HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

Similar documents
CSP 2017 Network Virtualisation and Security Scott McKinnon

Securing the Modern Data Center with Trend Micro Deep Security

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Enterprise & Cloud Security

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Securing Your Cloud Introduction Presentation

Qualys Cloud Platform

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

The Evolution of Data Center Security, Risk and Compliance

LEAD YOUR CLOUD TRANSFORMATION. Copyright 2013 EMC Corporation. All rights reserved.

Cloud Computing Private Cloud

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

The Oracle Trust Fabric Securing the Cloud Journey

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

Copyright 2011 Trend Micro Inc.

Clearing the Path to Micro-Segmentation. A Strategy Guide for Implementing Micro- Segmentation in Hybrid Clouds

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Proactive Approach to Cyber Security

Enabling Fast IT. In the IoE era. Alberto Degradi DCV Sales Leader. November 2014

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

SYMANTEC DATA CENTER SECURITY

Critical Hygiene for Preventing Major Breaches

Transforming Security Part 2: From the Device to the Data Center

Changing The Conversation: Infrastructure as a Service

Bromium: Virtualization-Based Security

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

RSA NetWitness Suite Respond in Minutes, Not Months

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Rethinking Security: The Need For A Security Delivery Platform

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

Popular SIEM vs aisiem

CLOUD WORKLOAD SECURITY

Commercial Product Matrix

Security as Code: The Time is Now. Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS

Best Practices in Securing a Multicloud World

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

AppDefense Getting Started. VMware AppDefense

Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Build a Software-Defined Network to Defend your Business

Microsoft Security Management

Weaving Security into Every Application

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Transforming IT: From Silos To Services

Stopping Advanced Persistent Threats In Cloud and DataCenters

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

Security Made Simple by Sophos

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Copyright 2012 EMC Corporation. All rights reserved. Obrigado

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Deception: Deceiving the Attackers Step by Step

Copyright 2013 EMC Corporation. All rights reserved.

Securing Digital Transformation

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

The threat landscape is constantly

Panda Security. Corporate Presentation. Gianluca Busco Arré Country Manager

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

Datacenter Security: Protection Beyond OS LifeCycle

Security Readiness Assessment

Closing the Hybrid Cloud Security Gap with Cavirin

AKAMAI CLOUD SECURITY SOLUTIONS

No Limits Cloud Introducing the HPE Helion Cloud Suite July 28, Copyright 2016 Vivit Worldwide

FOR FINANCIAL SERVICES ORGANIZATIONS

MODERNIZE INFRASTRUCTURE

CloudSOC and Security.cloud for Microsoft Office 365

Protecting organisations from the ever evolving Cyber Threat

Realities and Risks of Software-Defined Everything (SDx) John P. Morency Research Vice President

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Agenda Integrated Multi-Cloud Management (imcm) TOPIC Context and Solution Overview Common Challenges and Opportunities 4-5 Key Elements and Features

the SWIFT Customer Security

Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape

Copyright 2015 EMC Corporation. All rights reserved. STRATEGIC FORUM PAT GELSINGER CEO, VMware

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

Symantec and VMWare why 1+1 makes 3

Ransomware & Modern DR: Risky Business

Securing Your Virtual World Harri Kaikkonen Channel Manager

Security Fundamentals for your Privileged Account Security Deployment

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Build Your Zero Trust Security Strategy With Microsegmentation

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

SAFE JOURNEY TO THE CLOUD. Eric Meadows Cloud Security Team

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

The Etihad Journey to a Secure Cloud

Dell EMC Forum. Martin Niemer 5.October VMware Inc. All rights reserved.

Dynamic Datacenter Security Solidex, November 2009

Fast IT - Policy Driven Infrastructure for the Intercloud World

Introduction to Amazon Cloud & EC2 Overview

A Risk Management Platform

Transcription:

#RSAC SESSION ID: SPO3-T07 HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE Tom Corn Senior Vice President/GM Security Products VMware @therealtomcorn

Increase in Security Losses Forecasted Growth in Overall IT Spend Growth in Security Spend 26% (since 2014) 4.5% 10.2% (since 2017) $3.7 Trillion in 2018 Gartner Press Release, Gartner Says Global IT Spending to Reach $3.7 Trillion in 2018, January 16, 2018 $91.4 Billion in 2018 Source: IDC, Worldwide Semiannual Security Spending Guide, #US42570018, March 2018 $600 Billion in 2017 Source: Center for Strategic and Int l Studies, Economic Impact of Cybercrime, February, 2018 2

Security Controls 3

Threat Landscape Nation States Organized Crime Hacktivists Agile Apps Center / Cloud Infrastructure End User Infrastructure Compute Network Storage Users Devices Access Modernization 4

Dynamics of an Attack Attacker Infiltration Propagation Extraction Exfiltration Defender 5

Dynamics of an Attack Attacker Infiltration Propagation Extraction Exfiltration Defender 6

Home-court advantage noun the advantage that you have over an opponent when a sports contest takes place at your own sports field or court. Macmillan Dictionary 7

Home-court advantage 8

Home-Court Advantage Bedroom Kitchen Living Room Playroom Courtyard Outdoor Kitchen Bathroom Master Bedroom Study Garage 9

Home-Court Advantage Comes From Understanding how your family uses your home, and using that context to shrink your security posture Family Bedroom Kitchen Living Room Playroom Courtyard Outdoor Kitchen Bathroom Master Bedroom Study Garage 10

If You Want Home-Court Advantage Take advantage of what you know better than an attacker Detect Threats Family Shrink the Attack Surface 11

Why don t we get homecourt advantage in cyber security? 12

We Keep All the Lights On, and All the Rooms Open Bedroom Room Kitchen Room Living Room Room Playroom Room Courtyard Outdoor Room Kitchen Bathroom Room Master Room Bedroom Room Study Garage Room 13

14

We See Through an Infrastructure Lens Monitor Perimeter For Threats Monitor Network For Threats Monitor Endpoint For Threats 15

If We Compartmentalize at All, it s Aligned to an Infrastructure Lens Bedrooms Bathrooms Kitchens Living Rooms 16

17

18

Threat Posture 19

We Should Focus More on Core Protection Strategies Gartner Market Guide for Cloud Workload Protection Framework Figure 1. Cloud Workload Protection Controls Hierarchy, 2018 Gartner, Inc. AV Less Critical Deception HIPS with Vulnerability Shielding Server Workload EDR Behavioral Monitoring IaaS at Rest Encryption Important, but often provided outside of CWPP Optional Server Protection Strategies Exploit Prevention / Memory Protection Application Control / Whitelisting System Integrity Monitoring / Management Core Server Protection Strategies Network Firewalling, Segmentation and Visibility Hardening, Configuration and Vulnerability Management Foundational No arbitrary code No email, web client Admin Privilege Management Change Management Log Management Operations Hygiene Restricted Physical and Logical Perimeter Access Source: Gartner, Market Guide for Cloud Workload Protection Platforms, Neil MacDonald, March 26th 2018. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. 20

And We Should Focus on Applications and And how they use the infrastructure versus focusing just on the infrastructure Family Bedroom Room Kitchen Room Living Room Room Playroom Room Courtyard Outdoor Room Kitchen Bathroom Room Master Room Bedroom Room Study Garage Room 21

Cyber Threats Residual Risk Apps Cyber Hygiene Attack Surface Micro- Segmentation Least Privilege Encryption Multi-Factor Authentication Patching 22

Apps Apps 23

Threat Landscape Nation States Organized Crime Hacktivists Agile Apps Center / Cloud Infrastructure End User Infrastructure Compute Network Storage Users Devices Access Modernization 24

Compute Network Storage Users Devices Access Cloud & Mobile Infrastructure Can the unique properties of cloud and mobile be the solution versus the problem? 25

Virtualization Mobility Apps 26

Security Controls Arch/Eng SOC GRC Compute Network User Device SaaS Context Control SDDC Apps User Access Layer Virtualization Mobility Compute Network Users Devices Access Secure Infrastructure 27

Cyber Threats Residual Risk Apps Cyber Hygiene Attack Surface Micro- Segmentation Least Privilege Encryption Multi-Factor Authentication Patching 28

Apps Secure Infrastructure Compute Network Users Devices Access 29

Changing the Application Security Model From chasing bad to ensuring good 10010101010011001010010101010101101001 01010100110010100101010101011010010101 01001100101001010101010110100101010100 11001010010101010101101001010101001100 10100101010101011010010101010011001010 01010101010110100101010100110010100101 01010101101001010101001100101001010101 01011010010101010011001010010101010101 Chasing Bad 10100101010100110010100101010101011010 01010101001100101001010101010110100101 01010011001010010010101011010010101010 01100101001010101010110100101010100110 01010010101010101101001010101001100101 OS 75,000,000 75 00101010101011010010101010011001010010 10101010101001010101001100101001010101 0101101 Processes Processes Processes Ensuring Good Compute Network Users Devices Access 30

Processes Processes Processes App Web Processes Processes Processes OS OS Apps Processes Processes Processes Storage DB Processes Processes Processes OS OS Compute Network Users Devices Access 31

Protecting Applications in Virtualized and Cloud Environments Learn Protect Capture & Analyze Detect Respond Manifest Manifest Compute Network Users Devices Access 32

Uniquely Leverage the Hypervisor Application Isolation Automation What was Provisioned What is Running Compute Network Users Devices Access 33

Capture & Analyze Capture the purpose and intended state of applications and VMs Learn Protect Capture & Analyze Detect Respond Off-the-shelf apps OTS Software base Machine Learning Custom apps CI/CD pipeline [Provisioning systems] [Automation frameworks] Intended State Engine App Scope Manifest Manifest Manifest vcenter ESX Compute Network Users Devices Access 34

Detect Runtime application attestation and secure manifest store Learn Protect Capture & Analyze Detect Respond Processes Processes Processes Processes Processes Processes Processes Processes Processes OS OS OS AppDefense Monitor AppDefense Monitor AppDefense Monitor Manifest Manifest Manifest Protected zone Compute Network Users Devices Access 35

Respond Orchestrated incident response routines for the SOC Learn Protect Capture & Analyze Detect Respond Secure infrastructure Integrated Ecosystem Snapshot Quarantine Block/Alarm Network Blocking Compute Network Users Devices Access 36

Review and Readiness Collaboration between security teams and application teams Learn Protect Review Detect Continuous Learning Continuous Protection Readiness Respond Compute Network Users Devices Access 37

Review and Readiness Collaboration Between Security Teams and Application Teams Figure 2: DevSecOps: Secure Development as a Continuous Improvement Process 2017 Gartner, Inc. Dev Sec Ops Create Plan Continuous Improvement Prevent Continuous Configuration Detect Continuous Integration Monitoring and Analytics Adapt Release Monitoring and Analytics Continuous Monitoring Verify Continuous Deployment Continuous Learning Respond Preprod Predict Continuous Delivery Source: Gartner,10 Things to Get Right for Successful DevSecOps, Neil MacDonald, October 03 2017. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. 38

Demo

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 40

Enabling Richer Security Controls Security Controls MSSP SIEM GRC EDR Containers Network User Device SaaS Control Context Apps SDDC User Access Layer Compute Network Secure Infrastructure Users Devices Access Source: Momentum Partners Cyberscape 2017 41

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 42

App Web Apps Storage DB Compute Network Users Devices Access 43

App Web Apps Storage DB Compute Network Users Devices Access 44

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 45

Enabling Richer Security Controls Security Controls Arch/Eng SOC GRC EndPoint Network User Device SaaS Control Context Apps SDDC User Access Layer Compute Network Secure Infrastructure Users Devices Access Source: Momentum Partners Cyberscape 2017 46

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 47

App Web Application Apps Storage DB Compute Network Users Devices Access 48

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 49

App Web Apps Storage DB Compute Network Users Devices Access 50

Validate and Verify Right user + right device + right app Private Cloud Apps SaaS Insertion Point Insertion Point Public Cloud Compute Network Users Devices Access 51

Security Controls Apps Secure Infrastructure Compute Network Users Devices Access 52

Enabling Richer Security Controls Security Controls Arch/Eng SOC GRC Compute Network Identity Device CASB Control Context Apps SDDC User Access Layer Compute Network Secure Infrastructure Users Devices Access Source: Momentum Partners Cyberscape 2017 53

If You Want Home-Court Advantage Take advantage of what you know better than an attacker Detect Threats Family Shrink the Attack Surface 54

Cyber Threats Residual Risk Apps Micro- Segmentation Least Privilege Encryption Multi-Factor Authentication Patching Cyber Hygiene Attack Surface 55

Transforming CYBERSecurity Security Controls Arch/Eng SOC GRC Compute Network User Device SaaS Control Context Apps SDDC User Access Layer Compute Network Secure Infrastructure Users Devices Access Source: Momentum Partners Cyberscape 2017 56

Compute Network Users Devices Access Secure Infrastructure Go beyond: Securing Cloud & Mobility To using: Cloud & Mobility to Secure 57

#RSAC SESSION ID: SPO3-T07 HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE Tom Corn Senior Vice President/GM Security Products VMware @therealtomcorn

Transforming CYBERSecurity Security Controls Arch/Eng SOC GRC Compute Network User Device SaaS Control Context Apps SDDC User Access Layer Compute Network Secure Infrastructure Users Devices Access Source: Momentum Partners Cyberscape 2017 59

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback