SlideShare a Scribd company logo

Towards Continuous Security Compliance in the Cloud Continuum -MEDINA Project & beyond

MEDINA
MEDINA

MEDINA project presentation during the EUCloudEdgeIoT session at NexusForum2023

Technology
1 of 6
Download to read offline
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 952633 Towards Continuous Security Compliance in the Cloud Continuum - MEDINA Project & beyond Juncal Alonso TECNALIA, Spain / EU MEDINA Project
Why the EU-funded MEDINA Project? Let’s understand the real-world implications from an EUCS perspective… …and one day we will fully realize automation in EUCS processes! 06.10.2023 NexusForum2023 ‘basic’ level ‘substantial’ level ‘high’ level 🤞 👍 👮 Continuous monitoring of compliance * Preliminary analysis documented in our whitepaper. The implementation of “continuous monitoring” brings some *challenges to Cloud Service Providers, but also to Conformance Assessment Bodies auditing those requirements
MEDINA Framework – OS components Auditors CSPs CAB, NCCA 06.10.2023 NexusForum2023 Repository of Metrics and Measures Risk Based Selection of controls to reach certification assurance levels Certification language Continuous Evidence Management tools Continuous Cloud Certificate Evaluator Risk based Auditor tool
Towards Continuous Certification as a Service in the Cloud: EMERALD IA action 06.10.2023 NexusForum2023
Addressed challenges Security compliance in Cloud is becoming a must Dynamic infrastructure needs a high sample rate Complex Cloud-Edge environments can auto-scale up rapidly Cloud Nature services abstract underlying infrastructure Resources in cloud environments often have dependencies on each other Hybrid approaches are the new “Business as usual” 06.10.2023 NexusForum2023 Ensuring that frequent application and infrastructure changes comply with security and compliance policies is challenging
Leveraging automation, ensuring compliance, enhancing trust. @MedinaprojectEU MEDINA Project - Continuous cloud security certification @MedinaprojectEU www.medina-project.eu // juncal.alonso@tecnalia.com Thank you! www.medina-project.eu

Recommended

MEDINA brochure 2023
MEDINA brochure 2023MEDINA brochure 2023
MEDINA brochure 2023MEDINA
 
MEDINA General Presentation
MEDINA General PresentationMEDINA General Presentation
MEDINA General PresentationMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Automation-based Certification for Cloud Services in Euro
Automation-based Certification for Cloud Services in EuroAutomation-based Certification for Cloud Services in Euro
Automation-based Certification for Cloud Services in EuroMEDINA
 
MEDINA Brochure 2022.pdf
MEDINA Brochure 2022.pdfMEDINA Brochure 2022.pdf
MEDINA Brochure 2022.pdfMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Paving the road towards continuous auditbased certification for cloud service...
Paving the road towards continuous auditbased certification for cloud service...Paving the road towards continuous auditbased certification for cloud service...
Paving the road towards continuous auditbased certification for cloud service...MEDINA
 

Recommended

MEDINA brochure 2023
MEDINA brochure 2023MEDINA brochure 2023
MEDINA brochure 2023MEDINA
 
MEDINA General Presentation
MEDINA General PresentationMEDINA General Presentation
MEDINA General PresentationMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Automation-based Certification for Cloud Services in Euro
Automation-based Certification for Cloud Services in EuroAutomation-based Certification for Cloud Services in Euro
Automation-based Certification for Cloud Services in EuroMEDINA
 
MEDINA Brochure 2022.pdf
MEDINA Brochure 2022.pdfMEDINA Brochure 2022.pdf
MEDINA Brochure 2022.pdfMEDINA
 
Medina general presentation
Medina general presentationMedina general presentation
Medina general presentationMEDINA
 
Paving the road towards continuous auditbased certification for cloud service...
Paving the road towards continuous auditbased certification for cloud service...Paving the road towards continuous auditbased certification for cloud service...
Paving the road towards continuous auditbased certification for cloud service...MEDINA
 
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSMaitena Ilardia
 
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSMEDINA
 
MEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certificationMEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certificationMEDINA
 
First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...MEDINA
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPMEDINA
 
MEDINA project brochure 2021
MEDINA project brochure 2021MEDINA project brochure 2021
MEDINA project brochure 2021MEDINA
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkDeutsche Telekom AG
 
Whitepaper MEDINA CNL
Whitepaper MEDINA CNLWhitepaper MEDINA CNL
Whitepaper MEDINA CNLMEDINA
 
Enabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the CloudEnabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the CloudEUBrasilCloudFORUM .
 
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ... Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...FinTech Belgium
 
PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...Giuseppe Damiano
 
proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...Andrea Caccia
 
ENISA-EuroCloud-Forum-2015.pptx
ENISA-EuroCloud-Forum-2015.pptxENISA-EuroCloud-Forum-2015.pptx
ENISA-EuroCloud-Forum-2015.pptxNicanor Sachahuaman
 
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)Juan Miguel Velasco López Urda
 
MEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentationMEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentationMEDINA
 
Whitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINAWhitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINAMEDINA
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
 
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...MEDINA
 
SerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN SecuritySerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN SecuritySerIoT project
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxnull - The Open Security Community
 

More Related Content

Similar to Towards Continuous Security Compliance in the Cloud Continuum -MEDINA Project & beyond

Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSMaitena Ilardia
 
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSMEDINA
 
MEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certificationMEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certificationMEDINA
 
First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...MEDINA
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPMEDINA
 
MEDINA project brochure 2021
MEDINA project brochure 2021MEDINA project brochure 2021
MEDINA project brochure 2021MEDINA
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkDeutsche Telekom AG
 
Whitepaper MEDINA CNL
Whitepaper MEDINA CNLWhitepaper MEDINA CNL
Whitepaper MEDINA CNLMEDINA
 
Enabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the CloudEnabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the CloudEUBrasilCloudFORUM .
 
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ... Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...FinTech Belgium
 
PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...Giuseppe Damiano
 
proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...Andrea Caccia
 
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)Juan Miguel Velasco López Urda
 
MEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentationMEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentationMEDINA
 
Whitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINAWhitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINAMEDINA
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
 
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...MEDINA
 
SerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN SecuritySerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN SecuritySerIoT project
 

Similar to Towards Continuous Security Compliance in the Cloud Continuum -MEDINA Project & beyond (20)

Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
 
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCSDay2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
Day2.2 Paving the Road Towards Continuous Certification: OSCAL and the EUCS
 
MEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certificationMEDINA: Standardization to enable continuous cloud cybersecurity certification
MEDINA: Standardization to enable continuous cloud cybersecurity certification
 
First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...First Impressions on Experimenting with Automated Monitoring Requirements of ...
First Impressions on Experimenting with Automated Monitoring Requirements of ...
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLP
 
MEDINA project brochure 2021
MEDINA project brochure 2021MEDINA project brochure 2021
MEDINA project brochure 2021
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification Framework
 
Whitepaper MEDINA CNL
Whitepaper MEDINA CNLWhitepaper MEDINA CNL
Whitepaper MEDINA CNL
 
Enabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the CloudEnabling Privacy and Security for Data Outsourced to the Cloud
Enabling Privacy and Security for Data Outsourced to the Cloud
 
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ... Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
 
PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...PkBox as simple and secure cloud electronic signature creation and validation...
PkBox as simple and secure cloud electronic signature creation and validation...
 
proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...proposal on assessment of qualified signature creation devices compliant with...
proposal on assessment of qualified signature creation devices compliant with...
 
ENISA-EuroCloud-Forum-2015.pptx
ENISA-EuroCloud-Forum-2015.pptxENISA-EuroCloud-Forum-2015.pptx
ENISA-EuroCloud-Forum-2015.pptx
 
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
Juan miguel-velasco-lopez-urda-enisa-euro cloud-forum-2015(1)
 
MEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentationMEDINA ESG (Expert Stakeholder Group) presentation
MEDINA ESG (Expert Stakeholder Group) presentation
 
Whitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINAWhitepaper EUROSCAL MEDINA
Whitepaper EUROSCAL MEDINA
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
TAS-S Seminar “From Continuous Monitoring to Continuous Cloud Cybersecurity C...
 
SerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN SecuritySerIoT Fog Substrate and SDN Security
SerIoT Fog Substrate and SDN Security
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Towards Continuous Security Compliance in the Cloud Continuum -MEDINA Project & beyond

  • 1. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 952633 Towards Continuous Security Compliance in the Cloud Continuum - MEDINA Project & beyond Juncal Alonso TECNALIA, Spain / EU MEDINA Project
  • 2. Why the EU-funded MEDINA Project? Let’s understand the real-world implications from an EUCS perspective… …and one day we will fully realize automation in EUCS processes! 06.10.2023 NexusForum2023 ‘basic’ level ‘substantial’ level ‘high’ level 🤞 👍 👮 Continuous monitoring of compliance * Preliminary analysis documented in our whitepaper. The implementation of “continuous monitoring” brings some *challenges to Cloud Service Providers, but also to Conformance Assessment Bodies auditing those requirements
  • 3. MEDINA Framework – OS components Auditors CSPs CAB, NCCA 06.10.2023 NexusForum2023 Repository of Metrics and Measures Risk Based Selection of controls to reach certification assurance levels Certification language Continuous Evidence Management tools Continuous Cloud Certificate Evaluator Risk based Auditor tool
  • 4. Towards Continuous Certification as a Service in the Cloud: EMERALD IA action 06.10.2023 NexusForum2023
  • 5. Addressed challenges Security compliance in Cloud is becoming a must Dynamic infrastructure needs a high sample rate Complex Cloud-Edge environments can auto-scale up rapidly Cloud Nature services abstract underlying infrastructure Resources in cloud environments often have dependencies on each other Hybrid approaches are the new “Business as usual” 06.10.2023 NexusForum2023 Ensuring that frequent application and infrastructure changes comply with security and compliance policies is challenging
  • 6. Leveraging automation, ensuring compliance, enhancing trust. @MedinaprojectEU MEDINA Project - Continuous cloud security certification @MedinaprojectEU www.medina-project.eu // juncal.alonso@tecnalia.com Thank you! www.medina-project.eu