How to Secure Your Cloud with...a Cloud?

Similar documents
Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

MSS VSOC Portal Single Sign-On Using IBM id IBM Corporation

IBM MaaS360 Kiosk Mode Settings

Best Practices in Securing a Multicloud World

ISAM Advanced Access Control

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

IBM Application Security on Cloud

Predators are lurking in the Dark Web - is your network vulnerable?

Fabrizio Patriarca. Come creare valore dalla GDPR

IBM Security Network Protection Open Mic - Thursday, 31 March 2016

RHM Presentation. Maas 360 Mobile device management

AppScan Deployment APPLICATION SECURITY SERVICES. Colin Bell. Applications Security Senior Practice Manager

Integrate IBM Rational Application Developer and IBM Security AppScan Source Edition

Ponemon Institute s 2018 Cost of a Data Breach Study

IBM Security Network Protection Solutions

IBM Threat Protection System: XGS - QRadar Integration

Securing global enterprise with innovation

Security Update PCI Compliance

Deploying Lookout with IBM MaaS360

ISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.

IBM Security Access Manager

Integrated, Intelligence driven Cyber Threat Hunting

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

The New Era of Cognitive Security

MaaS360 Secure Productivity Suite

XGS: Making use of Logs and Captures

IBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

McAfee epolicy Orchestrator

The McGill University Health Centre (MUHC)

May the (IBM) X-Force Be With You

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

IBM Future of Work Forum

XGS & QRadar Integration

Be effective in protecting against the cybercrime

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Cisco Collaborative Knowledge

Go mobile. Stay in control.

Office 365 Buyers Guide: Best Practices for Securing Office 365

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Accelerating growth and digital adoption with seamless identity trust

Securing Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely

Next-Gen CASB. Patrick Koh Bitglass

Security Support Open Mic: ISNP High Availability and Bypass

Understanding scan coverage in AppScan Standard

Continuous Diagnostics and Mitigation demands, CyberScope and beyond

IBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

IBM Next Generation Intrusion Prevention System

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Combatting advanced threats with endpoint security intelligence

Managed Security Services - Endpoint Managed Security on Cloud

What's new in AppScan Standard/Enterprise/Source version

Digital Workspace SHOWDOWN

Disk Space Management of ISAM Appliance

McAfee MVISION Mobile epo Extension Product Guide

Imperva Incapsula Website Security

Enhanced Threat Detection, Investigation, and Response

Lookout Mobile Endpoint Security. Deploying Lookout with BlackBerry Unified Endpoint Management

CloudSOC and Security.cloud for Microsoft Office 365

Everything visible. Everything secure.

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Mobilize your corporate content and apps

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Device Discovery for Vulnerability Assessment: Automating the Handoff

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

IDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY

The Cognito automated threat detection and response platform

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Security Support Open Mic Build Your Own POC Setup

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Cognito Detect is the most powerful way to find and stop cyberattackers in real time

How AppScan explores applications with ABE and RBE

Introducing IBM Lotus Sametime 7.5 software.

WebSphere Commerce Developer Professional

ForeScout ControlFabric TM Architecture

Brochure. Security. Fortify on Demand Dynamic Application Security Testing

SYMANTEC DATA CENTER SECURITY

McAfee Endpoint Threat Defense and Response Family

Let s Talk About Threat Intelligence

What's new in AppScan Standard version

Vectra Cognito. Brochure HIGHLIGHTS. Security analyst in software

IBM Internet Security Systems Proventia Management SiteProtector

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

IBM Security Access Manager v8.x Kerberos Part 2

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

CLOUD WORKLOAD SECURITY

Lookout Mobile Endpoint Security. AirWatch Connector Guide

Securing Your Cloud Introduction Presentation

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Configuring zsecure To Send Data to QRadar

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Cisco Firepower NGFW. Anticipate, block, and respond to threats

THREE-PART GUIDE TO DEVELOPING A BYOD STRATEGY WHITE PAPER FEBRUARY 2017

Transcription:

A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1

A New Era of Thinking Agenda IBM Cloud Security Enforcer IBM MaaS360 IBM Application Security on Cloud Demo 2 A New Era of Thinking 2

IBM Cloud Security Enforcer The first CASB solution with integrated access control, visibility, and threat protection

A New Era of Thinking Cloud is here to stay, are you ready to move with the business? EMPLOYEES IT OPERATIONS YOUR BUSINESS Look for better ways to get their jobs done Find cloud services quick and easy to use Wants to save money and reduce complexity Wants to automate and consolidate IT Loses visibility and control over IT New risk requires new safeguards 4 4

A New Era of Thinking Security and IT leaders face new challenges My team is not equipped to manage the increased employee usage and demand for cloud CISO / CIO: How does my organization? Uncover Shadow IT Gain visibility of all cloud app usage Simplify connecting to approved apps Remove mobile blind spots Stop risky user behavior Quickly react to cloud threats Address compliance and governance concerns 5 5

A New Era of Thinking Introducing IBM Cloud Security Enforcer DETECT Usage of cloud apps and actions CONNECT Users to approved cloud apps PROTECT Against cloud-related threats 6 6

A New Era of Thinking DETECT APPROVED / SHADOW APPS Discover thousands of cloud apps View analytics and risk reports Chart progress over time 7 7

A New Era of Thinking DETECT DETAILED USER ACTIVITY Correlate cloud activity to employees Identify suspicious activities and trends See and respond to priority alerts 8 8

A New Era of Thinking GitHub Connecter GitHub Connecter for NA Dev Team September 30, 2015 CONNECT THE BUSINESS TO APPROVED APPS, DISABLE OTHERS On/Off toggles for cloud access Correct out of policy application usage 9 9

A New Era of Thinking CONNECT USERS TO CLOUD APPS Display approved app catalog Enable self-onboarding Find and use apps faster 10 10

A New Era of Thinking PROTECT AGAINST RISKY APPS Understand cloud app reputation Prioritize apps based on past threats Limit interaction with unsafe apps 11 11

A New Era of Thinking PROTECT AGAINST RISKY BEHAVIOR Establish user risk ratings Address rogue cloud app usage Block specific actions to/from the cloud 12 12

A New Era of Thinking Key takeaways 1 2 3 4 Industry s first solution to combine cloud discovery, access, and threat prevention Connect users to Cloud apps in seconds Protect against Cloud threats using IBM s network of threat intelligence Speed cloud adoption, making your employees more productive 13 ibm.com/security/cloud-enforcer 13

IBM MaaS360 Delivering secure mobile enablement for the way people work and collaborate with colleagues and customers

Productivity and protection without compromise CIO How do I manage the rapid deployment of devices in a costeffective way? CISO How do I ensure authorized access to customer data and protect against threats? LOB How do I enable my workforce with the right apps and user experience at the right time? 15 IBM Security

Mobile is complex and challenging App explosion Device choice & email Content access Fast pace of change Mobile users Varying work styles Native experience Privacy concerns CIO/CISO Enable business Information sprawl Data security Business visibility Awash in data Mobile blind spots Compliance reporting 16 IBM Security

IBM MaaS360 delivers secure productivity for enterprise Secure, seamless access Contain data with secure productivity apps Grant contextual access & SSO to cloud apps Provide multi-factor authentication Advanced data protection Apply configuration-based malware detection Browse securely with global threat intelligence Enable device-agnostic, network-based protection Enterprise visibility and control Extend visibility to any endpoint, anywhere Create intelligent policies & compliance rules Detect and remediate risks & advanced threats 17 IBM Security

Unleashing end-user productivity Secure PIM Secure Browser App Security & Management File Sync, Edit & Share Trusted Workplace Separates work & personal data with anytime access to corporate resources Works across ios, Android & Windows mobile platforms with a native user experience Supports Microsoft, Google, IBM, Box & other collaboration tools, apps & containers 18 IBM Security

Benefits of using IBM MaaS360 Easily manage your devices See all your devices in one place and remotely manage right over-the-air (OTA) Quickly deploy private and public apps Promote, distribute and update approved apps using an interactive catalog Collaborate with content on-the-go Mobilize content and files to stay productive anytime, anywhere Keep apps and data secure Help users get the information they need without risk of data leakage Simply connect to business systems Integrate with enterprise systems so you can use existing infrastructure and data repositories 19 IBM Security

What sets IBM MaaS360 apart Best EMM solution to support any deployment Best user experience with the fastest time to value Best integration to secure infrastructure Best-inclass cloud on a mature, trusted platform Delivered and supported by the most trusted leader in mobile management and security 20 IBM Security

IBM Application Security on Cloud Security applications was never easier

Identify and remediate high-priority vulnerabilities IBM Application Security on Cloud Simple As easy a 1-2-3 Fast Fully Automated solution Comprehensive Based on AppScan engines Safe Meets IBM Security standards Improve your application security effectiveness #CoverYourApps 22

IBM Application Security on Cloud Easy as 1, 2, 3! Does my application contain security vulnerabilities? Simple 1 2 3 Enter URL / upload application Scan the application Review the report Complimentary Trial at ibm.biz/applicationsecurity 23

Register, scan and generate results QUICKLY Fast Convenient registration for immediate access to service Simple Complimentary Plan provides summary report on any application Minimal to no set-up time for your environment Launch security scans 24 x 7 x 365 Superior results without needing behind the scenes experts Fast application scanning using Security-as-a-Service (SaaS) 24

QUICKLY plug into your application lifecyle Streamlined incorporation into existing DevOps / continuous integration frameworks Fully Automated No waiting on manual steps Scan daily, weekly Trigger scans based on code changes Plugins simplify setup e.g. UrbanCode, Maven, VS, eclipse Extend your environment with robust REST API Automation drives early detection and reduces cost to fix! 25

One stop shop for all of your application security testing Analyze everything Comprehensive Web apps Mobile apps Desktop apps Run all tests types DAST SAST IAST Find potential vulnerabilities through automated testing 26

Powerful and comprehensive Proven scanning engines powered by IBM Security AppScan Highly accurate identification of dozens of OWASP Top 10 vulnerabilities IBM X-Force Threat Intelligence Comprehensive Open Web Application Security Project (OWASP) Top 10 Regular IBM X-Force Threat Intelligence updates IBM Security AppScan Prioritized results focus the team on high-risk vulnerabilities 27

Applying Cognitive Computing to security vulnerability analysis Machine learning with Intelligent Findings Analytics* Comprehensive Learned results Reduce false positives AppScan results Minimize unlikely attack scenarios Provide fix recommendations that resolve multiple vulnerabilities Intelligent Findings Analytics Fully automated review of scan findings Trained by IBM Security Experts Early and repeatable vulnerability analysis drives cost reduction for fixes 1 * Patents pending 1 Poneman Institute estimates the cost to fix a defect if found early in development at $80, while it costs around $960 to fix if found in QA 28

Intelligent Findings Analytics Real-World Results 90-95% average reduction to security analyst workload Integrates right back into the development workflow Fix an average of 5-50+ issues in a single place in the code IFA Example Real-World Applications Scan Findings Vulnerabilities Fix Recommendations Application 1 55,132 14,050 60 Application 2 12,480 1,057 35 Application 3 247,350 1,271 103 Reduction of more then 99.95% 29

A New Era of Thinking Demo 30 A New Era of Thinking 30

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback