ISTSEC 2013 - Bulut Bilişim ve Güvenlik

BGA Cyber Security
BGA Cyber SecurityBGA Cyber Security
Bulut Bilişim ve Güvenlik
Bulut Bilişim | Özellikler The image part with relations hip ID rId12 was not found in the file.
Yönetim Maliyet •  •  •  •  •  •  •  •  •  •  Üretkenlik •  •  •  • 
Bulut Hizmetleri Altyapın Hazır ! Platformun Altyapınla Beraber Kurulu Geliyor ! Sadece Kullan ! Servis Olarak Altyapı Servis Olarak Platform Servis Olarak Yazılım Uygulama / Veri Uygulama / Veri Uygulama / Veri Uygulama / Veri Platform Platform Platform Platform Altyapı Altyapı Altyapı Altyapı Şirket İçi •  Altyapı: Sunucu, Ağ, Güvenlik, Depo, Sanallaştırma..vs •  Platform: Veritabanı, Web Hosting, Ortakatman,..vs •  Uygulama: Exchange, Office.. •  Sanal Makineler •  Sanal Ağ •  Servis Olarak Uygulama Yönetimi •  Servis Olarak Veritabanı •  Servis Olarak AD •  Entegrasyon Servisleri •  •  •  •  Servis Olarak ERP Servis Olarak EPosta Servis Olarak CRM Servis Olarak DYS Sizin Yönettiğiniz Bulut Sağlayıcılarının Yönettiği
Microsoft’un bulut tanımı Microsoft Tek tutarlı Siz deneyim Bulut Hizmet Sağlayıcı
Microsoft’un kapsamlı bulut çözümleri Microsoft Tek tutarlı Siz deneyim Bulut Hizmet Sağlayıcı
Unparalleled experience in online security 7
Physical Security Network Security Platform Integrity Data Identity Application Protection and Access Security Engineering System and Operational Security
Service security starts with the data center Perimeter Security Fire Suppression Multi-factor authentication Extensive Monitoring
ISO / IEC 27001:2005 Certification SAS 70 Type I and II attestations (transitioning to SSAE 16/ISAE 3402 SOC 1, 2, and 3) HIPAA/HITECH PCI Data Security Standard Certification FISMA Certification and Accreditation Various State, Federal, and International Privacy Laws (95/46/EC—aka EU Data Protection Directive; California SB1386; etc.)
ISTSEC 2013 - Bulut Bilişim ve Güvenlik
DDoS Protection in Azure •  •  •  •  •  •  •  •  DDoS attacks aiming to exhaust compute, memory, network bandwidth or other resources of a service Windows Azure network infrastructure deploys DDoS defense system Standard DDoS volumetric mitigation techniques such as SYN floods, rate limiting and connection limits Combined with SLBs to sanitize TCP/UDP traffic, including automated DDoS detection and mitigation On ongoing basis we validate that core Windows Azure services have adequate resilience to DDoS attacks DDoS protection for platform services also benefits tenant applications However, it is still possible for tenant applications to be targeted individually §  Customers should actively monitor their applications §  Customers should test their applications for interface specific attacks §  Deploy third part web application firewalls e.g. https://www.barracuda.com/programs/azure If a customer notices their application is attacked, they should contact Azure Customer Support for assistance
Platform Integrity •  Reduced OS footprint •  Compute and Access Isolation §  Isolation of the Host from the Guest VMs §  Isolation of Guest VMs from one another §  Host-mediated Guest VM access to network and disk •  Anti-Malware •  Patch management
Data Protection •  Redundant storage §  Replicated at least three times in the same datacenter §  Geo-replication to different datacenter •  •  •  •  •  •  Storage accounts and keys Data backup Data deletion and destruction SQL Azure inherits SQL’s authentication/authorization system Data encryption in transit Data encryption at rest - IaaS customers may implement using .NET cryptographic services or EFS
Securing Engineering System and Operations •  Strong Identity Assurance •  Granular Access Control •  Access to Customer Data is highly restricted •  Logging and monitoring •  Customers have access to logs of administrator actions affecting them
Application Security
http://www.windowsazure.com/en-us/support/trust-center/ •  One location to aggregate content across Security, Privacy, and Compliance
ISTSEC 2013 - Bulut Bilişim ve Güvenlik
1 of 18

ISTSEC 2013 - Bulut Bilişim ve Güvenlik

Download to read offline
Technology

ISTSEC 2013 Konferansında Konuşmacılardan Mehmet ÜNER'in anlatmış olduğu sunumdur.

BGA Cyber Security
BGA Cyber SecurityBGA Cyber Security

Recommended

DDoS Threat Landscape - Ron Winward CHINOG16 by
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
2.7K views37 slides
DDoS Mitigation - DefensePro - RADWARE by
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
2.5K views18 slides
What is ddos attack by
What is ddos attackWhat is ddos attack
What is ddos attackDosarrest007
140 views4 slides
Denial of Service Attacks (DoS/DDoS) by
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
2.2K views17 slides
Top 10 mobile security risks - Khổng Văn Cường by
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngVõ Thái Lâm
1.3K views35 slides
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc... by
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
90 views20 slides

More Related Content

What's hot

Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017] by
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]RootedCON
1.5K views38 slides
12 types of DDoS attacks by
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
2K views18 slides
Inception framework by
Inception frameworkInception framework
Inception framework한익 주
976 views5 slides
DoS Attack - Incident Handling by
DoS Attack - Incident HandlingDoS Attack - Incident Handling
DoS Attack - Incident HandlingMarcelo Silva
4.9K views13 slides
What is DDoS ? by
What is DDoS ?What is DDoS ?
What is DDoS ?Vikas Phonsa
178 views8 slides
Inside Out Hacking - Bypassing Firewall by
Inside Out Hacking - Bypassing FirewallInside Out Hacking - Bypassing Firewall
Inside Out Hacking - Bypassing Firewallamiable_indian
3.8K views22 slides

What's hot(20)

Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017] by RootedCON
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]
RootedCON1.5K views
12 types of DDoS attacks by Haltdos
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
Haltdos2K views
Inception framework by 한익 주
Inception frameworkInception framework
Inception framework
한익 주976 views
DoS Attack - Incident Handling by Marcelo Silva
DoS Attack - Incident HandlingDoS Attack - Incident Handling
DoS Attack - Incident Handling
Marcelo Silva4.9K views
What is DDoS ? by Vikas Phonsa
What is DDoS ?What is DDoS ?
What is DDoS ?
Vikas Phonsa178 views
Inside Out Hacking - Bypassing Firewall by amiable_indian
Inside Out Hacking - Bypassing FirewallInside Out Hacking - Bypassing Firewall
Inside Out Hacking - Bypassing Firewall
amiable_indian3.8K views
Radware Cloud Security Services by Radware
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
Radware2.2K views
DDOS Attack by Ahmed Salama
DDOS Attack DDOS Attack
DDOS Attack
Ahmed Salama305 views
DDoS Attacks by Jignesh Patel
DDoS AttacksDDoS Attacks
DDoS Attacks
Jignesh Patel25.2K views
Defense in Depth - Lessons Learned from Securing over 100,000 Drupal Sites by Pantheon
Defense in Depth - Lessons Learned from Securing over 100,000 Drupal SitesDefense in Depth - Lessons Learned from Securing over 100,000 Drupal Sites
Defense in Depth - Lessons Learned from Securing over 100,000 Drupal Sites
Pantheon1.4K views
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ... by BlueHat Security Conference
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat Security Conference518 views
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final by Vinod Kumar
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Vinod Kumar466 views
Web Security by Gerald Villorente
Web SecurityWeb Security
Web Security
Gerald Villorente2.2K views
Two for Attack: Web and Email Content Protection by Cisco Canada
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
Cisco Canada859 views
Хакеры хотят ваш банк больше, чем ваших клиентов by Positive Hack Days
Хакеры хотят ваш банк больше, чем ваших клиентовХакеры хотят ваш банк больше, чем ваших клиентов
Хакеры хотят ваш банк больше, чем ваших клиентов
Positive Hack Days896 views
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO] by Security Session
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Security Session555 views
Destributed denial of service attack ppt by OECLIB Odisha Electronics Control Library
Destributed denial of service attack pptDestributed denial of service attack ppt
Destributed denial of service attack ppt
OECLIB Odisha Electronics Control Library1.2K views
DNS Security, is it enough? by Zscaler
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
Zscaler1.5K views
A pinguin as a bouncer... Open Source Security Solutions by B.A.
A pinguin as a bouncer... Open Source Security SolutionsA pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
B.A.499 views
InfoSecurity Europe 2014: The Art Of Cyber War by Radware
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware3.4K views

Viewers also liked

Web 2.0 Güvenliği by
Web 2.0 GüvenliğiWeb 2.0 Güvenliği
Web 2.0 GüvenliğiBGA Cyber Security
6.3K views49 slides
ESX Server from VMware by
ESX Server from VMwareESX Server from VMware
ESX Server from VMwareAhmet Bulut
1.7K views18 slides
Sosyal Ağların Kullanıyla İlgili Tavsiyeler by
Sosyal Ağların Kullanıyla İlgili TavsiyelerSosyal Ağların Kullanıyla İlgili Tavsiyeler
Sosyal Ağların Kullanıyla İlgili TavsiyelerMehmet BOLAT
173 views17 slides
Wordpress dersleri by
Wordpress dersleriWordpress dersleri
Wordpress dersleriibrahimfirat
2K views27 slides
Bilişim Suçları by
Bilişim SuçlarıBilişim Suçları
Bilişim Suçlarısemravural
1.1K views37 slides
Siber Olaylara Müdahale - Hacktrickconf by
Siber Olaylara Müdahale - HacktrickconfSiber Olaylara Müdahale - Hacktrickconf
Siber Olaylara Müdahale - HacktrickconfMehmet KILIÇ
430 views10 slides

Viewers also liked(20)

Web 2.0 Güvenliği by BGA Cyber Security
Web 2.0 GüvenliğiWeb 2.0 Güvenliği
Web 2.0 Güvenliği
BGA Cyber Security6.3K views
ESX Server from VMware by Ahmet Bulut
ESX Server from VMwareESX Server from VMware
ESX Server from VMware
Ahmet Bulut1.7K views
Sosyal Ağların Kullanıyla İlgili Tavsiyeler by Mehmet BOLAT
Sosyal Ağların Kullanıyla İlgili TavsiyelerSosyal Ağların Kullanıyla İlgili Tavsiyeler
Sosyal Ağların Kullanıyla İlgili Tavsiyeler
Mehmet BOLAT173 views
Wordpress dersleri by ibrahimfirat
Wordpress dersleriWordpress dersleri
Wordpress dersleri
ibrahimfirat2K views
Bilişim Suçları by semravural
Bilişim SuçlarıBilişim Suçları
Bilişim Suçları
semravural1.1K views
Siber Olaylara Müdahale - Hacktrickconf by Mehmet KILIÇ
Siber Olaylara Müdahale - HacktrickconfSiber Olaylara Müdahale - Hacktrickconf
Siber Olaylara Müdahale - Hacktrickconf
Mehmet KILIÇ430 views
Panel 1. ve 2. bölüm dahi̇l güncel sunu şablonu (bayan) by seymacakan
Panel 1. ve 2. bölüm dahi̇l güncel sunu şablonu (bayan)Panel 1. ve 2. bölüm dahi̇l güncel sunu şablonu (bayan)
Panel 1. ve 2. bölüm dahi̇l güncel sunu şablonu (bayan)
seymacakan129 views
Bulut Bilişim El Kitabı by Hakan Yüksel
Bulut Bilişim El KitabıBulut Bilişim El Kitabı
Bulut Bilişim El Kitabı
Hakan Yüksel4.4K views
Bilişim Güvenliği by Murat Özalp
Bilişim GüvenliğiBilişim Güvenliği
Bilişim Güvenliği
Murat Özalp549 views
Mustafa Değerli - 2017 - Doktora Tezi - Teknoloji Transfer Ofisleri için Krit... by Dr. Mustafa Değerli
Mustafa Değerli - 2017 - Doktora Tezi - Teknoloji Transfer Ofisleri için Krit...Mustafa Değerli - 2017 - Doktora Tezi - Teknoloji Transfer Ofisleri için Krit...
Mustafa Değerli - 2017 - Doktora Tezi - Teknoloji Transfer Ofisleri için Krit...
Dr. Mustafa Değerli760 views
Bir Şeyi Hacklemek (DEU ACM Bilişim Günleri 2016) by Ömer Çıtak
Bir Şeyi Hacklemek (DEU ACM Bilişim Günleri 2016)Bir Şeyi Hacklemek (DEU ACM Bilişim Günleri 2016)
Bir Şeyi Hacklemek (DEU ACM Bilişim Günleri 2016)
Ömer Çıtak1.1K views
Web Uygulama Güvenliği (Akademik Bilişim 2016) by Ömer Çıtak
Web Uygulama Güvenliği (Akademik Bilişim 2016)Web Uygulama Güvenliği (Akademik Bilişim 2016)
Web Uygulama Güvenliği (Akademik Bilişim 2016)
Ömer Çıtak3.8K views
Bga some-2016 by MEB Adalar Halk Eğitim Merkezi
Bga some-2016Bga some-2016
Bga some-2016
MEB Adalar Halk Eğitim Merkezi1.6K views
Turkce by simone.schaefer
TurkceTurkce
Turkce
simone.schaefer12.9K views
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013 by Erol Dizdar
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Erol Dizdar1.4K views
GRE Nedir by Mert Hakki Bingol
GRE NedirGRE Nedir
GRE Nedir
Mert Hakki Bingol1.3K views
State of the Global Mobile Consumer: Connectivity is core by Erol Dizdar
State of the Global Mobile Consumer: Connectivity is coreState of the Global Mobile Consumer: Connectivity is core
State of the Global Mobile Consumer: Connectivity is core
Erol Dizdar1.9K views
Facebook'taki Türk Bankaları by Erol Dizdar
Facebook'taki Türk BankalarıFacebook'taki Türk Bankaları
Facebook'taki Türk Bankaları
Erol Dizdar672 views
Türkiye Sosyal Medya Pazarlama Trendleri by Erol Dizdar
Türkiye Sosyal Medya Pazarlama TrendleriTürkiye Sosyal Medya Pazarlama Trendleri
Türkiye Sosyal Medya Pazarlama Trendleri
Erol Dizdar1.4K views
Turkcell maxi iq by Erol Dizdar
Turkcell maxi iqTurkcell maxi iq
Turkcell maxi iq
Erol Dizdar769 views

Similar to ISTSEC 2013 - Bulut Bilişim ve Güvenlik

O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman by
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanNCCOMMS
127 views30 slides
AWS Webcast - Top 3 Ways to Improve Web App Security by
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
7.4K views28 slides
Cloud Computing and Virtualisation by
Cloud Computing and VirtualisationCloud Computing and Virtualisation
Cloud Computing and Virtualisationanupriti
855 views66 slides
Adelaide Global Azure Bootcamp 2018 - Azure 101 by
Adelaide Global Azure Bootcamp 2018 - Azure 101Adelaide Global Azure Bootcamp 2018 - Azure 101
Adelaide Global Azure Bootcamp 2018 - Azure 101Balabiju
373 views87 slides
Cloud computing and service models by
Cloud computing and service modelsCloud computing and service models
Cloud computing and service modelsPrateek Soni
42.2K views29 slides
Presentation on cloud computing by
Presentation on cloud computingPresentation on cloud computing
Presentation on cloud computingBIJIT GHOSH
2.1K views69 slides

Similar to ISTSEC 2013 - Bulut Bilişim ve Güvenlik(20)

O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman by NCCOMMS
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
NCCOMMS127 views
AWS Webcast - Top 3 Ways to Improve Web App Security by Amazon Web Services
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App Security
Amazon Web Services7.4K views
Cloud Computing and Virtualisation by anupriti
Cloud Computing and VirtualisationCloud Computing and Virtualisation
Cloud Computing and Virtualisation
anupriti855 views
Adelaide Global Azure Bootcamp 2018 - Azure 101 by Balabiju
Adelaide Global Azure Bootcamp 2018 - Azure 101Adelaide Global Azure Bootcamp 2018 - Azure 101
Adelaide Global Azure Bootcamp 2018 - Azure 101
Balabiju373 views
Cloud computing and service models by Prateek Soni
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
Prateek Soni42.2K views
Presentation on cloud computing by BIJIT GHOSH
Presentation on cloud computingPresentation on cloud computing
Presentation on cloud computing
BIJIT GHOSH2.1K views
An Overview of Windows Azure by Microsoft Private Cloud
An Overview of Windows AzureAn Overview of Windows Azure
An Overview of Windows Azure
Microsoft Private Cloud1.7K views
Windows Azure by John Alioto
Windows AzureWindows Azure
Windows Azure
John Alioto1.1K views
Cloud computing by Zeeshan Ahmad
Cloud computingCloud computing
Cloud computing
Zeeshan Ahmad56 views
Amazon WorkSpaces - Fully Managed Desktops in the Cloud by Amazon Web Services
Amazon WorkSpaces - Fully Managed Desktops in the Cloud Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon Web Services1.3K views
Basics of Cloud Computing by Pranav Vashistha
Basics of Cloud ComputingBasics of Cloud Computing
Basics of Cloud Computing
Pranav Vashistha3.6K views
Cloud Computing and Services | PPT by Seminar Links
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPT
Seminar Links36.4K views
What is Windows Azure Platform by David Chou
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure Platform
David Chou2.2K views
Amazon WorkSpaces - Fully Managed Desktops in the Cloud by Amazon Web Services
Amazon WorkSpaces - Fully Managed Desktops in the CloudAmazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon Web Services1.6K views
Cloud architecture by Adeel Javaid
Cloud architectureCloud architecture
Cloud architecture
Adeel Javaid7.8K views
Presentation on Cloud computing by Vijay Bhanu Thodupunoori
Presentation on Cloud computingPresentation on Cloud computing
Presentation on Cloud computing
Vijay Bhanu Thodupunoori72K views
Cloud Computing Overview by Sean Connolly
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
Sean Connolly157 views
Amazon WorkSpaces - Fully Managed Desktops in the Cloud by Amazon Web Services
Amazon WorkSpaces - Fully Managed Desktops in the Cloud Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon WorkSpaces - Fully Managed Desktops in the Cloud
Amazon Web Services1.4K views
Modern Software Architecture - Cloud Scale Computing by Giragadurai Vallirajan
Modern Software Architecture - Cloud Scale ComputingModern Software Architecture - Cloud Scale Computing
Modern Software Architecture - Cloud Scale Computing
Giragadurai Vallirajan2.2K views
Azure Community Tour 2019 - AZUGDK by Peter Selch Dahl
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
Peter Selch Dahl451 views

More from BGA Cyber Security

WEBSOCKET Protokolünün Derinlemesine İncelenmesi by
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiBGA Cyber Security
1.1K views26 slides
Tatil Öncesi Güvenlik Kontrol Listesi.pdf by
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfBGA Cyber Security
705 views1 slide
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi by
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
1.5K views8 slides
3. parti firma risklerinden nasıl korunulur? by
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?BGA Cyber Security
830 views38 slides
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları by
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBGA Cyber Security
1.8K views47 slides
Webinar: Popüler black marketler by
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketlerBGA Cyber Security
345 views29 slides

More from BGA Cyber Security(20)

WEBSOCKET Protokolünün Derinlemesine İncelenmesi by BGA Cyber Security
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesi
BGA Cyber Security1.1K views
Tatil Öncesi Güvenlik Kontrol Listesi.pdf by BGA Cyber Security
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
BGA Cyber Security705 views
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi by BGA Cyber Security
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
BGA Cyber Security1.5K views
3. parti firma risklerinden nasıl korunulur? by BGA Cyber Security
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?
BGA Cyber Security830 views
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları by BGA Cyber Security
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
BGA Cyber Security1.8K views
Webinar: Popüler black marketler by BGA Cyber Security
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketler
BGA Cyber Security345 views
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları by BGA Cyber Security
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıWebinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
BGA Cyber Security787 views
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020 by BGA Cyber Security
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
BGA Cyber Security612 views
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri by BGA Cyber Security
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriDNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
BGA Cyber Security584 views
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak by BGA Cyber Security
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakWebinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
BGA Cyber Security778 views
Open Source Soc Araçları Eğitimi 2020-II by BGA Cyber Security
Open Source Soc Araçları Eğitimi 2020-IIOpen Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-II
BGA Cyber Security547 views
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği by BGA Cyber Security
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiWebinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
BGA Cyber Security360 views
Hacklenmiş Windows Sistem Analizi by BGA Cyber Security
Hacklenmiş Windows Sistem AnaliziHacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem Analizi
BGA Cyber Security770 views
Open Source SOC Kurulumu by BGA Cyber Security
Open Source SOC KurulumuOpen Source SOC Kurulumu
Open Source SOC Kurulumu
BGA Cyber Security1.3K views
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ by BGA Cyber Security
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİRAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
BGA Cyber Security2.4K views
Siber Fidye 2020 Raporu by BGA Cyber Security
Siber Fidye 2020 RaporuSiber Fidye 2020 Raporu
Siber Fidye 2020 Raporu
BGA Cyber Security1.6K views
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu by BGA Cyber Security
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Cyber Security774 views
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler by BGA Cyber Security
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerSOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
BGA Cyber Security2.1K views
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets by BGA Cyber Security
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsVeri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
BGA Cyber Security931 views
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama by BGA Cyber Security
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaAktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
BGA Cyber Security2.1K views

Recently uploaded

Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveNetwork Automation Forum
43 views35 slides
SAP Automation Using Bar Code and FIORI.pdf by
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdfVirendra Rai, PMP
25 views38 slides
Design Driven Network Assurance by
Design Driven Network AssuranceDesign Driven Network Assurance
Design Driven Network AssuranceNetwork Automation Forum
19 views42 slides
Kyo - Functional Scala 2023.pdf by
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
418 views92 slides
PRODUCT LISTING.pptx by
PRODUCT LISTING.pptxPRODUCT LISTING.pptx
PRODUCT LISTING.pptxangelicacueva6
18 views1 slide
Mini-Track: Challenges to Network Automation Adoption by
Mini-Track: Challenges to Network Automation AdoptionMini-Track: Challenges to Network Automation Adoption
Mini-Track: Challenges to Network Automation AdoptionNetwork Automation Forum
17 views27 slides

Recently uploaded(20)

Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum43 views
SAP Automation Using Bar Code and FIORI.pdf by Virendra Rai, PMP
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdf
Virendra Rai, PMP25 views
Design Driven Network Assurance by Network Automation Forum
Design Driven Network AssuranceDesign Driven Network Assurance
Design Driven Network Assurance
Network Automation Forum19 views
Kyo - Functional Scala 2023.pdf by Flavio W. Brasil
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdf
Flavio W. Brasil418 views
PRODUCT LISTING.pptx by angelicacueva6
PRODUCT LISTING.pptxPRODUCT LISTING.pptx
PRODUCT LISTING.pptx
angelicacueva618 views
Mini-Track: Challenges to Network Automation Adoption by Network Automation Forum
Mini-Track: Challenges to Network Automation AdoptionMini-Track: Challenges to Network Automation Adoption
Mini-Track: Challenges to Network Automation Adoption
Network Automation Forum17 views
Scaling Knowledge Graph Architectures with AI by Enterprise Knowledge
Scaling Knowledge Graph Architectures with AIScaling Knowledge Graph Architectures with AI
Scaling Knowledge Graph Architectures with AI
Enterprise Knowledge50 views
"Node.js Development in 2024: trends and tools", Nikita Galkin by Fwdays
"Node.js Development in 2024: trends and tools", Nikita Galkin "Node.js Development in 2024: trends and tools", Nikita Galkin
"Node.js Development in 2024: trends and tools", Nikita Galkin
Fwdays17 views
The Forbidden VPN Secrets.pdf by Mariam Shaba
The Forbidden VPN Secrets.pdfThe Forbidden VPN Secrets.pdf
The Forbidden VPN Secrets.pdf
Mariam Shaba20 views
Melek BEN MAHMOUD.pdf by MelekBenMahmoud
Melek BEN MAHMOUD.pdfMelek BEN MAHMOUD.pdf
Melek BEN MAHMOUD.pdf
MelekBenMahmoud17 views
GDSC CTU First Meeting Party by National Yang Ming Chiao Tung University
GDSC CTU First Meeting PartyGDSC CTU First Meeting Party
GDSC CTU First Meeting Party
National Yang Ming Chiao Tung University11 views
"Running students' code in isolation. The hard way", Yurii Holiuk by Fwdays
"Running students' code in isolation. The hard way", Yurii Holiuk "Running students' code in isolation. The hard way", Yurii Holiuk
"Running students' code in isolation. The hard way", Yurii Holiuk
Fwdays24 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum32 views
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf by Dr. Jimmy Schwarzkopf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdfSTKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
Dr. Jimmy Schwarzkopf24 views
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe by Simone Puorto
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe
2024: A Travel Odyssey The Role of Generative AI in the Tourism Universe
Simone Puorto13 views
The Research Portal of Catalonia: Growing more (information) & more (services) by CSUC - Consorci de Serveis Universitaris de Catalunya
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya115 views
Unit 1_Lecture 2_Physical Design of IoT.pdf by StephenTec
Unit 1_Lecture 2_Physical Design of IoT.pdfUnit 1_Lecture 2_Physical Design of IoT.pdf
Unit 1_Lecture 2_Physical Design of IoT.pdf
StephenTec15 views
Five Things You SHOULD Know About Postman by Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman38 views
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
IttrainingIttraining69 views
Info Session November 2023.pdf by AleksandraKoprivica4
Info Session November 2023.pdfInfo Session November 2023.pdf
Info Session November 2023.pdf
AleksandraKoprivica415 views

ISTSEC 2013 - Bulut Bilişim ve Güvenlik

  • 2. Bulut Bilişim | Özellikler The image part with relations hip ID rId12 was not found in the file.
  • 4. Bulut Hizmetleri Altyapın Hazır ! Platformun Altyapınla Beraber Kurulu Geliyor ! Sadece Kullan ! Servis Olarak Altyapı Servis Olarak Platform Servis Olarak Yazılım Uygulama / Veri Uygulama / Veri Uygulama / Veri Uygulama / Veri Platform Platform Platform Platform Altyapı Altyapı Altyapı Altyapı Şirket İçi •  Altyapı: Sunucu, Ağ, Güvenlik, Depo, Sanallaştırma..vs •  Platform: Veritabanı, Web Hosting, Ortakatman,..vs •  Uygulama: Exchange, Office.. •  Sanal Makineler •  Sanal Ağ •  Servis Olarak Uygulama Yönetimi •  Servis Olarak Veritabanı •  Servis Olarak AD •  Entegrasyon Servisleri •  •  •  •  Servis Olarak ERP Servis Olarak EPosta Servis Olarak CRM Servis Olarak DYS Sizin Yönettiğiniz Bulut Sağlayıcılarının Yönettiği
  • 6. Microsoft’un kapsamlı bulut çözümleri Microsoft Tek tutarlı Siz deneyim Bulut Hizmet Sağlayıcı
  • 7. Unparalleled experience in online security 7
  • 9. Service security starts with the data center Perimeter Security Fire Suppression Multi-factor authentication Extensive Monitoring
  • 10. ISO / IEC 27001:2005 Certification SAS 70 Type I and II attestations (transitioning to SSAE 16/ISAE 3402 SOC 1, 2, and 3) HIPAA/HITECH PCI Data Security Standard Certification FISMA Certification and Accreditation Various State, Federal, and International Privacy Laws (95/46/EC—aka EU Data Protection Directive; California SB1386; etc.)
  • 12. DDoS Protection in Azure •  •  •  •  •  •  •  •  DDoS attacks aiming to exhaust compute, memory, network bandwidth or other resources of a service Windows Azure network infrastructure deploys DDoS defense system Standard DDoS volumetric mitigation techniques such as SYN floods, rate limiting and connection limits Combined with SLBs to sanitize TCP/UDP traffic, including automated DDoS detection and mitigation On ongoing basis we validate that core Windows Azure services have adequate resilience to DDoS attacks DDoS protection for platform services also benefits tenant applications However, it is still possible for tenant applications to be targeted individually §  Customers should actively monitor their applications §  Customers should test their applications for interface specific attacks §  Deploy third part web application firewalls e.g. https://www.barracuda.com/programs/azure If a customer notices their application is attacked, they should contact Azure Customer Support for assistance
  • 13. Platform Integrity •  Reduced OS footprint •  Compute and Access Isolation §  Isolation of the Host from the Guest VMs §  Isolation of Guest VMs from one another §  Host-mediated Guest VM access to network and disk •  Anti-Malware •  Patch management
  • 14. Data Protection •  Redundant storage §  Replicated at least three times in the same datacenter §  Geo-replication to different datacenter •  •  •  •  •  •  Storage accounts and keys Data backup Data deletion and destruction SQL Azure inherits SQL’s authentication/authorization system Data encryption in transit Data encryption at rest - IaaS customers may implement using .NET cryptographic services or EFS
  • 15. Securing Engineering System and Operations •  Strong Identity Assurance •  Granular Access Control •  Access to Customer Data is highly restricted •  Logging and monitoring •  Customers have access to logs of administrator actions affecting them
  • 17. http://www.windowsazure.com/en-us/support/trust-center/ •  One location to aggregate content across Security, Privacy, and Compliance