Effec%ve 
Security 
Response 
in 
the 
Cloud 
Greg 
Boyle, 
Director, 
Strategic 
Business 
and 
Alliances 
Trend 
Micro
AWS 
A 
infrastructure 
plaKorm 
defined 
as 
Low 
cost 
Agile 
& 
ElasPc 
Open 
& 
Flexible 
Secure 
* 
hAp://aws.amazon....
The 
movement 
DevOps 
is 
a 
technology 
movement 
for 
and 
your 
company 
doesn’t 
need 
to 
worry 
about 
it 
© 
2014,...
© 
2014, 
Trend 
Micro 
Inc. 
Development 
OperaPons 
Driving 
change
© 
2014, 
Trend 
Micro 
Inc. 
Development 
OperaPons 
+ 
Driving 
change
Driving 
change 
© 
2014, 
Trend 
Micro 
Inc. 
New 
goals 
Breakdown 
silos 
Directly 
align 
with 
business 
Rapidly 
dep...
© 
2014, 
Trend 
Micro 
Inc. 
Security 
needs 
to 
keep 
pace 
Our 
Challenge
You 
FaciliPes 
Physical 
Security 
Physical 
Infrastructure 
Network 
Infrastructure 
VirtualisaPon 
Infrastructure 
© 
2...
AWS 
FaciliPes 
Physical 
Security 
Physical 
Infrastructure 
Network 
Infrastructure 
VirtualisacPon 
Infrastructure 
© 
...
© 
2014, 
Trend 
Micro 
Inc. 
Applied 
at 
the 
boundary 
Operator 
TradiPonal 
Security
© 
2014, 
Trend 
Micro 
Inc. 
Applied 
to 
each 
instance 
Cloud 
defences 
VPC 
VPC 
VPC
New 
challenges 
© 
2014, 
Trend 
Micro 
Inc. 
Deployment 
Management
© 
2014, 
Trend 
Micro 
Inc. 
Leverage 
exisPng 
distribuPon 
channels 
Addressing 
the 
challenges 
-­‐ 
deployment
© 
2014, 
Trend 
Micro 
Inc. 
Recommended 
choices 
AWS 
OpsWorks 
Chef 
Puppet 
Salt 
Deployment 
channels
© 
2014, 
Trend 
Micro 
Inc. 
Centralise 
control 
management 
Addressing 
the 
challenges 
-­‐ 
management
© 
2014, 
Trend 
Micro 
Inc. 
In 
acPon 
Our 
challenge
© 
2014, 
Trend 
Micro 
Inc. 
On 
the 
clock 
Our 
challenge
SANS 
incident 
response 
process 
PreparaPon 
IdenPficaPon 
Containment 
EradicaPon 
Recovery 
Lessons 
Learned 
© 
2014,...
© 
2014, 
Trend 
Micro 
Inc. 
Server 
Analyse 
Defend 
Verify 
Adjust 
Replacement 
TradiPonal 
process
© 
2014, 
Trend 
Micro 
Inc. 
Instance 
Replacement 
Defend 
Analyse 
Verify 
Adjust 
Cloud 
process
Cloud 
process 
– 
automaPon 
requirements 
Need 
to 
automate 
isolaPon 
© 
2014, 
Trend 
Micro 
Inc. 
Instance 
Replacem...
© 
2014, 
Trend 
Micro 
Inc. 
Instance 
Replacement 
1. 
Monitor 
the 
log 
stream 
API 
2. 
Call 
the 
AWS 
API 
to 
isol...
© 
2014, 
Trend 
Micro 
Inc. 
In 
acPon 
Our 
Challenge
Cloud 
process 
© 
2014, 
Trend 
Micro 
Inc. 
Instance 
Replacement 
Defend 
Analyse 
Verify 
Adjust
© 
2014, 
Trend 
Micro 
Inc. 
Piggyback 
on 
provisioning 
Central 
management 
AutomaPon 
Keys 
to 
success
Thank 
you. 
Learn 
more 
at 
hAp://trendmicro.com/aws
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
 Effective Security Response in the Cloud - Session Sponsored by Trend Micro
Upcoming SlideShare
Loading in...5
×

Effective Security Response in the Cloud - Session Sponsored by Trend Micro

251

Published on

AWS Summit 2014 Melbourne - Breakout 2

The cloud is a highly dynamic environment that changes the way organisations need to think about security, underpinned by the shared security model. Learn how to increase the effectiveness of your security response as you move to the cloud. We'll discuss how to leverage features in AWS and our security tools to reduce downtime with minimal impact to your security and business operations. Pulling from experiences helping clients move to the cloud, this talk will help provide practical advice you can apply today.

Presenter: Greg Boyle, Director, Strategic Business and Alliances, Trend Micro ANZ

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
251
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Effective Security Response in the Cloud - Session Sponsored by Trend Micro

  1. 1. Effec%ve Security Response in the Cloud Greg Boyle, Director, Strategic Business and Alliances Trend Micro
  2. 2. AWS A infrastructure plaKorm defined as Low cost Agile & ElasPc Open & Flexible Secure * hAp://aws.amazon.com/about-­‐aws/ © 2014, Trend Micro Inc.
  3. 3. The movement DevOps is a technology movement for and your company doesn’t need to worry about it © 2014, Trend Micro Inc. right? asked ironically by Peter Waterhouse, InformaPon Week, 31-­‐Mar-­‐2014 hAp://www.informaPonweek.com/soYware/enterprise-­‐applicaPons/busPng-­‐5-­‐devops-­‐myths/d/d-­‐id/1141597
  4. 4. © 2014, Trend Micro Inc. Development OperaPons Driving change
  5. 5. © 2014, Trend Micro Inc. Development OperaPons + Driving change
  6. 6. Driving change © 2014, Trend Micro Inc. New goals Breakdown silos Directly align with business Rapidly deploy & iterate DevOps
  7. 7. © 2014, Trend Micro Inc. Security needs to keep pace Our Challenge
  8. 8. You FaciliPes Physical Security Physical Infrastructure Network Infrastructure VirtualisaPon Infrastructure © 2014, Trend Micro Inc. OperaPng System ApplicaPon Account Management The tradiPonal responsibility model
  9. 9. AWS FaciliPes Physical Security Physical Infrastructure Network Infrastructure VirtualisacPon Infrastructure © 2014, Trend Micro Inc. You OperaPng System ApplicaPon Account Management Security Groups Network ConfiguraPon Shared Responsibility model
  10. 10. © 2014, Trend Micro Inc. Applied at the boundary Operator TradiPonal Security
  11. 11. © 2014, Trend Micro Inc. Applied to each instance Cloud defences VPC VPC VPC
  12. 12. New challenges © 2014, Trend Micro Inc. Deployment Management
  13. 13. © 2014, Trend Micro Inc. Leverage exisPng distribuPon channels Addressing the challenges -­‐ deployment
  14. 14. © 2014, Trend Micro Inc. Recommended choices AWS OpsWorks Chef Puppet Salt Deployment channels
  15. 15. © 2014, Trend Micro Inc. Centralise control management Addressing the challenges -­‐ management
  16. 16. © 2014, Trend Micro Inc. In acPon Our challenge
  17. 17. © 2014, Trend Micro Inc. On the clock Our challenge
  18. 18. SANS incident response process PreparaPon IdenPficaPon Containment EradicaPon Recovery Lessons Learned © 2014, Trend Micro Inc.
  19. 19. © 2014, Trend Micro Inc. Server Analyse Defend Verify Adjust Replacement TradiPonal process
  20. 20. © 2014, Trend Micro Inc. Instance Replacement Defend Analyse Verify Adjust Cloud process
  21. 21. Cloud process – automaPon requirements Need to automate isolaPon © 2014, Trend Micro Inc. Instance Replacement Defend Analyse Verify Adjust
  22. 22. © 2014, Trend Micro Inc. Instance Replacement 1. Monitor the log stream API 2. Call the AWS API to isolate the instance Cloud process -­‐ soluPon
  23. 23. © 2014, Trend Micro Inc. In acPon Our Challenge
  24. 24. Cloud process © 2014, Trend Micro Inc. Instance Replacement Defend Analyse Verify Adjust
  25. 25. © 2014, Trend Micro Inc. Piggyback on provisioning Central management AutomaPon Keys to success
  26. 26. Thank you. Learn more at hAp://trendmicro.com/aws

×