Applying a Holistic Defense-in- Depth Approach to The Cloud (with a dash of application security thrown in)
|
|
- Wilfred Lawrence
- 8 years ago
- Views:
Transcription
1 Applying a Holistic Defense-in- Depth Approach to The Cloud (with a dash of application security thrown in) NiKSUN World Wide Security & Mobility Conference 25-July-2011 Barry Lyons IV, CISSP Senior Cyber Architect, Northrop Grumman
2 At the end of this presentation, you will: Have a security framework to BETTER SECURE THE CLOUD Know how to make your APPLICATIONS MORE SECURE But First 2
3 Barry Lyons IV Founder of FADD! Had to implement proactive security measures 3
4 4 An Excellent Solution
5 5 What is the Cloud?
6 Attributes of Cloud Computing 6 Courtesy of Microsoft Corporation
7 NIST Working Definition of Cloud Computing Essential Characteristics Service Models Deployment Models 7
8 Software as a Service (SaaS) Service Models Consumer does not manage or control The underlying infrastructure The applications 8
9 Platform as a Service (PaaS) Service Models Consumer does not manage or control: The underlying infrastructure But does have control over applications 9
10 Infrastructure as a Service (IaaS) Service Models Consumer does not manage or control: The underlying infrastructure But can deploy S/W (O/S & applications) 10
11 You manage You manage You manage Stated Another Way (On- Premises) Infrastructure (as a Service) Platform (as a Service) Software (as a Service) Applications Applications Applications Applications Data Data Data Data Runtime Middleware O/S Virtualization Servers Storage Networking Runtime Middleware O/S Virtualization Servers Storage Networking Managed by vendor Runtime Middleware O/S Virtualization Servers Storage Networking Managed by vendor Runtime Middleware O/S Virtualization Servers Storage Networking Managed by vendor 11 Courtesy of Microsoft Corporation
12 Public Cloud Deployment Models Available to the general public Owned by an organization selling cloud services 12
13 Private Cloud Deployment Models Operated solely for a single organization May be managed by a third party 13
14 Hybrid Cloud Deployment Models Two or more clouds Enables Cloud Bursting 14
15 Community Cloud Deployment Models Shared by several organizations Support a specific community with shared concerns 15
16 16 We have one more important concept to define
17 Defense-in-Depth 17 Photo courtesy of U.S. Navy.
18 Defense-in-Depth! 18 Photo courtesy of U.S. Navy.
19 People Process Technology Three Elements of Defense-in-Depth Photo courtesy of U.S. Navy. People Process Technology 19 People Process Technology
20 20 Challenges With Cloud Security
21 21 A Private Cloud On Its Own Can Be Made Very Secure
22 22 But When You Move to a Hybrid
23 The Door is Opened for Trouble to Enter If the Public Cloud has embedded vulnerabilities, or worse, embedded malware, it can populate the Private Cloud! 23
24 Another Challenge: The Hypervisor! Also called the virtual machine manager (VMM) Controls the host processor and resources Allocates what is needed to each operating system The Hypervisor CONTROLS the VM machines!» So you have to be cognizant of 24
25 Virtualization Hypervisor Attacks! Some Examples: Vm Escapes (DomU Dom0) Hypervisor hijacking (Dom0 Xen) Hypervisor rootkits (not just BluePill) And they can be initiated by 25
26 26 The Insider Threat!
27 Has anyone developed a Cloud Security Reference Model? 27
28 Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Cloud Security Alliance Reference Model Presentation Modality Presentation Platform APIs Applications Data Metadata Content Integration & Middleware APIs Core Connectivity & Delivery Abstraction Hardware Facilities Cloud Security Alliance, Cloud Security Alliance Guidance Version 2.1
29 Security Responsibility Cloud Security Alliance, Cloud Security Alliance Guidance Version 2.1
30 Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) How does security apply? Cloud Model Presentation Modality Presentation Platform APIs Applications Security Control Model Applications SDLC, Binary Analysis, Scanners, WebApp s, Transactional Sec. Compliance Model 30 Data Metadata Content Integration & Middleware APIs Core Connectivity & Delivery Abstraction Hardware Facilities 2009 Cloud Security Alliance, Cloud Security Alliance Guidance Version 2.1 Information Management Network Trusted Computing Compute & Storage, CMF, Database Activity Monitoring, Encryption GRC, IAM, VA/VM, Patch Management, Configuration Management, Monitoring NIDS/NIPS, s, DPI, Anti-DDoS, QoS, DNSSEC, OAuth Hardware & Software RoT & API s Host-based s, HIDS/HIPS, Integrity & File/log Management, Encryption, Masking PCI s Code Review WAF Encryption Unique User Ids Anti-Virus Monitoring/IDS/IPS HIPAA GLBA Physical Physical Paint Security, CCTV, Guards SOX Patch/Vulnerability Management Physical Access Control Two-Factor Authentication
31 31 The CSA Reference model is a great starting point, now let s make it even better!
32 Introducing a cyber reference model for defense and capability The Northrop Grumman Cyber Architecture Reference Series 32
33 The Fan - Layered Cybersecurity Defensive Reference Model OUTSIDE THREAT PROTECTION Secure DMZs Message Security (anti-virus, anti-malware) Honeypot IT Security Governance Security Policies & Compliance Security Architecture & Design Continuous C&A Perimeter Perimeter IDS/IPS Enclave/ DataCenter Cyber Threat Intelligence Northrop Grumman Corporation Enterprise IDS/IPS Threat Modeling Risk Management VoIP Protection Desktop Security Awareness Training Inline Patching Host IDS/IPS Penetration Testing Web Proxy Content Filtering Content Security (anti-virus, anti-malware) Static App Testing/Code Review Dynamic App Testing PKI DAR/DIM/DIU Protection Data Wiping Cleansing Vulnerability Assessment NAC Endpoint Security Enforcement WAF Identity & Access Management Enterprise Right Management Mission Critical Assets Inside Threats FDCC Compliance Database Monitoring /Scanning Data Classification Data Integrity Monitoring Data/Drive Encryption Escalation Management Enterprise Message Security Focused Ops Enterprise Wireless Security Patch Management Database Secure Gateway (Shield) Enterprise Remote Access Continuous Monitoring and Assessment Situational Awareness DHS Einstein SOC/NOC Monitoring (24x7) Incident Reporting, Detection, Response (CIRT) Security Dashboard SIEM Digital Forensics Security SLA/SLO Reporting
34 How Does the Fan Provide Reference? PERSISTENT ATTACKER PROTECTION Secure DMZs Message Security (anti-virus, anti-malware) Honeypot Perimeter IT Security Governance Security Policies & Compliance Security Architecture & Design Continuous C&A Perimeter IDS/IPS Enclave/ DataCenter Cyber Threat Intelligence Enterprise IDS/IPS VoIP Protection Desktop Threat Modeling Risk Management Security Awareness Training Inline Patching Host IDS/IPS Web Proxy Content Filtering Content Security (anti-virus, anti-malware) Static App Testing/Code Review Penetration Testing Dynamic App Testing PKI DAR/DIM/DIU Protection Data Wiping Cleansing Vulnerability Assessment NAC Endpoint Security Enforcement WAF Identity & Access Management Enterprise Right Management Mission Critical Assets Enterprise Message Security FDCC Compliance Database Monitoring /Scanning Data Classification Data Integrity Monitoring Data/Drive Encryption Escalation Management Enterprise Wireless Security Patch Management Database Secure Gateway (Shield) Focused Ops Enterprise Remote Access Continuous Monitoring and Assessment Situational Awareness DHS Einstein SOC/NOC Monitoring (24x7) Incident Reporting, Detection, Response (CIRT) Security Dashboard SIEM Digital Forensics Security SLA/SLO Reporting Northrop Grumman Corporation
35 Actual Use Case of The Fan Malicious outside User Compliant outside User ZONE 2 A Layered Defense-In-Depth Security Technology Approach Einstein Box Mail Relay Interscan Mail Sweeper Server shield (virtual patching) AV VA FIM PA WAF Server shield (virtual patching) Web Ftp AV VA PA FIM CR+AS Server shield (virtual patching) Directory App Database AV VA PA FIM CR+AS Internet Router Honeypot Outside UTM Switch ONE (SSL VPN) SDI/SDDI (IPSEC VPN) VA VA IDS/IPS BES Exchange Server shield (virtual patching) App Switch AV VA FIM PA Web Proxy IWSS AV VA FIM PA Inside IDS/IPS ZONE 1 LEGEND: ZONE 1 - Internet PRIVATE WAN Einstein Box Router Mobile User (Endpoint Security Protected) Router UTM VPN firewall Encryptor ` Laptop Desktop Overseas Post VA AV Wireless AP DC/DNS/ Exchange FDCC PA WIDPS AV VA Auth FDCC PA Map/Location Rogue Detection WiFi Entry UTM firewall ONE User SDI/SDDI User (Endpoint Security (Endpoint Security Protected) Protected) IPSEC Router VPN Encryptor IDS/IPS Internal WAN VOIP BlackBerry UTM firewall SDI/SDDI Policy Server Policy DB DC/DNS/ Exchange AV DHCP VA PA FIM Enterprise Users (NAC/NAP) Patch, Anti-virus, Anti-malware distribution UTM firewall UTM firewall ONE Restricted Network Remediation Servers Citrix ` FDCC Compliant Desktop/Laptop NFuse BlackBerry PDA SafeWord Non-compliant Desktop/Laptop AV AV VA VA FDCC PA PA ZONE 3 ZONE 2 - DMZ ZONE 3 Enterprise End User Network ZONE 4 Data Center & Enclave Networks VA AV UTM firewall UTM firewall AV VA FIM CR+AS PA UTM firewall AV VA UTM firewall 35 PA AV VA FIM CR+AS FDCC Patching Anti-virus/spyware Vulnerability & Compliance Scan File Integrity Monitoring Code Review & Application Scan FDCC scan & enforcement Data Loss Prevention on Desktop/Laptop FIM PA Vuln/FDCC/ Web/DB Scanners, VPN, IDS/IPS Mgmt Servers Threat Analysis Security Policy NAC/NAP (DC,, AV (NPS, HRA, HRS) Malware, Spam) Security Mgmt Network SIEM Servers Virtual Shield Virtual patching for VMs Server shield (virtual patching) SAN NAS Data Center Domain Exchange Servers database File Servers Web/Ftp Mainframe Apps CA Keys PKI Network X.500/LDAP Mgmt Consloe FIM PA ` FDCC Compliant Desktop/Laptop Enclave Network Apps AV VA FIM FDCC PA ZONE 4
36 So how can we combine these reference models (cyber and cloud) to improve a SECURITY architecture? 36
37 Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Start with the Cloud Security Alliance Reference Model Presentation Modality Presentation Platform APIs Applications Data Metadata Content Integration & Middleware APIs Core Connectivity & Delivery Abstraction Hardware Facilities Cloud Security Alliance, Cloud Security Alliance Guidance Version 2.1
38 Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Blending The Security and Service Reference Models To Get Layered Security In The Cloud Presentation Modality Presentation Platform Secure DMZs APIs OUTSIDE THREAT PROTECTION Applications Message Security (anti-virus, anti-malware) Data Metadata Content Honeypot 38 Perimeter IT Security Governance Security Policies & Compliance Security Architecture & Design Continuous C&A Perimeter IDS/IPS Enclave/ DataCenter Cyber Threat Intelligence Enterprise IDS/IPS Desktop Threat Modeling Risk Management Security Awareness Training Copyright 2009 Cloud Security Alliance VoIP Protection Inline Patching Host IDS/IPS Content Security (anti-virus, anti-malware) Static App Testing/Code Review Penetration Testing Web Proxy Content Filtering Integration & Middleware Vulnerability Assessment NAC Endpoint Security Enforcement APIs Core Connectivity WAF Dynamic App Testing & Delivery PKI Abstraction Identity & Access DAR/DIM/DIU Management Protection Hardware Right Data Wiping Cleansing Enterprise Management Facilities Mission Critical Assets Enterprise Message Security FDCC Compliance Database Monitoring /Scanning Data Classification Data Integrity Monitoring Data/Drive Encryption Escalation Management Enterprise Wireless Security Enterprise Remote Access Patch Management Database Secure Gateway (Shield) Focused Ops Continuous Monitoring and Assessment Situational Awareness DHS Einstein SOC/NOC Monitoring (24x7) Incident Reporting, Detection, Response (CIRT) Security Dashboard SIEM Digital Forensics Security SLA/SLO Reporting 2009 Cloud Security Alliance, Cloud Security Alliance Guidance Version 2.1
39 Result - Fan Applied to The Cloud Layered Cyber Security Defense Framework Automated Compliance Automated Enforcement Policy Enforcement Vulnerability Mgmt Patch Update CM OUTSIDE THREAT Server Virtualization ENGINEERING & INFRASTRUCTURE Virtual Infrastructure Layered Cyber Security Defense Framework Virtual Desktop (VDI) Virtual Applications Secure DMZs Message Security (anti-virus, anti-malware) Honeypot Mobile NAC Enforce AV FDCC Enforce Continuous C&A Perimeter IT Security Governance Security Architecture & Design Security Policies & Compliance Perimeter IDS/IPS Enclave/ DataCenter Threat Modeling VoIP Protection Enterprise IDS/IPS Desktop Cyber Threat Intelligence Inline Patching Host IDS/IPS Security Technology Evaluation Risk Management Security Awareness Training Web Proxy Content Filtering Content Security (anti-virus, anti-malware) Dynamic App Testing Static App Testing/Code Review DAR/DIM/DIU Protection PKI Penetration Testing Data Wiping Cleansing Vulnerability Assessment NAC Endpoint Security Enforcement WAF Identity & Access Management Enterprise Right Management Mission Critical Assets Enterprise Message Security Enterprise Wireless Security FDCC Compliance Enterprise Patch Remote Access Database Monitoring /Scanning Data/Drive Encryption Management Database Data Secure Gateway Classification (Shield) Data Integrity Monitoring SOC/NOC Monitoring (24x7) Security Dashboard DHS Einstein Incident Reporting, Detection, Response (CIRT) Escalation Continuous Management Monitoring and Assessment Situational Focused Ops Awareness SIEM Digital Forensics Security SLA/SLO Reporting Managed Security Services Virt Security SaaS Storage Services 39 Acronyms & Abbreviations: 2010 Northrop Grumman Corporation DAR: Data At Rest DIM: Data In Motion DIU: Data In Use : Data Loss Prevention FDCC: Federal Desktop Core Configuration IDP: Intrusion Detection and Prevention NAC: Network Access Control PKI: Public Key Infrastructure SIEM: Security Information Event Management
40 BENEFIT A reference architecture that provides the framework to develop: Better Cloud Security Layered Cyber Security Defense Framework CM Automated Compliance Automated Enforcement Policy Enforcement Vulnerability Mgmt Patch Update Secure DMZs OUTSIDE THREAT ENGINEERING & INFRASTRUCTURE Message Security (anti-virus, anti-malware) Server Virtualization Virtual Infrastructure Honeypot Layered Cyber Security Defense Framework Virtual Desktop (VDI) Virtual Applications Enforce AV Mobile NAC FDCC Enforce Perimeter Perimeter IDS/IPS Enclave/ DataCenter Enterprise IDS/IPS Web Proxy Content Filtering Inline Patching VoIP Protection Host IDS/IPS Content Security (anti-virus, anti-malware) NAC Endpoint Security Enforcement Enterprise Message Security Enterprise Wireless Security FDCC Compliance Enterprise Patch Remote Access DHS Einstein WAF Database Management Dynamic App Testing IT Security Desktop Monitoring /Scanning Governance Static App Database Incident Reporting, Testing/Code Data Secure Gateway Security Identity & Access Detection, Response Review (Shield) Architecture Threat DAR/DIM/DIU Classification Management (CIRT) & Design Modeling Protection Data Integrity Escalation Cyber Threat Intelligence PKI Enterprise Right Monitoring Continuous Management Data Wiping Security Policies Management Monitoring Data/Drive Security Cleansing SOC/NOC Monitoring (24x7) and Assessment & Compliance Technology Evaluation Penetration Encryption Situational Testing Mission Security Dashboard Focused Ops Awareness Continuous Risk Security Awareness Vulnerability C&A Management Training Assessment Critical Assets SIEM Digital Forensics Security SLA/SLO Reporting Managed Security Services Virt Security SaaS Storage Services 40 BUT WAIT! There s more
41 What About Application Security? Layered Cyber Security Defense Framework Automated Compliance Automated Enforcement Policy Enforcement Vulnerability Mgmt Patch Update CM OUTSIDE THREAT Server Virtualization ENGINEERING & INFRASTRUCTURE Virtual Infrastructure Layered Cyber Security Defense Framework Virtual Desktop (VDI) Virtual Applications Secure DMZs Message Security (anti-virus, anti-malware) Honeypot Mobile NAC Enforce AV FDCC Enforce Continuous C&A Perimeter IT Security Governance Security Architecture & Design Security Policies & Compliance Perimeter IDS/IPS Enclave/ DataCenter Threat Modeling VoIP Protection Enterprise IDS/IPS Desktop Cyber Threat Intelligence Inline Patching Host IDS/IPS Security Technology Evaluation Risk Management Security Awareness Training Web Proxy Content Filtering Content Security (anti-virus, anti-malware) Dynamic App Testing Static App Testing/Code Review DAR/DIM/DIU Protection PKI Penetration Testing Data Wiping Cleansing Vulnerability Assessment NAC Endpoint Security Enforcement WAF Identity & Access Management Enterprise Right Management Mission Critical Assets Enterprise Message Security Enterprise Wireless Security FDCC Compliance Enterprise Patch Remote Access Database Monitoring /Scanning Data/Drive Encryption Management Database Data Secure Gateway Classification (Shield) Data Integrity Monitoring SOC/NOC Monitoring (24x7) Security Dashboard DHS Einstein Incident Reporting, Detection, Response (CIRT) Escalation Continuous Management Monitoring and Assessment Situational Focused Ops Awareness SIEM Digital Forensics Security SLA/SLO Reporting Managed Security Services Virt Security SaaS Storage Services 41 Acronyms & Abbreviations: 2010 Northrop Grumman Corporation DAR: Data At Rest DIM: Data In Motion DIU: Data In Use : Data Loss Prevention FDCC: Federal Desktop Core Configuration IDP: Intrusion Detection and Prevention NAC: Network Access Control PKI: Public Key Infrastructure SIEM: Security Information Event Management
42 Organizations that think they have secure code, BUT The Open Web Application Security Project (OWASP) OWASP Top 10 Application Vulnerabilities Injection Cross-Site Scripting (XSS) Broken Authentication and Session Management Insecure Direct Object References Cross-Site Request Forgery (CSRF) Security Misconfiguration Insecure Cryptographic Storage Failure to Restrict URL Access Insufficient Transport Layer Protection Unvalidated Redirects and Forwards 42
43 43 What is the solution?
44 We need to address two scenarios: Applications on the drawing board Applications that are already deployed 44
45 Software Not Yet Developed Define the SECURITY REQUIREMENTS! 45
46 Software development 101 Software Engineering Activities Security Engineering Activities 1. Determine Needs 1. Determine Information Protection Needs 2. Define Requirements 2. Define Security Requirements 3. Design Architecture 3. Embed Security Elements Within Architecture 4. Develop Detailed Design 4. Embed Security Elements Within Design 5. Develop Software 5. Test s/w as it is being developed to confirm security is built into the code 6. Assess Effectiveness 6. Assess Information Protection Effectiveness 46
47 Security Engineering Must Be Included Software Engineering Activities Security Engineering Activities 1. Determine Needs 1. Determine Information Protection Needs 2. Define Requirements 2. Define Security Requirements 3. Design Architecture 3. Embed Security Elements Within Architecture 4. Develop Detailed Design 4. Embed Security Elements Within Design 5. Develop Software 5. Test s/w as it is being developed to confirm security is built into the code 6. Assess Effectiveness 6. Assess Information Protection Effectiveness 47
48 Test s/w as it is being developed Run application vulnerability scans* against executable code: (example products) AppScan (IBM) Cenzic Webinspect (HP) Beyond security Then do yourself one more favor *You can also perform Source Code scanning; those use different tools 48
49 3 rd Party Pen Test Have a 3 rd party penetration test organization (example: White Hat) come in and truly confirm the code is clean!
50 50 Pen Test Flow Chart
51 But what about my existing applications? 51
52 Deploy an Application Enclave Defense-in-Depth Approach Three building blocks: Application vulnerability scanner File integrity monitor Web application firewall 52
53 Traditional Defense-in-Depth (DnD) Web Enabled Applications Enclave Traditional Network Defense-in-Depth Traditional HIDS Intelligent Configurable Pen Tool Network Remote User Traditional HIDS IDS ` IDS Content Monitor Local Users Honeypot NAC Behavioral Anomaly Monitoring 53
54 Traditional Defense-in-Depth (DnD) Web Enabled Applications Enclave Traditional Network Defense-in-Depth Traditional HIDS Cross Site Scripting / Command Insertion Intelligent Configurable Pen Tool Network Remote User Traditional HIDS IDS ` IDS Content Monitor Local Users Honeypot NAC Behavioral Anomaly Monitoring 54
55 Web Enabled Application DnD: Block One Application Defense-in-Depth Traditional Network Defense-in-Depth Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 55
56 Web Enabled Application DnD: Block One Application Defense-in-Depth Traditional Network Defense-in-Depth Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 56
57 Web Enabled Application DnD: Block One Application Defense-in-Depth Traditional Network Defense-in-Depth Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 57
58 Web Enabled Application DnD: Block One Application Defense-in-Depth Traditional Network Defense-in-Depth Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 58
59 Web Enabled Application DnD: Block Two Application Defense-in-Depth Traditional Network Defense-in-Depth Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User Web Application (WAF) ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 59
60 Web Enabled Application DnD: Block Three Application Defense-in-Depth Traditional Network Defense-in-Depth Real Time File Integrity Monitor Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User Real Time File Integrity Monitor Web Application (WAF) ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 60
61 Scan, Fix, Then Run Multiple Pen Tests! From outside the network Application Defense-in-Depth Traditional Network Defense-in-Depth Real Time File Integrity Monitor Application Vulnerability Scanner Intelligent Configurable Pen Tool Network Remote User Real Time File Integrity Monitor Web Application (WAF) ` IDS/IPS Content Monitor Local Users Honeypot NAC Event Correlation Tool 61 From inside the network
62 Product Examples WAFs F5 TrafficShield Breach WebDefend Barracuda / NetContinuum Citrix Application Imperva SecureSphere Web Application AppliCure dotdefender File Integrity Monitors TripWire ISS HIDS Sanctuary Veracity Application Vulnerability Scanners: IBM s AppScan (Formerly WatchFire) HP s WebInspect (Formerly SPI Dynamics) Cenzic N-Stealth Nikto (Open Source) Acunetix Web Vulnerability Scanner More at: 62 More at:
63 What did we learn today Simple steps to build security into the S/W development process We can protect existing applications We can have a cloud security framework Resulting in 63
64 How to achieve Better Cloud Security Stronger Application Security 64
65
Visions of Clouds and Cloud Security. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Visions of Clouds and Cloud Security Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Visions of Clouds and Cloud Security What is the Cloud? PAAS SAAS IAAS Chris Hoff s Model
More informationFrom the Bottom to the Top: The Evolution of Application Monitoring
From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More informationBlack Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand different types of application assessments and how they differ Be
More informationUsing Free Tools To Test Web Application Security
Using Free Tools To Test Web Application Security Speaker Biography Matt Neely, CISSP, CTGA, GCIH, and GCWN Manager of the Profiling Team at SecureState Areas of expertise: wireless, penetration testing,
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationMobile, Cloud, Advanced Threats: A Unified Approach to Security
Mobile, Cloud, Advanced Threats: A Unified Approach to Security David Druker, Ph.D. Senior Security Solution Architect IBM 1 Business Security for Business 2 Common Business Functions Manufacturing or
More informationLearning objectives for today s session
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand what a black box and white box assessment is and how they differ Identify
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationPCI DSS 3.0 Compliance
A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationMean Time to Fix (MTTF) IT Risk s Dirty Little Secret Joe Krull, CPP, CISSP, IAM, CISA, A.Inst.ISP, CRISC, CIPP
Mean Time to Fix (MTTF) IT Risk s Dirty Little Secret Joe Krull, CPP, CISSP, IAM, CISA, A.Inst.ISP, CRISC, CIPP Presentation Overview Basic Application Security (AppSec) Fundamentals Risks Associated With
More informationBAE Systems PCI Essentail. PCI Requirements Coverage Summary Table
BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance
More informationThe Evolution of Application Monitoring
The Evolution of Application Monitoring Narayan Makaram, CISSP, Director, Solutions Marketing, HP Enterprise Security Business Unit, May 18 th, 2012 Rise of the cyber threat Enterprises and Governments
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationCloud Security Framework (CSF): Gap Analysis & Roadmap
Cloud Security Framework (CSF): Gap Analysis & Roadmap Contributors: Suren Karavettil, Bhumip Khasnabish Ning So, Gene Golovinsky, Meng Yu & Wei Yinxing Please send comments & suggestions to Suren Karavettil
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationWEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services
WEB SITE SECURITY Jeff Aliber Verizon Digital Media Services 1 SECURITY & THE CLOUD The Cloud (Web) o The Cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationWeb Application Penetration Testing
Web Application Penetration Testing 2010 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Will Bechtel William.Bechtel@att.com
More informationCloud Security Framework (CSF): Gap Analysis & Roadmap
Cloud Security Framework (CSF): Gap Analysis & Roadmap Contributors: Suren Karavettil, Bhumip Khasnabish Ning So, Gene Golovinsky, Meng Yu & Wei Yinxing Please send comments & suggestions to Suren Karavettil
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More informationClavister InSight TM. Protecting Values
Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide
More informationThe Electronic Arms Race of Cyber Security 4.2 Lecture 7
The Electronic Arms Race of Cyber Security 4.2 Lecture 7 ISIMA Clermont-Ferrand / 04-February 2011 Copyright 2011 Dr. Juergen Hirte List of Content Why Process Automation Security? Security Awareness Issues
More informationBad Romance: Three Reasons Hackers <3 Your Web Apps & How to Break Them Up
Bad Romance: Three Reasons Hackers
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty
EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationPCI Compliance Updates
PCI Compliance Updates E-Commerce / Cloud Security Adam Goslin, Chief Operations Officer AGoslin@HighBitSecurity.com Direct: 248.388.4328 PCI Guidance Google: PCI e-commerce guidance https://www.pcisecuritystandards.org/pdfs/pci_dss_v2_ecommerce_guidelines.pdf
More informationCloud Security. Securing what you can t touch. Presentation to Malaysia Government Cloud Computing Forum 2012-04-05 HUAWEI TECHNOLOGIES CO., LTD.
2012-04-05 Cloud Security Securing what you can t touch www.huawei.com www.huawei.com Presentation to Malaysia Government Cloud Computing Forum HUAWEI TECHNOLOGIES CO., LTD. Why worry about cloud security?
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationHow To Protect A Virtual Desktop From Attack
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
More informationMingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Dave Plzak Security Evangelist Sentinel IPS davep@econet.com * Agenda Review of the current Network
More informationSwisscom Cloud. Building a secure cloud. SIGS, 09.09.2014 Christof Jungo
Swisscom Cloud Building a secure cloud SIGS, 09.09.2014 Christof Jungo Cloud What is changing? 2 Enterprise Datacenter High secure tier 3 & 4 Server typ Processor architecture: various Baremetal & virtual
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationPCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com
PCI Compliance - A Realistic Approach Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com What What is PCI A global forum launched in September 2006 for ongoing enhancement
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Ted Gruenloh Director of Operations Sentinel IPS * Agenda! Review of the current Network Security
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Controls Book
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program s Book Cyber-security s Summary Council on Cyber-security Critical Security s (CSC) CSC-01 CSC-02 CSC-03 CSC-04 CSC-05 IT Asset
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationHow To Protect Your Network From Attack From A Hacker (For A Fee)
Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter Director of Industrial Security Waterfall Security Solutions
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationNetwork Security. Intertech Associates, Inc.
Network Security Intertech Associates, Inc. Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture
More information13 Ways Through A Firewall What you don t know will hurt you
Scientech 2013 Symposium: Managing Fleet Assets and Performance 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions andrew. ginter
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationSmart (and safe) Lighting:
Smart (and safe) Lighting: An Overview of Cyber Security October 29, 2015 Jason Brown CISO, Merit Network Agenda 2 The New Normal Discuss Methodologies of Security Recap Q & A Target Hack 3 40,000 credit
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More information13 Ways Through A Firewall
Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationCS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013
CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access
More informationCloud Security & Risk Management PRESENTATION AT THE OPEN GROUP CONFERENCE
Cloud Security & Risk Management PRESENTATION AT THE OPEN GROUP CONFERENCE MARCH 2011 Image Area VARAD G. VARADARAJAN ENTERPRISE ARCHITECTURE COE COGNIZANT TECHNOLOGY SOLUTIONS For details please email:
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.
More informationSecuring The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master
Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table December 2011 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationMobile Security: The good, the bad, the way forward
Mobile Security: The good, the bad, the way forward Get the most out of HP s Mobility Protection Services Jan De Clercq, Felix Martin, HP TC, December, 2013 Today s Presenter Name Jan De Clercq Title &
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0
ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS Version 2.0 July 20, 2012 Table of Contents 1 Foreword... 1 2 Introduction... 1 2.1 Classification... 1 3 Scope... 1
More informationWHITE PAPER. FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6
WHITE PAPER FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6 Ensuring compliance for PCI DSS 6.5 and 6.6 Page 2 Overview Web applications and the elements surrounding them
More informationImportance of Web Application Firewall Technology for Protecting Web-based Resources
Importance of Web Application Firewall Technology for Protecting Web-based Resources By Andrew J. Hacker, CISSP, ISSAP Senior Security Analyst, ICSA Labs January 10, 2008 ICSA Labs 1000 Bent Creek Blvd.,
More informationSecurity in the Software Defined Data Center
Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined
More informationWe are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review
We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business
More informationHow Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT
How Microsoft runs IT Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT 2 Source: Accenture Cloudrise: Rewards & Risks at the Dawn of Cloud Computing, November 2010 3 Source: Accenture Cloudrise:
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationDeep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.
Deep Security Προστατεύοντας Server Farm Available Aug 30, 2011 Σωτήρης Δ. Σαράντος Σύμβουλος Δικτυακών Λύσεων Copyright 2011 Trend Micro Inc. Legacy Security Hinders Datacenter Consolidation Physical
More informationBusiness white paper. Missioncritical. defense. Creating a coordinated response to application security attacks
Business white paper Missioncritical defense Creating a coordinated response to application security attacks Table of contents 3 Your business is under persistent attack 4 Respond to those attacks seamlessly
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationNetwork Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000
Network Security Protective and Dependable With the growth of the Internet threats, network security becomes the fundamental concerns of family network and enterprise network. To enhance your business
More informationSecuring Smart City Platforms IoT, M2M, Cloud and Big Data
SESSION ID: SSC-W10 Securing Smart City Platforms IoT, M2M, Cloud and Big Data Ibrahim Al Mallouhi Vice President - Operations Emirates Integrated Telecommunication Company (du) Roshan Daluwakgoda Senior
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationHow to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP
How to start a software security initiative within your organization: a maturity based and metrics driven approach Marco Morana OWASP Lead/ TISO Citigroup OWASP Application Security For E-Government Copyright
More informationUsing Trend Micro s Cloud & Data Center Security Solution to meet PCI DSS 3.0 Compliance
A COALFIRE WHITE PAPER Using s Cloud & Data Center Security Solution to meet PCI DSS 3.0 Compliance Implementing s Deep Security Platform in a Payment Card Environment April 2015 Page 1 Executive Summary...
More informationTrend Micro Sicherheit in den Tiefen des Hypervisors. Richard Javet und Gabriel Kälin Trend Micro (Schweiz)
Trend Micro Sicherheit in den Tiefen des Hypervisors Richard Javet und Gabriel Kälin Trend Micro (Schweiz) Lösungsausrichtung von Trend Micro Aktuelle Herausforderungen Deep Security: Sicherheit für Recheninfrastrukturen
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More information