1 / 27

Cloud Security:

Cloud Security:. Enabling Continuous, Scalable Security for Today’s Hyper Connected World. By Sumedh Thakar. Sumedh Thakar 15 years architecting cloud platforms; 10 years in Cyber Security VP of Research and Development. About me. Qualys, Inc. Established Leader in Enterprise Security

lilith
Download Presentation

Cloud Security:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cloud Security: Enabling Continuous, Scalable Securityfor Today’s HyperConnected World By Sumedh Thakar

  2. Sumedh Thakar 15 years architecting cloud platforms; 10 years in Cyber Security VP of Research and Development About me Qualys, Inc. Established Leader in Enterprise Security Deployed in 55 of Fortune 100 Vulnerability, Threat, Compliance & Web Security Global platform that performs 1 Billion+ scans annually

  3. What is the real challengeof cyber security today? • Scale

  4. Why care about securityat scale? • Perimeter ischanging dramatically

  5. What is the NEW perimeter? Web Applications PhysicalData Center Mobile IaaS/PaaS VirtualData Center

  6. 50B The Internet of Things is Here 25B • In 2012 2.4 Billionpeople • connected to the Internet INTERNET OFTHINGS 12B 500M SOCIAL NETWORKS 250M 100M Internet Connected Devices .COM ARPANET WWW HTML TCPIP

  7. Why care about security at scale? Web Applications PhysicalData Center Mobile • Attacks are • non-stop IaaS/PaaS VirtualData Center

  8. How many attacks? • Honestly too manyto count

  9. How do breaches happen? • In 2012, • External Threats made up • 98%of all breachescompared to 70% in 2007 • *Source: Verizon data breach report 2012

  10. How do breaches happen? • 88% of all hacking attacks • use remote access from the internet • *Source: Verizon data breach report 2012

  11. How do breaches happen?(In 2012) 81% 69% 10% 7% 5% +31% +20% Incorporatedmalware • utilized some formof hacking -19% Involved physicalattacks -4% employed socialtactics -12% resulted fromprivilege misuse • *Source: Verizon data breach report 2012

  12. Web applications are the underbelly of the internet They are Everywhere!

  13. Web application security is a challenge They are Custom

  14. Are you ready to protectagainst this onslaught?

  15. Is it enough to scan and pentest once a quarter? Security Needsto be Continuous

  16. Continuous = Automation Security built into infrastructure Always ON Always analyzing Continuous monitoring

  17. Sounds Impossible? Today’s tools need to evolve It’s not a choice anymore

  18. New Security Architectureis needed • Legacy Enterprise Point SolutionsDo Not Scale

  19. Cloud Oriented Architecture

  20. Cloud Oriented Architecture Web Applications PhysicalData Center Mobile IaaS/PaaS VirtualData Center

  21. Security Platform based on COA Globally distributed Embedded in infrastructure Continuous Discovery Analyze and correlate in real time Alerting and reporting for appropriate stakeholders

  22. COA platform enables Continuous Security at Scale Full 360 deg global visibility Scan/discover all assets daily Correlate diverse security data Integrate into SDLC Track compliance globally

  23. Continuous Security and COA examples Monitor your perimeter by the minute? Fix vulnerabilities that matter? Is your Malware solution effective all alone? Web application security is manual?

  24. COA platform deployment COA can be a private cloud

  25. Continuous Security: Case Study US Department of State 400 worldwide embassies Grades based on formula Scan every 3 days 85% hosts fixed in 6 days

  26. Continuous Cloud Security You CAN protect yourself • More than • 80%of all breaches • are from known vulnerabilities

  27. SANS Top 20 www.sans.org/critical-security-controls/ Laws of Vulnerabilities laws.qualys.com SSL Pulse www.trustworthyinternet.org/ssl-pulse/‎ Thank Yousthakar@qualys.com

More Related