Your SlideShare is downloading. ×
0
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
The Practitioners Guide to Cloud Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

The Practitioners Guide to Cloud Security

163

Published on

Dome9 Co-founder & CEO Zohar Alon presents on the Practitioners Guide to Cloud Security at Cloud Expo Europe - January, 2013.

Dome9 Co-founder & CEO Zohar Alon presents on the Practitioners Guide to Cloud Security at Cloud Expo Europe - January, 2013.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
163
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Dome9 – Server firewall management platform, brought in a SaaS subscription model.1,500 customers since launch last yearBased in Tel Aviv, with offices in the Bay AreaFocused on managing security for cloud, dedicated and VPSSpeaking today is a unique opportunity becauseDome9 is both a security company and an e-commerce companyAll of our transactions are done online and like you, have to be secured. Making sure the transaction and our infrastructure is secure is ultra critical, especially for us since we are a security company.Many of our customers are also e-commerce companies, which gives us a nice glimpse into the types of concerns they have and the threats they face
  • Q: What is this ?A: Brute force attack in action (by a nice Malaysian guy) on a test server at Amazon, set up by one of our developers Any success ?
  • Integrating with MyDigipass:Took more time to audit and review than to actually implement the integration.Took a single developer less than a day to implement.After spending a fixed (small) amount of time it is great to see the service keeps improving while doing noting on our side (example – device authorization)
  • Let’s get back to our poor server.I do not remember writing this url , so I searched a bit…
  • Apparently this is a new exploit called Elastix 2.2. LFIThis exploit is of type – directory traversal/ local file inclusion. This specific one is quite new – about 1 month old.Thank you my Lao friend for sharing such a new exploit with me.This leads us to our next part
  • Remember the server from slide 1 ?Q: What happened here ?A: I just used our own product to properly configure that server’s firewall
  • -Describe- By now, you understand what we do, now let’s dive into our dilemmas and challenges
  • Transcript

    • 1. CloudExpo Europe – London, January 2013The Practitioners Guide toCloud SecurityLondon, January 2013Zohar Alon@zoharalonCo-Founder & CEO Dome9 – Secure Your Cloud™
    • 2. Me, and my company Zohar Alon – Co-Founder & CEO Creator of Check Point’s Provider-1 & SP product lines Over 20 years of security & IT experience. Cloud Server Security Management Automate and centralize security across an unlimited number of cloud, dedicated, and virtual private servers Dome9 – Secure Your Cloud™
    • 3. What’s this?Dome9 – Secure Your Cloud™
    • 4. 1 day and 86,000 attempts later…Dome9 – Secure Your Cloud™
    • 5. There are more than 30 millionCloud, VPS & Dedicated ServersMost of these servers are vulnerable to attack – Admins leave ports open to connect to their servers – Hackers use these same open ports to gain accessMost of these servers’ security is unmanageable – Sprawled across multiple private & public clouds – Operating systems are a virtual buffetMost of the ‘available’ security doesn’t work – Service providers lack expertise & focus to build it – Security vendors have business models that don’t fit and/or technology that doesn’t migrate and scale Dome9 – Secure Your Cloud™
    • 6. Who’s responsible for security? Dome9 – Secure Your Cloud™
    • 7. The Practitioners Guide Part 1 – Responsibility• Most don’t know who’s Who’s Responsible? responsible for cloud security – 42% say they wouldn’t know if their cloud was hacked 33% 31% – 39% think their provider would tell them• Security is everybody’s 36% responsibility – accept and share it!• Security is your responsibility – Deal with it! Customer Provider Both Ponemon Cloud Security Research Study Dome9 – Secure Your Cloud™
    • 8. The Practitioners Guide Part 2 – Authentication• If Anyone can login consider Multi-Factor authentication to harden access• Simple mobile app integration, w/ QR code support & SMS backup Dome9 – Secure Your Cloud™
    • 9. Dome9 – Secure Your Cloud™
    • 10. Dome9 – Secure Your Cloud™
    • 11. The Practitioners Guide Part 3 - WAF• WAF: Web Application Firewall – Protects Web services, sites and applications – Monitor the requests to the web layer – Brute-force Login, Span Bots, SQL injections, etc.• Easy to enable – No Install! – Provides added security layer w/o overhead• Every Web App Will Use one – CloudFlare, Incapsula or Akamai – Bonus I – site is faster – Bonus II – DDOS mitigation capabilities Dome9 – Secure Your Cloud™
    • 12. The Practitioners Guide Part 4 – Log• You saw how many insights we get from the logs. You need to store and analyze them.• We use several vendors for this – each for a different use-case: – Splunk & SplunkStorm – SumoLogic – Loggly – LogEntries Dome9 – Secure Your Cloud™
    • 13. The Practitioners Guide Part 5 – Firewall• Take Control on your security policies – You do much more when it comes to the office firewall• Close All (admin) Ports – Open Dynamically – Open them only for whom, and for as long as is needed.• Don’t rely on static scopes – Too much management overhead and risk.• Aggregate & Centralize firewall management – Across regions, providers and applications• At Dome9, we eat our own dog food – On Amazon, Verison’s Terrermark and Rackspace Dome9 – Secure Your Cloud™
    • 14. What happened here? Dome9 – Secure Your Cloud™
    • 15. Dome9: How it WorksAutomated Cloud Server Security  Manage OS firewall (via Agent) and virtual firewall (via API) across all cloud servers  Enable on-demand, time- based secure access leases per server, source & time  Automatically close server access when lease expires  Stop attackers from targeting open admin ports via brute force attacks and exploits Dome9 – Secure Your Cloud™
    • 16. Dome9 CentralSimplified Security Management Time-Based Controls 1-Click Secure Access Multi-Cloud Management Dome9 – Secure Your Cloud™
    • 17. Wrap Up① Take Responsibility② Harden Authentication③ Use a Web Application Firewall④ Log, Log, Log, Log, Log… and Analyze⑤ Lockdown and Automate the Server Firewalls… with Dome9!  Dome9 – Secure Your Cloud™
    • 18. Q&ADome9 – Secure Your Cloud™
    • 19. Thank You!Zohar Alon, Zohar@dome9.com www.dome9.com Dome9 – Secure Your Cloud™
    • 20. References and Links• Firewall Management Service: – http://www.dome9.com/ – https://secure.dome9.com/account/register?code=ecommerce• MyDigipass 2 Factor Authentication Service: – https://www.mydigipass.com/• Log Management Services: – Splunk Storm Service - https://www.splunkstorm.com/ – Loggly - http://loggly.com/ – LogEntries - https://logentries.com/• WAF Services: – CloudFlare - https://www.cloudflare.com/ – Incapsula - http://www.incapsula.com/• Cloud Security Study:http://www.dome9.com/wp-content/uploads/2011/11/Ponemon-Cloud-Security-Study.pdf Dome9 – Secure Your Cloud™

    ×