Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2018 07-24 network security at the speed of dev ops - webinar


Published on

DevOps methodologies have become extremely popular to enable agile application development and delivery.

In this webinar, Anner Kushnir, AlgoSec’s VP of Technology will describe how the innovative 'Connectivity as Code' approach can be implemented to overcome these challenges, and seamlessly weave network security into the existing CI/CD pipeline in order to fully automate the application delivery process end-to-end.

Published in: Software
  • Be the first to comment

  • Be the first to like this

2018 07-24 network security at the speed of dev ops - webinar

  1. 1. NETWORK SECURITY AT THE SPEED OF DEVOPS Anner Kushnir, VP Technology Anner Kushnir VP Technology
  2. 2. WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
  3. 3. WHAT IS DEVOPS? • DevOps is a software engineering culture and practice that aims at unifying software development (Dev) and software operation (Ops). • The main characteristic of the DevOps movement is to strongly advocate automation and monitoring at all steps of software construction, from integration, testing, releasing to deployment and infrastructure management. • DevOps aims at shorter development cycles, increased deployment frequency, more dependable releases, in close alignment with business objectives. code build test deploy operate monitor 3
  4. 4. DEVOPS SECURITY What DevOps Should Be
  5. 5. What DevOps Is DEVOPS SECURITY Resource Minutes StorageServer Minutes Security / Connectivity WeeksTime to Provision
  6. 6. How often is network connectivity slowing down DevOps processes in your organization? • Never • Once a month • Once a week • Once a day • Not practicing DevOps yet, I am here to learn POLL Please vote using the “votes from audience” tab in your BrightTALK panel 6
  7. 7. FROM OUR CUSTOMERS “The process is broken. Developers are required to ask for things no developer should even know about.” “Things that should take 20 minutes drag for days and weeks.” Senior application architect at large financial institute “Everything works great, until some change needs to be done in the firewalls. Then you open a ServiceNow ticket, then wait for 2 weeks without knowing what will happen.” Senior DevOps consultant working with large banks “AlgoSec is the missing link” 7
  8. 8. ALGOSEC FOR DEVOPS Network Connectivity is a painful bottleneck in the Application Delivery pipeline The Solution: Business-driven Automation Bake network security into the DevOps pipeline • Security is no longer a bottleneck – App Developers happy Human intervention only when required • Security still has full control and visibility – Security happy • Business application connectivity automatically documented – Everyone’s happy! 8
  9. 9. CI/CD PIPELINE Palo Alto Networks Proprietary and Confidential 9 Test environments Integration Performance Run all tests Production Developer Commits Code Compile & Package Unit tests Bring up test environments Connectivity Deploy 9
  10. 10. CONNECTIVITY BLOCK (ZOOM IN) Connectivity as Code BusinessFlow Changed? Yes No No Yes Success Fail Traffic Simulation Query FireFlow 10
  11. 11. BUILDING BLOCKS END-TO-END NETWORK VISIBILITY Find which security devices are in the path, and whether they allow application traffic Firewalls, Routers, Cloud, SDN 11 | Confidential
  12. 12. BUILDING BLOCKS ZERO-TOUCH CHANGE AUTOMATION 12 • Find which firewalls/policies require change • Automatic risk check – continuous compliance • Customizable flow – thresholds, approvals • Automatic design and push of changes • End-to-end - Multi-vendor, multi-platform • Optimized changes, eliminate human error • Full documentation and audit trail
  13. 13. BUILDING BLOCKS BUSINESS APPLICATION REPOSITORY Application owners (“Top down”) • Manage application connectivity • Describe as logical flows • No need to know the network • All application details in one place • Connectivity, Risks, Compliance, Vulnerabilities BusinessFlow 13
  14. 14. ALGOBOT - POWER TO THE (APP) PEOPLE • Personal network security policy assistant • Exposes AlgoSec capabilities to App Developers • Self Service, Empowered • Use cases: • Check on application’s connectivity status • Check whether network security needs to be involved • Easily check change requests status • Bonus: less headache for network security 14
  15. 15. BUILDING BLOCKS BUSINESS APPLICATION REPOSITORY Network Security (“bottom up”) • Automatic business context for every rule, firewall, host • Audits, recertification • Understand Business impact • Cleanup, Maintenance, Security incidents • No more “reverse engineering” 15
  16. 16. • AlgoSec APIs • AlgoSec Python SDK • Build your own flow, powered by AlgoSec • AlgoSec “role” for Ansible • AlgoSec cookbook for Chef BUILDING BLOCKS INTEGRATION 16
  17. 17. WHAT JUST HAPPENED HERE • Majority of application changes – automatically processed • Either already works, or pre-approved and immediately implemented • When security approval is required – Change Request automatically opened • Application connectivity repository – automatically updated • Immediate application context – for security incidents, network/server migrations, maintenance, etc. • Continuous compliance is retained • Security has full control over policy and approvals • Full audit trail and documentation 17
  19. 19. • DevOps is all about empowering application developers • AlgoSec DevOpsifies Network Security into the CI/CD pipeline • Continuous compliance is retained • Business applications repository automatically created • Business context baked into network security operations SUMMARY
  20. 20. Q & A
  21. 21.
  22. 22. The premier event for AlgoSec customers and channel partners Australia, July 31- Aug 3 | Americas, October 15-18 For more info:
  23. 23. THANK YOU! Questions can be emailed to