 2Automatic traffic distribution by scale-out Amazon CloudFront Content Delivery Network 1Massive traffic Elastic Load Balancing Load Balancer EC2 Instances Auto Scaling Group Availability Zone 1a Availability Zone 1b Amazon SNS Notification Service AWS Lambda Function as a Service 4Call an arbitrary function
47 Use Case: Assess Risks to Manage Internal Endpoints Predict NACL SG Prevent Amazon Inspector 3 rd Party Data Feed AWS Config Amazon CloudFront AWS WAF Amazon CloudWatch AWS CloudTrail Amazon SNS AWS Lambda Amazon VPC flow logs 3 rd Party IDS Respond AWS CloudFormation Amazon EBS 56 Auto Scaling 3 rd Party SIEM Detect
48 Automate Quarantine and Backup AWS Lambda Function as a Service Amazon Inspector Security Assessment EC2 Instance Endpoint Amazon EBS Block Storage Security Group Stateful Firewall Network ACL Stateless Firewall
49 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment Amazon Inspector Security Assessment EC2 Instance Endpoint Amazon EBS Block Storage Security Group Stateful Firewall Network ACL Stateless Firewall
50 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment Amazon Inspector Security Assessment 2Vulnerability scan to endpoint EC2 Instance Endpoint Security Group Stateful Firewall Network ACL Stateless Firewall Amazon EBS Block Storage
51 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment Amazon Inspector Security Assessment Amazon SNS Notification Service 2Vulnerability scan to endpoint EC2 Instance Endpoint Security Group Stateful Firewall Network ACL Stateless Firewall Amazon EBS Block Storage 3Notify the scan results
52 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment Amazon Inspector Security Assessment 2Vulnerability scan to endpoint EC2 Instance Endpoint Security Group Stateful Firewall Amazon EBS Block Storage Amazon SNS Notification Service AWS Lambda Function as a Service 3Notify the scan results Network ACL Stateless Firewall 4Quarantine the endpoint by firewalls
53 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment 5Copy a disk image for backup Amazon Inspector Security Assessment 2Vulnerability scan to endpoint EC2 Instance Endpoint Amazon EBS Block Storage snapshot Security Group Stateful Firewall Amazon SNS Notification Service AWS Lambda Function as a Service 3Notify the scan results Network ACL Stateless Firewall 4Quarantine the endpoint by firewalls
54 Automate Quarantine and Backup AWS Lambda Function as a Service 1Run a security assessment 5Copy a disk image for backup Amazon Inspector Security Assessment 2Vulnerability scan to endpoint EC2 Instance Endpoint Amazon EBS Block Storage snapshot Security Group Stateful Firewall Amazon SNS Notification Service AWS Lambda Function as a Service 3Notify the scan results Network ACL Stateless Firewall 4Quarantine the endpoint by firewalls AWS CloudTrail Operation Log Service 6Record the backup log
55 The Value of Cloud Security Improvement Innovation Disruption Easier, Faster, Cheaper Earlier detection on data management infrastructure Can do what we couldn t do granular response through the microservices Bring the old value to naught ROI to Adaptiveness to changes 64
56 Summary Be adaptive to the changes of security risks Best-mix security by its adaptiveness Cloud makes it easy and possible with Security Automation 65
57 Apply Apply cloud technology to improve readiness and responsiveness. (e.g. AWS provides automated security) Mix different types of security in adaptiveness to attain the necessary security level. Recommend to use: security of cloud for fixed security security in cloud for corporate security security by cloud for situational security 66
58 Thank you!
AWS Well Architected Framework
AWS Well Architected Framework What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources Main Pillars Security Reliability Performance Efficiency Cost Optimization
More informationBest Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
More informationBuilding a Self-Defending Border. Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS
Building a Self-Defending Border Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS www.cloudsec.com #cloudsec Building A Defending Borders Protect Your Web-facing Workloads
More informationCloud security 2.0: Joko nyt pilveen voi luottaa?
Cloud security 2.0: Joko nyt pilveen voi luottaa? www.nordcloud.com 11 04 2017 Helsinki 2 Teemu Lehtonen Senior Cloud architect, Security teemu.lehtonen@nordcloud.com +358 40 6329445 Nordcloud Finland
More informationARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS
ARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS Dr Adnene Guabtni, Senior Research Scientist, NICTA/Data61, CSIRO Adnene.Guabtni@csiro.au EC2 S3 ELB RDS AMI
More informationCompleting your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT
Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,
More informationMapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd
Berlin Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd AWS Compliance Display Cabinet Certificates: Programmes:
More informationTraining on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
More informationEnroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
More informationAWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager
AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS Alliance Manager Disruptive innovation and business transformation starts with data I HAVE BEEN GIVEN AN AWS ACCOUNT!!!
More informationHackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm
whitepaper Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm When your company s infrastructure was built on the model of a traditional on-premise data center, security was pretty
More informationAdditional Security Services on AWS
Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer
More informationCogniFit Technical Security Details
Security Details CogniFit Technical Security Details CogniFit 2018 Table of Contents 1. Security 1.1 Servers........................ 3 1.2 Databases............................3 1.3 Network configuration......................
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationAWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
More informationCYBER SECURITY WHITEPAPER
CYBER SECURITY WHITEPAPER ABOUT GRIDSMART TECHNOLOGIES, INC. GRIDSMART Technologies, Inc. provides Simple, Flexible, and Transparent solutions for the traffic industry that collect and use data to make
More informationArchitecting for Greater Security in AWS
Architecting for Greater Security in AWS Jonathan Desrocher Security Solutions Architect, Amazon Web Services. Guy Tzur Director of Ops, Totango. 2015, Amazon Web Services, Inc. or its affiliates. All
More informationWho done it: Gaining visibility and accountability in the cloud
Who done it: Gaining visibility and accountability in the cloud By Ryan Nolette Squirrel Edition $whoami 10+ year veteran of IT, Security Operations, Threat Hunting, Incident Response, Threat Research,
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stella Lee Manager, Enterprise Business Development $ 2 0 B + R E V E N U E R U N R A T E (Annualized from Q4 2017) 4 5 % Y / Y G R O W T
More informationSIEMLESS THREAT DETECTION FOR AWS
SOLUTION OVERVIEW: ALERT LOGIC FOR AMAZON WEB SERVICES (AWS) SIEMLESS THREAT DETECTION FOR AWS Few things are as important to your business as maintaining the security of your sensitive data. Protecting
More informationMicroservices on AWS. Matthias Jung, Solutions Architect AWS
Microservices on AWS Matthias Jung, Solutions Architect AWS Agenda What are Microservices? Why Microservices? Challenges of Microservices Microservices on AWS What are Microservices? What are Microservices?
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationAWS 101. Patrick Pierson, IonChannel
AWS 101 Patrick Pierson, IonChannel What is AWS? Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help
More informationAdvanced Techniques for DDoS Mitigation and Web Application Defense
Advanced Techniques for DDoS Mitigation and Web Application Defense Dr. Andrew Kane, Solutions Architect Giorgio Bonfiglio, Technical Account Manager June 28th, 2017 2017, Amazon Web Services, Inc. or
More informationMagento Commerce Architecture and Security Model Last updated: Aug 2017
Magento Commerce Architecture and Security Model Last updated: Aug 2017 Architecture The Magento Commerce architecture is designed to provide a highly secure environment. Each customer is deployed into
More informationAutomate best practices and operational health for your AWS resources with Trusted Advisor and AWS Health
Automate best practices and operational health for your AWS resources with Trusted Advisor and AWS Health Heitor Lessa, Solutions Architect @ AWS Stephen Gran, Senior Technical Architect @ Piksel June
More informationSecurity: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration
Security: A Driving Force Behind Moving to the Cloud Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration 2017, Amazon Web Services, Inc. or its affiliates.
More informationHackproof Your Cloud Responding to 2016 Threats
Hackproof Your Cloud Responding to 2016 Threats Aaron Klein, CloudCheckr Tuesday, June 30 th 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Changing Your Perspective Moving
More informationA Risk Management Platform
A Risk Management Platform Michael Lai CISSP, CISA, MBA, MSc, BEng(hons) Territory Manager & Senior Security Sales Engineer Shift to Risk-Based Security OLD MODEL: Prevention-Based Security Prevention
More informationUnderstanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More informationAWS Solution Architect Associate
AWS Solution Architect Associate 1. Introduction to Amazon Web Services Overview Introduction to Cloud Computing History of Amazon Web Services Why we should Care about Amazon Web Services Overview of
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSecuring Microservices Containerized Security in AWS
Securing Microservices Containerized Security in AWS Mike Gillespie, Solutions Architect, Amazon Web Services Splitting Monoliths Ten Years Ago Splitting Monoliths Ten Years Ago XML & SOAP Splitting Monoliths
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationFrom Managed Security Services to the next evolution of CyberSoc Services
From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry
More informationLook Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationDATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure
DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure AlienVault USM Anywhere accelerates and centralizes threat detection, incident response,
More informationWhat s New at AWS? looking at just a few new things for Enterprise. Philipp Behre, Enterprise Solutions Architect, Amazon Web Services
What s New at AWS? looking at just a few new things for Enterprise Philipp Behre, Enterprise Solutions Architect, Amazon Web Services 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationIncident Response and Forensics in your Pyjamas
Incident Response and Forensics in your Pyjamas When security incidents happen, you often have to respond in a hurry to gather forensic data from the resources that were involved. You might need to grab
More informationMicroservices Architekturen aufbauen, aber wie?
Microservices Architekturen aufbauen, aber wie? Constantin Gonzalez, Principal Solutions Architect glez@amazon.de, @zalez 30. Juni 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationCertificate of Registration
Certificate of Registration THIS IS TO CERTIFY THAT 2001 8th Ave, Seattle, WA 98121 USA operates AWS using IaaS model (Amazon CloudFront, Amazon Elastic Block Store (EBS), Amazon Elastic Compute Cloud
More informationIntroduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
More informationSecurity Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationHigh School Technology Services myhsts.org Certification Courses
AWS Associate certification training Last updated on June 2017 a- AWS Certified Solutions Architect (40 hours) Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationAmazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
More informationAWS Solution Architecture Patterns
AWS Solution Architecture Patterns Objectives Key objectives of this chapter AWS reference architecture catalog Overview of some AWS solution architecture patterns 1.1 AWS Architecture Center The AWS Architecture
More informationNEXT GENERATION CLOUD SECURITY
SESSION ID: CMI-F02 NEXT GENERATION CLOUD SECURITY Myles Hosford Head of FSI Security & Compliance Asia Amazon Web Services Agenda Introduction to Cloud Security Benefits of Cloud Security Cloud APIs &
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationMid-Atlantic CIO Forum
Mid-Atlantic CIO Forum Agenda Security of the Cloud Security In the Cloud Your Product and Services Roadmap (innovation) AWS and Cloud Services Growth and Expansion at AWS Questions & Discussion Shared
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationThe Evolution of : Continuous Advanced Threat Protection
The Evolution of : Continuous Advanced Threat Protection Craig Bird Senior Solutions Engineer Security is a combination of protection, detection and response You need Prevention to defend against low-focus
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationWhat s New at AWS? A selection of some new stuff. Constantin Gonzalez, Principal Solutions Architect, Amazon Web Services
What s New at AWS? A selection of some new stuff Constantin Gonzalez, Principal Solutions Architect, Amazon Web Services Speed of Innovation AWS Pace of Innovation AWS has been continually expanding its
More informationAmazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.
Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect Amazon.com, Inc. and its affiliates. All rights reserved. Learning about Cloud Computing with AWS What is Cloud Computing and
More informationINTRO TO AWS: SECURITY
INTRO TO AWS: SECURITY Rob Whitmore Solutions Architect 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Security is the foundation Familiar security model Validated by security experts
More informationSTRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
More informationChallenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9
HAWK Overview Agenda Contents Slide Challenges 3 HAWK Introduction 4 Key Benefits 6 About Gavin Technologies 7 Our Security Practice 8 Security Services Approach 9 Why Gavin Technologies 10 Key Clients
More informationWHITE PAPER. Five AWS Practices. Enhancing Cloud Security through Better Visibility
WHITE PAPER Five AWS Practices Enhancing Cloud Security through Better Visibility Continuous innovation and speed to market are mandating dynamic paradigm shifts in how companies conceive, develop and
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationThe Emerging Role of a CDN in Facilitating Secure Cloud Deployments
White Paper The Emerging Role of a CDN in Facilitating Secure Cloud Deployments Sponsored by: Fastly Robert Ayoub August 2017 IDC OPINION The ongoing adoption of cloud services and the desire for anytime,
More informationQualys Cloud Platform
18 QUALYS SECURITY CONFERENCE 2018 Qualys Cloud Platform Looking Under the Hood: What Makes Our Cloud Platform so Scalable and Powerful Dilip Bachwani Vice President, Engineering, Qualys, Inc. Cloud Platform
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationServerless Computing. Redefining the Cloud. Roger S. Barga, Ph.D. General Manager Amazon Web Services
Serverless Computing Redefining the Cloud Roger S. Barga, Ph.D. General Manager Amazon Web Services Technology Triggers Highly Recommended http://a16z.com/2016/12/16/the-end-of-cloud-computing/ Serverless
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD
ActiveNET #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD-500018 9848111288 activesurya@ @gmail.com wwww.activenetinformatics.com y Suryanaray yana By AWS Course Content 1. Introduction to Cloud
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationOvercoming the Challenges of Automating Security in a DevOps Environment
SESSION ID: LAB-W02 Overcoming the Challenges of Automating Security in a DevOps Environment Murray Goldschmidt Chief Operating Officer Sense of Security @ITsecurityAU Michael McKinnon Director, Commercial
More informationMitigating Cybersecurity Risk with Hyper-Segmentation
Mitigating Cybersecurity Risk with Hyper-Segmentation Session 46, February 20, 2017 Eric Miller, Sr. Director, Ascension Information Services Paul Unbehagen, Chief Architect, Avaya 1 Speaker Introduction
More informationBEST PRACTICES TO PROTECTING AWS CLOUD RESOURCES
E-Guide BEST PRACTICES TO PROTECTING AWS CLOUD RESOURCES SearchAWS T here is no catch-all for securing a cloud network. Administrators should take a comprehensive approach to protect AWS cloud resources
More informationSOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2
Requirement Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence
More informationSecuring Cloud Applications with a Distributed Web Application Firewall Riverbed Technology
Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com 2013 Riverbed Technology Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS
More informationSECURITY-AS-A-SERVICE BUILT FOR AWS
SOLUTION BRIEF: SECURITY-AS-A-SERVICE BUILT FOR AWS Alert Logic Security-as-a-Service solutions integrate cloud-based software, analytics and expert services to assess, detect and block workload threats
More informationAdopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security
Adopting Modern Practices for Improved Cloud Security Cox Automotive - Enterprise Risk & Security 1 About Cox Automotive Cox Automotive is a leading provider of products and services that span the automotive
More informationCLOUD AND AWS TECHNICAL ESSENTIALS PLUS
1 P a g e CLOUD AND AWS TECHNICAL ESSENTIALS PLUS Contents Description... 2 Course Objectives... 2 Cloud computing essentials:... 2 Pre-Cloud and Need for Cloud:... 2 Cloud Computing and in-depth discussion...
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationASD CERTIFICATION REPORT
ASD CERTIFICATION REPORT Amazon Web Services Elastic Compute Cloud (EC2), Virtual Private Cloud (VPC), Elastic Block Store (EBS) and Simple Storage Service (S3) Certification Decision ASD certifies Amazon
More informationNIST Special Publication
DATASHEET NIST Special Publication 800-53 Security and Privacy Controls for Federal Information Systems and Organizations Mapping for Carbon Black BACKGROUND The National Institute of Standards and Technology
More informationDesign Patterns for the Cloud. MCSN - N. Tonellotto - Distributed Enabling Platforms 68
Design Patterns for the Cloud 68 based on Amazon Web Services Architecting for the Cloud: Best Practices Jinesh Varia http://media.amazonwebservices.com/aws_cloud_best_practices.pdf 69 Amazon Web Services
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationInfoblox as Part of the Ecosystem
Infoblox Core Exchange Infoblox Core Exchange is a highly-interconnected set of ecosystem integrations that extend security, increase agility, and provide situational awareness for more efficient operations,
More informationCyberPosture Intelligence for Your Hybrid Infrastructure
VALUE BRIEF CyberPosture Intelligence for Your Hybrid Infrastructure CyberPosture is a consolidated risk score, based on configuration and workload analysis, that executives can present to their board,
More informationProactive Approach to Cyber Security
Proactive roach to Cyber Security Jeffrey Neo Sales Director HP Enterprise Security Products Customers struggle to manage the security challenge Today, security is a board-level agenda item 2 Trends driving
More informationStreamline AWS Security Incidents
IMF 2018 Streamline AWS Security Incidents Asif Matadar @d1r4c #whoami Director of Endpoint Detection & Response (EDR), EMEA at Tanium Seasoned Incident Response professional with over 7 years experience
More information