Qualys Cloud Platform

Similar documents
Regaining Our Lost Visibility

Qualys Cloud Platform

Où en sommes-nous, où va le marché?

Everything visible. Everything secure.

Investor presentation. Philippe Courtot, Chairman and CEO Melissa Fisher, CFO

Investor presentation

Automating Security Practices for the DevOps Revolution

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

Investor presentation. Philippe Courtot, Chairman and CEO Melissa Fisher, CFO

Real-Time Vulnerability Management Operationalizing the VM process from detection to remediation

Real-Time Vulnerability Management Operationalizing the VM process from detection to remediation

Qualys Cloud Platform

Real-Time Vulnerability Management Operationalizing the VM process from detection to remediation

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Architecting Microsoft Azure Solutions (proposed exam 535)

SYMANTEC DATA CENTER SECURITY

Cisco Tetration Analytics

SIEMLESS THREAT DETECTION FOR AWS

Security Configuration Assessment (SCA)

Azure DevOps. Randy Pagels Intelligent Cloud Technical Specialist Great Lakes Region

CLOUD WORKLOAD SECURITY

A10 HARMONY CONTROLLER

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Community Edition Getting Started Guide. July 25, 2018

Vulnerability Management

Cisco Tetration Analytics

QuickSpecs. Aruba IntroSpect User and Entity Behavior Analytics. Overview. Aruba IntroSpect User and Entity Behavior Analytics Product overview

CyberPosture Intelligence for Your Hybrid Infrastructure

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Qualys Cloud Suite 2.30

DevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY

API, DEVOPS & MICROSERVICES

Integrated, Intelligence driven Cyber Threat Hunting

McAfee Cloud Workload Security Product Guide

DevOps CICD PopUp. Software Defined Application Delivery Fabric. Frey Khademi. Systems Engineering DACH. Avi Networks

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

AWS Reference Design Document

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Getting Started with AWS Security

How to manage evolving threats on evolving ICT assets across Enterprise

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Qualys Indication of Compromise

Exam : Implementing Microsoft Azure Infrastructure Solutions

Unlocking the Power of the Cloud

Kuberiter White Paper. Kubernetes. Cloud Provider Comparison Chart. Lawrence Manickam Kuberiter Inc

SIEM Solutions from McAfee

Qualys highlights its adaptability to digital transformation at QSC 17

QLYS Analysts & Investors Day

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

MEETING ISO STANDARDS

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

Automating the Top 20 CIS Critical Security Controls

Consulting Edition Getting Started Guide. October 3, 2018

STATE OF MODERN APPLICATIONS IN THE CLOUD

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

No Limits Cloud Introducing the HPE Helion Cloud Suite July 28, Copyright 2016 Vivit Worldwide

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

Microsoft Security Management

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

VMware Cloud on AWS Technical Deck VMware, Inc.

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

ebook ADVANCED LOAD BALANCING IN THE CLOUD 5 WAYS TO SIMPLIFY THE CHAOS

DevSecOps Shift Left Security. Prioritizing Incident Response using Security Posture Assessment and Attack Surface Analysis

Securing Your Cloud Introduction Presentation

The Why, What, and How of Cisco Tetration

#techsummitch

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Title DC Automation: It s a MARVEL!

ALERT LOGIC LOG MANAGER & LOG REVIEW

Powerful Insights with Every Click. FixStream. Agentless Infrastructure Auto-Discovery for Modern IT Operations

McAfee Public Cloud Server Security Suite

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

RED HAT CLOUDFORMS. Chris Saunders Cloud Solutions

Exam C Foundations of IBM Cloud Reference Architecture V5

Hitachi Enterprise Cloud Container Platform

Deploying and Operating Cloud Native.NET apps

Datacenter Security: Protection Beyond OS LifeCycle

Azure Learning Circles

How to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud

THE ACCENTURE CYBER DEFENSE SOLUTION

Azure File Sync. Webinaari

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Cloud Transformation and Significance of Security

by Cisco Intercloud Fabric and the Cisco

VMWARE ENTERPRISE PKS

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Unify DevOps and SecOps: Security Without Friction

BMC Remedyforce Discovery and Client Management. Frequently asked questions

ORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS. December 1, 2017

Transcription:

18 QUALYS SECURITY CONFERENCE 2018 Qualys Cloud Platform Looking Under the Hood: What Makes Our Cloud Platform so Scalable and Powerful Dilip Bachwani Vice President, Engineering, Qualys, Inc.

Cloud Platform Environment Security at scale on hybrid clouds 15+ products providing comprehensive suite of security solutions 10,300+ customers 7 shared cloud platforms across North America, Europe & Asia 70+ private clouds platforms deployed globally... on-prem, AWS, Azure, GCP 2

Cloud Platform Highlights 1+ trillion security events annually 3+ billion scans annually 2.5+ billion messages daily across Kafka clusters 620+ billion data points indexed in our Elasticsearch clusters Unprecedented 2-second visibility 3

Qualys Cloud Platform Sensors, Data Platform, Microservices, DevOps UI Portal API Application s / Shared s / Stream & Batch Processing / Reporting / Analytics... Qualys Streaming Data Backbone 4 Cloud Agents Passive Scanners Scanners Appliances Virtual Scanners Internet Scanners

Qualys Sensor Platform Scalable, self-updating & centrally managed Physical Virtual Cloud/Container Cloud Agents Passive API Legacy data centers Corporate infrastructure Continuous security and compliance scanning Private cloud infrastructure Virtualized Infrastructure Continuous security and compliance scanning Commercial IaaS & PaaS clouds Pre-certified in market place Fully automated with API orchestration Continuous security and compliance scanning Light weight, multiplatform On premise, elastic cloud & endpoints Real-time data collection Continuous evaluation on platform for security and compliance Passively sniff on network Real-time device discovery & identification Identification of APT network traffic Extract malware files from network for analysis Integration with Threat Intel feeds CMDB Integration Log connectors 5

Sensor Platform - Cloud Agents Cloud connected, centrally managed, always up-to-date Supports on-premises servers, public clouds, user endpoints VM IOC PC AI FIM SCA Consolidate multiple security solutions with one agent Activate new Qualys apps without requiring reinstall or reboot Lightweight ~ 3MB 6

Data Platform-as-a- Right database for the right use case Highly scalable architecture Predictable performance at scale Distributed and fault-tolerant Multi-datacenter support Open-source Commodity hardware 7

Data Platform-as-a- Kafka Elasticsearch Cassandra Redis Ceph Asynchronous, event-driven architecture Foundation for Qualys Cloud Platform Over 2.5 billion messages per day Search for anything Over 620 billion data points indexed Estimating about 1 trillion data points be year end Low latency storage Source of truth for data across multiple products In-memory cache Improved system performance for frequently accessed data Object storage Moving Oracle and in-house blob storage into Ceph 8

Microservices & Cloud Native Architectures Reduce risk and ship faster Change how we design and build applications and services Monoliths to microservices Well defined APIs Packaged in containers Deployed on elastic infrastructure 12-Factor apps CI/CD, Registry, Config Servers 9

DevOps Increased Efficiency Goal is to make software delivery vastly more efficient Supporting about 80 shared and private cloud deployments. 10

Automation - Infrastructure as Code Treat systems running your software as if they themselves are software Automate Infra provisioning Configuration management Deployments.all using code 11

Monitoring Systems - Observability Centrally monitor across all platforms using a single-pane view End-to-end monitoring using Time series metrics Distributed tracing Log aggregation & analytics Alerting 12

Integrated Security - DevSecOps Built-in security practices across the DevOps lifecycle Qualys-on-Qualys Manage vulnerabilities Comply with policies Secure and shield web apps Validate file integrity Monitor systems 13

Qualys Cloud Platform Integrated Suite of Integrated Applications Suite of Applications CA AI VM CM TP FIM PC PCI SAQ IOC WAS WAF Shared s Authentication Authorization Subscription Indexing Data Sync Tagging Messaging, Data, Analytics Platform Infrastructure and DevOps Toolchain Logging Monitoring Config Mgmt. Registry CI/CD Docker/ Kubernetes 14

Qualys Cloud Applications ASSET MANAGEMENT AI Asset Inventory Maintain full, instant visibility of all your global IT assets SYN CMDB Sync Synchronize asset information from Qualys into Now CMDB CI Cloud Inventory Inventory of all your cloud assets across AWS, Azure, GCP and others CRI Certificate Inventory Inventory of TLS/SSL digital certificates on a global scale IT SECURITY VM Vulnerability Management Threat Protection Continuous Monitoring Continuously detect and protect against attacks, anytime, anywhere TP Pinpoint your most critical threats and prioritize patching CM Alerts you in real time about network irregularities IOC Indication of Compromise Continuously monitor endpoints to detect suspicious activity CS Container Security Discover, track, and continuously protect containers CRA Certificate Assessment Assess all your digital certificates for TLS/ SSL vulnerabilities Patch Management (Beta) Select, manage, and deploy patches to remediate vulnerabilities COMPLIANCE MONITORING PC Policy Compliance Assess security configurations of IT systems throughout your network PCI PCI Compliance Automate, simplify and attain PCI compliance quickly FIM File Integrity Monitoring Log and track file changes across global IT systems SCA Security Configuration Assessment Automate configuration assessment of global IT assets CSA Cloud Security Assessment SAQ Security Assessment Questionnaire Get full visibility and control across all public cloud instances Minimize the risk of doing business with vendors and other third parties WEB APPLICATION SECURITY WAS Web Application Scanning Secure web applications with end-to-end protection WAF Web Application Firewall Block attacks and virtually patch web application vulnerabilities 15

Advanced Correlation & Analytics ML/AI Patterns Outlier Predictive SoC Orchestration & Automation Integration Playbooks Response UEBA User & Entity Behavior Analytics Threat Hunting Search Exploration Behavior Graph Security Analytics Anomaly Visualization Dashboard Advanced Correlation Actionable Insights Out-of-box Rules Qualys Security Data Lake Platform Data Ingestion Normalization Enrichment Governance CA VM AI PC IOC WAS WAF Network Security Server End Point Qualys Apps Apps Cloud Users IoT Qualys Quick Connectors 16

18 QUALYS SECURITY CONFERENCE 2018 Thank You Dilip Bachwani dbachwani@qualys.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback