Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud Security 101 (Webinar Deck)

66 views

Published on

Learn how to improve cloud security posture by using pre-built policies or writing custom policies. Perform real-time continuous monitoring of cloud infrastructure.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Cloud Security 101 (Webinar Deck)

  1. 1. Jack Naglieri | Founder & CEO | jack.naglieri@runpanther.io Cloud Security 101
  2. 2. Cloud Security 101 | Panther Your Host ● Cloud security expert w/ 8+ years experience leading detection efforts @ co’s like Yahoo & Airbnb ● Co-creator and core developer of StreamAlert ● Originally from D.C. area, now based (i.e. quarantined!) in SF Jack Naglieri
  3. 3. Cloud Security 101 | Panther Agenda 1. Cloud Security - Why Now? 2. Panther Intro 3. Panther Cloud Security Deep Dive 4. Example Use Case 5. Q&A
  4. 4. Cloud Security 101 | Panther In the era of COVID-19… reliance on cloud computing is stronger than ever.
  5. 5. Cloud Security 101 | Panther Organizations already struggle to implement proper cloud security–more than 33 billion records were exposed in 2018 and 2019.
  6. 6. Cloud Security 101 | Panther Cloud misconfigurations cost companies worldwide nearly $5 trillion in 2018 and 2019. 2018 $1.76 T 2019 $3.18 T
  7. 7. Panther is a Cloud-Native SIEM for Modern Security Teams
  8. 8. Conduct Investigations Historical Search Detect threats Log Analysis Cloud Security 101 | Panther Detect misconfigurations Cloud Security
  9. 9. OVERVIEW Panther runs fully on top of AWS services like Lambda, ECS, DynamoDB, S3, Cognito, and more Cloud Security 101 | Panther
  10. 10. CONCEPTS A cloud component RESOURCE A Python function representing the desired secure state of a resource POLICY Notification of a policy failure ALERT Panther 101
  11. 11. ONBOARDINGCloud Security 101 | Panther bit.ly/panther-cloudsec-setup bit.ly/panther-real-time-setup
  12. 12. BUILT-IN DETECTIONSCloud Security 101 | Panther ● 100+ Built-in Policies ● AWS CIS, Best Practices, S3 ● Categories ○ Availability ○ Security Controls ○ Data Protection ○ Identity & Access Management
  13. 13. Why? ● Credentials can be leaked ● Sensitive data can be exposed Writing Custom Policies Cloud Security 101 | Panther SCENARIO: Detecting Public AMIs (Amazon Machine Image)
  14. 14. Resource Logic: ● Public should be false ● The AMI owner is one of our accounts
  15. 15. Policy
  16. 16. Automatic Remediation
  17. 17. Automatic Remediation
  18. 18. Automatic Remediation
  19. 19. 1. Panther can help harden our cloud environments 2. Python Policies ensure Resources are secure 3. Panther includes 100+ built-in Policies 4. Automatic Remediation can fix insecure Resources 5. Get started today! https://docs.runpanther.io/quick-start
  20. 20. https://bit.ly/runpanther
  21. 21. Subscription Tiers Enterprise Real-Time Log Analysis Cloud Security and Remediation Real-Time Alerting Historical Search of Log Data Powerful User Interface 200+ pre-built Rules and Policies —Free— +Basic Features Self-hosted or SaaS 24 x 7 Support & Live Chat 150+ Premium Analysis Packs Role-Based Access Control SaaS Logs —Contact Us— Max scale and performance Community github.com/panther-labs/panther Panther 101
  22. 22. Q & A
  23. 23. Cloud Security 101 | Panther ARCHITECTURE
  24. 24. RESOURCES CloudTrail Config DynamoDB EC2VPC ELB GuardDuty IAM KMS RDS S3 WAF Redshift SQS SNS Write policies for any of the following resource types Panther 101
  25. 25. DESTINATIONS Dispatch alerts and integrate existing workflows Panther 101
  26. 26. ONBOARDINGCloud Security 101 | Panther
  27. 27. ONBOARDINGCloud Security 101 | Panther
  28. 28. ONBOARDINGCloud Security 101 | Panther bit.ly/panther-real-time-setup

×