Your SlideShare is downloading. ×
0
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Riverbed Securing Cloud Applications with a Distributed Web Application Firewall
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

1,523

Published on

The dramatic growth of online business along with the rise of cloud technologies has been accompanied by a burst of innovative ways to engage customers and drive new business models. It has also …

The dramatic growth of online business along with the rise of cloud technologies has been accompanied by a burst of innovative ways to engage customers and drive new business models. It has also brought new security challenges as more customers and transactions are processed through online portals.

The focus of IT security is increasingly moving away from the network and IT infrastructure to the application and software architecture itself, which means IT organizations need to adapt to new security challenges.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,523
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
34
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com   ©2013  Riverbed  Technology  
  • 2. Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS ©2013  Riverbed  Technology    |    www.riverbed.com   INFRASTRUCTURE APPLICATIONS
  • 3. Cloud Applications Are Exposed to New Threats Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud   Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 4. There is a Real Cost of Not Securing Applications Global headlines. Real business impact. 3 $10,000,000 500,000 $94,000,000 40,000,000+ Months offline fined for security breach replacement credit cards issued in remediation costs credit card details lost ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 5. Beyond $$: Other Business Drivers for Application Security !   Regulatory Pressures !   PCI DSS, HIPAA, etc. Compliance Revenue & Reputation !   Opportunity cost of remediation !   Brand and reputation damage !   Loss of income !   Data Privacy Act Best Practices !   Security Governance !   Cross-business collaboration !   Delegation of responsibility !   Understand changing risk profiles of your application !   Due Diligence ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 6. Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Malicious requests (e.g. SQL-injection) Cross-site request forgery (CSRF) Authentication and session attacks Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/ ©2013  Riverbed  Technology    |    www.riverbed.com   URL manipulation
  • 7. Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment Increased capital costs Decreased provisioning agility in a dynamic, virtualized environment Increased management costs without levels of delegation for administration ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 8. REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security
  • 9. The Web Application Firewall Must be Massively Scalable & Portable !   Across CPU, computer, server rack and data center boundaries Public Private !   Across multiple applications at a time (e.g. cloud bursting) !   Across private, hybrid or public clouds, and small or large traditional data centers !   Available as virtual appliance and a plug-in !   Start small, but allow scale up without changes to security solution Data Center Local Machine ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 10. Flexible, Portable Across Platforms Fits into existing infrastructures and processes Available as virtual appliance and a plug-in ©2013  Riverbed  Technology    |    www.riverbed.com   Can live in a wide variety of components effectively Mixes traditional and virtual technologies
  • 11. Distributed and Delegated Management Public 1 2 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Private 3 Proactive Monitoring – tuned for each application 4 Multi administrator privileges to handle diverse security policy schemes Fits into any – existing or planned – application delivery infrastructure. ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 12. Securing Cloud Applications with a Distributed Web Application Firewall    Download  the  Complete  Whitepaper  from     www.riverbed.com/s2ngray-­‐appsec   Follow  Us  :   www.riverbed.com©2013   ©2013  Riverbed  Technology  

×