Auditing Virtual Infrastructure: You can t protect what you can t detect
|
|
- Nigel Bryan
- 6 years ago
- Views:
Transcription
1 Auditing Virtual Infrastructure: You can t protect what you can t detect Michael Berman, CISSP, NSA-IAM CTO, Catbird August 8, 2008
2 Platforms 2
3 Virtualization will be everywhere Reduce hardware and operating costs by as much as 50% Reduce energy costs by 80% Reduce the time it takes to provision new servers by up to 70% (actually much faster) Save more than $3,000 per year for every server workload virtualized HA and BCP applications Eliminate planned downtime 3
4 NOTE: In this talk non-virtualized equals physical 4
5 #1 Deja Fu -- Temporal attacks against crypto The Digital Signature Standard (DSS), will leak the secret signing key if two signatures are generated using the same randomness M. Bellare, S. Goldwasser, and D. Micciancio. Pseudo-random number generation within cryptographic algorithms: The DDS case. In CRYPTO, pages , Virtual Machines can be rolled back but an attacker s packet capture can not. SSL, S/Key, Stream ciphers among others can be broken by a temporal attack 5
6 Things to take away, more to think about Virtual Machines (VM) are less secure than the physical machines they replace Current security practices do not protect you Virtualization changes everything Review of current research Prescription Prognosis Q&A 6
7 Gartner Cautions Against Virtualization Without Security Many organizations mistakenly assume that their approach for securing virtual machines (VMs) will be the same as securing any OS and thus plan to apply their existing configuration guidelines, standards and tools. While this is a start, simply applying the technologies and best practices for securing physical servers won t provide sufficient protections for VMs. Neil MacDonald, vice president and Gartner Fellow 7
8 It s 3:00 AM; Where are your virtual machines? Virtual computing platforms cannot be deployed securely simply by dropping them into existing systems the fast and unpredictable growth that can occur with VMs can exacerbate management tasks and significantly multiply the impact of catastrophic events When Virtual is Harder than Real: Security Challenges in Virtual Based Computing Environments Mendel Rosenblum, CTO, VMware Tal Garfinkel, Stanford University Do you know what they are doing? 8
9 #2 Reduce threat surface, use defense in depth HIPAA Administrative safeguards 45 CFR (a)(4) Security management process: Implement policies and procedures to prevent, detect, contain, and correct security violations. Implement Virtual Security to ensure: flaw and defect management monitor the virtual network enforce network access control policies 9
10 Question: What are people doing? Answer: Running naked. People think of virtualization as this very different architecture, said a large platform vendor. It isn t actually. Virtual machines are more secure My physical security protects my virtual infrastructure VM are just like physical Use HIDS/anti-malware Do nothing 10
11 #3 Enforce least privilege and roles Gramm-Leach-Bliley Act (GLBA) Gramm-Leach-Bliley Bill Section 501(b) Financial Institutions Safeguards: protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. Virtual security practice: VI administrators should administrate in-scope VMs Detect, manage and audit transition, vmotion and virtual network configuration changes Audit trail of network events must follow the virtual machine throughout the virtual infrastructure 11
12 Virtual Machines are just as secure Virtual Machines are less secure Virtual machines have a larger threat surface than the physical machines they replace M equals the attack surface of the machine Assume M v equals M p However, M v equals (M p + M h + M g ) where (M h 1 < M h 2 ) M h equals zero if and only if Hypervisor is flawless M g equals zero if and only if VM isolation is flawless Therefore M p < (M p + M h + M g ) M p < M v 12
13 Current security practices protect you Current security practices do not protect you Policies are broken Data protection, access control Practices are broken Change management Dual Controls Physical security technologies are broken Say goodbye to security, integrity and compliance Security architecture broken Isolation and segmentation will not protect you 13
14 #4 The TCB includes all hosts a VM runs on PCI Data Security Standard (PCI DSS) Requirement 4: Encrypt transmission of cardholder data across open, public networks During VMotion, virtual machines are transferred in the clear VMotion network must be strictly isolated Requirement 10: Track and monitor all access to network resources and cardholder data Each host becomes part of the trust zone for the virtual machine Monitoring and protection must follow the virtual machine Audit trail should include VI and network events 14
15 Virtual Machines are just like physical machines Virtual Machines are not like physical machines Scaling Fast and unpredictable growth so fast you ll think you re hallucinating Transience Up/down, creation/deletion, motion Software Lifecycle Branches, roll-backs, temporal replay Diversity Proliferation of OS types and versions Visibility Virtual infrastructure creates unobserved areas Sources: 1. When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments Real Security for the Virtual World
16 Virtual Machines are very different Mobility Trusted Computing Base now includes all hosts that a VM has run on Identity Complicated ownership history, asset management Data Lifetime Data leakage and erasure issues Separation of Duties One hyper-user rules them all Dual Controls Server ops no longer needs network ops, security ops or purchasing 16
17 Virtualization changes nothing Virtualization changes everything New servers in 5 minutes or less Thin provisioning and JEOS Machines are files Networks are bytes in a memory backplane Live machines migrate geographies Imagine 300 hosts with 32 cores running 15,000 virtual machines, 600 virtual networks across 5 data centers growing at 5% per month! 17
18 #5 Velocity of change complicates compliance Federal Financial Institutions Examination Council (FFIEC) Assurance addresses the processes, policies, and controls used to develop confidence that technical and operational security measures work as intended Strict change management processes must be followed for the configuration of controls and operation of security measures within the virtual infrastructure Separation of Duties and Dual Controls should be required to ensure proper authorization 18
19 Review Hypervisor Security: Ian Pratt, Citrix Systems 19
20 Review Virtualization Security: Brandon Baker, Microsoft 20
21 Review: Hypervisor Exploits: Joanna Rutkowska, Invisible Things Lab 21
22 Review Secure Implementation: Center for Internet Security Chris Farrow, Fortisphere Dave Shackleford, Center for Internet Security Dennis Moreau, Configuresoft 22
23 Review Best Practices: VMware, DISA and Catbird 23
24 #6 Screen shots are a poor man s compliance report DISA ESX Server Security Technical Implementation Guide (DISA STIG r1v1) (ESX0820: CAT II) The IAO/SA will review all VirtualCenter logs on a daily basis for any suspicious or unusual activity. Deploy virtual security tools that correlate VirtualCenter activities with vulnerability, discovery, network access control, and virtual network traffic monitoring and controls (ESX0860: CAT II) The IAO/SA will have up-to-date documentation of the virtualization infrastructure. This will include all ESX Servers, virtual machines, IP addresses, MAC addresses, virtual switches, operating systems, and virtual applications. Use virtual security tools to automate the data collection and reporting. These tools should detect changes to the virtual network topology 24
25 Don t run naked Virtualization changes everything How do I manage my risk? Two options: 1. Assume risk (Run naked) 2. Mitigate risk (Protect your data and services) 25
26 Prescription 26
27 Security Vendors Source: VMware 27
28 #7 Physical security for virtual machines HIPAA Physical safeguards 45 CFR (a)(1) Facility access controls: Implement policies and procedures to limit physical access to its electronic information systems and the facility or facilities in which they are housed, while ensuring that properly authorized access is allowed. Virtualization implication: Machine console available through VI management Access to VM file equals physical access to machine Very difficult to provide secure deletion of data 28
29 Virtualized infrastructure will be more secure Assess risk Adapt security policy Implement new management processes Deploy virtualized security technology and automation Plan-Do-Check-Act 29
30 What is Virtualization Security? Take the red pill. Threats: Human error, misconfiguration or bad design Software flaws Malicious insider Malicious outsider exploiting any of the above Virtualization security addresses these security risks in virtualized environments Yes, it s different Remember virtualization changes everything 30
31 Visibility Nine of 10 breaches involved some type of unknown unknown, the most common of which was data that was not known to be on the compromised system. Most breaches go undetected for quite a while and are discovered by a third party rather than the victim organization. Attacks tend to be of low to moderate difficulty and largely opportunistic in nature rather than targeted. Due, in part, to these reasons, investigators concluded that nearly all breaches would likely have been prevented if basic security controls had been in place at the time of attack. Verizon 2008 Data Breach Report 31
32 V-Security architecture Management switch: Enforce access control Monitor traffic Block unauthorized or malicious activity Workload switch: Enforce access and traffic controls between virtual machines Monitor traffic Validate secure build and configuration policies for virtual machines Enforce policies for proxy use and authorized traffic Sources: 1. ESX 3 Server Configuration Guide, VMware 2. Secure Configuration Guide for ESX and ESXi, Catbird Storage access switch: Enforce access control Monitor traffic Block unauthorized or malicious activity Do not configure a default gateway for the service console 32
33 #8 Features you need Visibility and validation for configuration of Hosts and VMs Device access and traffic control Monitor, secure and audit service console and VirtualCenter Enforce virtual network isolation Restrict traffic to/from individual virtual machines Restrict traffic in/out trust zones Dual control/separation of duties for critical tasks Distributed multi-site security with central management 33
34 Management Shared dashboard Shared reports Shared event management Silos Network Operations Server Operations Security Operations 34
35 Prognosis Security is ALWAYS the last thing to get addressed when a new technology hits. Mike Rothman Budget Cycles Priorities Politics Who owns virtual security? 35
36 #9 Don t let security steal too many cycles Anti-virus accounts for 10% of all my CPU cycles, that s 30 hosts in my 300 host cluster, said the Security Architect for a large enterprise. Traditional in-line deployment of security appliances will not work Your security solution must be comprehensive, flexible, mobile, and compatible with the virtual architecture Security overhead must either be narrow or thin c HOST 36
37 Back to the future Virtualized desktops, thin provisioning and mobility will support central management and reduce costs while allowing greater diversity and improved services Virtualization gives enterprises a second chance to get the IT security playbook right. Five Server Virtualization Security Dos and Don ts, Thomas Ptacek, SearchSecurity.com June
38 #10 Find it, secure it, build it secure Organizationally Unique Identifiers (OUI) VMware 00-0C-29 (dynamic) (manually configured) C-14 Virtual Iron F-4B F6 Parallels Desktop 00-1C-42 XEN E (default) Microsoft Hyper-V FF A A D FA 00-1D-D F2 38
39 QA 39
40 Thank you For more information about Catbird, please contact: New virtual machine requested Catbird continuously monitors and and reports changes to to VirtualCenter configuration Change review Machine moved to production vswitch Catbird access control restricts access to authorized devices Catbird validates secure configuration New machine provisioned on isolated vswitch Machine added to authorized device list Machine configured and tested 40
Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More informationCatbird V-Security : You Can t Protect What You Can t Detect
Catbird V-Security : You Can t Protect What You Can t Detect Tamar Newberger What is a Catbird? Sitting high in the forest canopy, the catbird views all its surroundings from an unequalled vantage point,
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationSecuring the Data Center against
Securing the Data Center against vulnerabilities & Data Protection Agenda Virtual Virtualization Technology How Virtualization affects the Datacenter Security Keys to a Secure Virtualized Deployment and
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationFortisphere Essential Management for Virtual Infrastructures John Suit Founder and CTO
VM Essential Lifecycle Management for Virtual for the Infrastructures Real World Fortisphere Essential Management for Virtual Infrastructures John Suit Founder and CTO john.suit@fortisphere.com www.fortisphere.com
More informationSecurity and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /
Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:
More informationThe Evolution of Data Center Security, Risk and Compliance
#SymVisionEmea #SymVisionEmea The Evolution of Data Center Security, Risk and Compliance Taha Karim / Patrice Payen The Adoption Curve Virtualization is being stalled due to concerns around Security and
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationSECURITY PRACTICES OVERVIEW
SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationSAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012
SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating
More informationA comprehensive framework for securing virtualized data centers. Business white paper
A comprehensive framework for securing virtualized data centers Business white paper Contents Experiencing the virtualization wave...3 Addressing virtualization security challenges...3 Understanding security
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationBest Practices for PCI DSS Version 3.2 Network Security Compliance
Best Practices for PCI DSS Version 3.2 Network Security Compliance www.tufin.com Executive Summary Payment data fraud by cyber criminals is a growing threat not only to financial institutions and retail
More informationEMC Ionix IT Compliance Analyzer Application Edition
DATA SHEET EMC Ionix IT Compliance Analyzer Application Edition Part of the Ionix Data Center Automation and Compliance Family Automatically validates application-related compliance with IT governance
More informationBusiness Context: Key for Successful Risk Management
Business Context: Key for Successful Risk Management Philip Aldrich, CISSP, CISM, CISA, CRISC, CIPP Program Director, Risk Management EMC Event Alert Finding Incident Law Vulnerability Regulation Audit
More informationPROFESSIONAL SERVICES (Solution Brief)
(Solution Brief) The most effective way for organizations to reduce the cost of maintaining enterprise security and improve security postures is to automate and optimize information security. Vanguard
More informationSecuring the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition
Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Check Point
More informationCloud Under Control. HyTrust Two-Man Rule Solution Brief
HyTrust Two-Man Rule Solution Brief Summary Summary The exposure of extremely confidential national security information by an N.S.A. systems administrator highlighted the catastrophic consequences of
More informationSECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011
SECURING THE NEXT GENERATION DATA CENTER Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 JUNIPER SECURITY LEADERSHIP Market Leadership Data Center with High-End
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationFive Essential Capabilities for Airtight Cloud Security
Five Essential Capabilities for Airtight Cloud Security SECURITY IN THE CLOUD REQUIRES NEW CAPABILITIES It is no secret; security and compliance are at the top of the list of concerns tied to cloud adoption.
More informationVMware vsphere Clusters in Security Zones
SOLUTION OVERVIEW VMware vsan VMware vsphere Clusters in Security Zones A security zone, also referred to as a DMZ," is a sub-network that is designed to provide tightly controlled connectivity to an organization
More informationInternal Audit Report DATA CENTER LOGICAL SECURITY
Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationAchieving PCI Compliance: Long and Short Term Strategies
Achieving PCI Compliance: Long and Short Term Strategies Murray Goldschmidt - CISSP, QSA PCI DSS Compliance Conference, 3 Dec 2009 1 www.senseofsecurity.com.au Tuesday, August 11, 2009 Overview 1. PCI
More informationSTRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
More informationDatacenter Security: Protection Beyond OS LifeCycle
Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationvsan Security Zone Deployment First Published On: Last Updated On:
First Published On: 06-14-2017 Last Updated On: 11-20-2017 1 1. vsan Security Zone Deployment 1.1.Solution Overview Table of Contents 2 1. vsan Security Zone Deployment 3 1.1 Solution Overview VMware vsphere
More informationAnnual Report on the Status of the Information Security Program
October 2, 2014 San Bernardino County Employees Retirement Association 348 W. Hospitality Lane, Third Floor San Bernardino, CA 92415-0014 1 Table of Contents I. Executive Summary... 3 A. Overview... 3
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationBUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY
SOLUTION OVERVIEW BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY Every organization is exploring how technology can help it disrupt current operating models, enabling it to better serve
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including steep financial losses, damage
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationMotorola AirDefense Retail Solutions Wireless Security Solutions For Retail
Motorola AirDefense Retail Solutions Wireless Security Solutions For Retail Wireless Risks in Retail The PCI Security Standards Council is an open global forum, founded by American Express, Discover Financial
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationCONSIDERATIONS BEFORE MOVING TO THE CLOUD
CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part I By Debbie C. Sasso Principal When talking technology today, it s very rare that the word Cloud doesn t come up. The benefits
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! What s new from Microsoft?! Compliance, standards, and
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationProactive Approach to Cyber Security
Proactive roach to Cyber Security Jeffrey Neo Sales Director HP Enterprise Security Products Customers struggle to manage the security challenge Today, security is a board-level agenda item 2 Trends driving
More informationVANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER
VANGUARD INSURANCE INDUSTRY WHITEPAPER Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services Vanguard is the industry leader in z/os Mainframe Software to
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationSIEMLESS THREAT DETECTION FOR AWS
SOLUTION OVERVIEW: ALERT LOGIC FOR AMAZON WEB SERVICES (AWS) SIEMLESS THREAT DETECTION FOR AWS Few things are as important to your business as maintaining the security of your sensitive data. Protecting
More informationWHITE PAPERS. INSURANCE INDUSTRY (White Paper)
(White Paper) Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services Vanguard is the industry leader in z/os Mainframe Software to ensure enterprise compliance
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationCSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO
CSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions
More information6 Vulnerabilities of the Retail Payment Ecosystem
6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationSONICWALL SECURITY HEALTH CHECK SERVICE
SonicWall Partner Service Overview SONICWALL SECURITY HEALTH CHECK SERVICE Ensure your SonicWall Investment is fully optimized to protect your network Overview The SonicWall Security Health Check Service
More informationData Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationMaximizing IT Security with Configuration Management WHITE PAPER
Maximizing IT Security with Configuration Management WHITE PAPER Contents 3 Overview 4 Configuration, security, and compliance policies 5 Establishing a Standard Operating Environment (SOE) and meeting
More informationRethinking Security: The Need For A Security Delivery Platform
Rethinking Security: The Need For A Security Delivery Platform Cybercrime In Asia: A Changing Environment & Shifting Focus Asia, more vulnerable to cybercrime because of diversity and breadth of countries
More informationOverview Bank IT examination perspective Background information Elements of a sound plan Customer notifications
Gramm-Leach Bliley Act Section 501(b) and Customer Notification Roger Pittman Director of Operations Risk Federal Reserve Bank of Atlanta Overview Bank IT examination perspective Background information
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationPAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS) Table of Contents Introduction 03 Who is affected by PCI DSS? 05 Why should my organization comply 06 with PCI DSS? Email security requirements 08
More informationSONICWALL SECURITY HEALTH CHECK PSO 2017
SONICWALL SECURITY HEALTH CHECK PSO 2017 Get help in fully utilizing your investment to protect your network Overview SonicWALL Security Health Check provides a customer with a comprehensive review of
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationCRYPTTECH. Cost-effective log management for security and forensic analysis, ensuring compliance with mandates and storage regulations
Cost-effective log management for security and forensic analysis, ensuring compliance with mandates and storage regulations Integration with Numerous Type of Devices Flexible Architectural Configuration
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationAutomated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk
Automated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk Skybox Security Whitepaper January 2015 Executive Summary Firewall management has
More informationOnapsis: The CISO Imperative Taking Control of SAP
Onapsis: The CISO Imperative Taking Control of SAP Cyberattacks @onapsis 2016 Key SAP Cyber-Security Trends Over 95% of the SAP systems we have assessed, were exposed to vulnerabilities that could lead
More informationAnnexure E Technical Bid Format
Annexure E Technical Bid Format ANTIVIRUS SOLUTION FOR MAIL SERVER SECURITY AND SERVER SECURITY FOR DESKTOP,LAPTOP Sr. No Description Compliance (Y/N) Remark 01 Must offer comprehensive client/server security
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationIT infrastructure layers requiring Privileged Identity Management
White Paper IT infrastructure layers requiring Privileged Identity Management Abstract Much of today s IT infrastructure is structured as different layers of devices (virtual and physical) and applications.
More informationSECURITY RISK METRICS: THE VIEW FROM THE TRENCHES. Alain Mayer CTO, RedSeal Systems
SECURITY RISK METRICS: THE VIEW FROM THE TRENCHES Alain Mayer CTO, RedSeal Systems Alain@RedSeal.net Security Defects Defects Vulnerabilities on applications, OS, embedded systems Un-approved applications
More informationMapping BeyondTrust Solutions to
TECH BRIEF Taking a Preventive Care Approach to Healthcare IT Security Table of Contents Table of Contents... 2 Taking a Preventive Care Approach to Healthcare IT Security... 3 Improvements to be Made
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationSONICWALL SECURITY HEALTH CHECK SERVICE
SonicWall Partner Service Overview SONICWALL SECURITY HEALTH CHECK SERVICE Ensure your SonicWall Investment is fully optimized to protect your network Overview The SonicWall Security Health Check Service
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCloud Essentials for Architects using OpenStack
Cloud Essentials for Architects using OpenStack Course Overview Start Date 5th March 2015 Duration 2 Days Location Dublin Course Code SS15-13 Programme Overview Cloud Computing is gaining increasing attention
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationHIPAA Regulatory Compliance
Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health
More informationCompliance in 5 Steps
Email Compliance in 5 Steps Introduction For most businesses, email is a vital communication resource. Used to perform essential business functions, many organizations rely on email to send sensitive confidential
More informationSECURITY AND DATA REDUNDANCY. A White Paper
SECURITY AND DATA REDUNDANCY A White Paper Security and Data Redundancy Whitepaper 2 At MyCase, Security is Our Top Priority. Here at MyCase, we understand how important it is to keep our customer s data
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationSecurity in Cloud Environments
Security in Cloud Environments Security Product Manager Joern Mewes (joern.mewes@nokia.com) 16-11-2016 1 Cloud transformation happens in phases and will take 5+ years Steps into the cloud Now 2016+ 2020+
More informationPCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing
PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing 1 WhiteHat Security Application Security Company Leader in the Gartner Magic Quadrant Headquartered in Santa Clara, CA 320+
More informationInfrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation
Infrastructure Blind Spots Continue to Fuel Personal Data Breaches Sanjay Raja Lumeta Corporation Why Is Real-Time Network & Cloud Situational Awareness Critical? Today s business drivers enable a greater
More informationPost-Secondary Institution Data-Security Overview and Requirements
Post-Secondary Institution Data-Security Overview and Tiina K.O. Rodrigue, EdDc, CISSP, CISM, PMP, CSM, CEA, ITIL, ISC2 Compliance Mapper, A+ Senior Advisor Cybersecurity - 2017 Agenda Who needs to worry
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationHALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.
HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationData Retrieval Firm Boosts Productivity while Protecting Customer Data
Data Retrieval Firm Boosts Productivity while Protecting Customer Data With HEIT Consulting, DriveSavers deployed a Cisco Self-Defending Network to better protect network assets, employee endpoints, and
More informationNetwork Virtualization Business Case
SESSION ID: GPS2-R01 Network Virtualization Business Case Arup Deb virtual networking & security VMware NSBU adeb@vmware.com I. Data center security today Don t hate the player, hate the game - Ice T,
More information