SlideShare a Scribd company logo

Security of the Data Secure the Data SASE, CNAPP and CSMA functions

Digital Devices LTD: Top B2B IT Reseller in UK | Digital Devices
Digital Devices LTD: Top B2B IT Reseller in UK | Digital Devices

Data is now an essential resource available to Enterprises. It's no wonder that there are many criminals trying to stop Enterprise companies by stealing and damaging the data. Data security is about protecting information from being accessed by unauthorized users, data corruption with malicious intent , and theft of data. It is possible to ask why security companies speak about protecting their network, applications, and the endpoints, and less about data. The reason is because data has a significant relationship to data as well as applications and systems. If applications and systems aren't protected from the bad guys Data security isn't feasible. "Data has become the latest Oil This phrase describes the relationship between applications and data. Data is just like oil in its unprocessed form is not beneficial unless it's refined to be used. Software processes data and display it to users in an simple to consume fashion. SASE's function for Data Security Please go through the the Decoding SASE blog to learn more about SASE. SASE plays a crucial role in securing applications that are part of the distributed workforces and distributed deployments in the cloud, On-Prem and public edges. The following sections will highlight the main security issues and the way SASE can address them. Enterprises design and implement many applications to serve various business needs. Each application may not need access to all Enterprise data. In addition, all users of applications do not need access to all information in the application. Because of this "Least Access Privilege" and "Identity Based access Controls" constitute the keys in securing data. Applications aren't as simple anymore. Software developers use a myriad of components, including in-house built as well as purchased and open source. This makes the software more complicated and susceptible to attack. Attackers are likely to use the threat information base and attempt to exploit the weaknesses to gain access to applications, and eventually access to the data. Therefore, securing against threat vulnerabilities is crucial for the security of data.

Technology
1 of 6
Download to read offline
Security of the Data Secure the Data SASE, CNAPP and CSMA functions Data is now an essential resource available to Enterprises. It's no wonder that there are many criminals trying to stop Enterprise companies by stealing and damaging the data. Data security is about protecting information from being accessed by unauthorized users, data corruption with malicious intent , and theft of data. It is possible to ask why security companies speak about protecting their network, applications, and the endpoints, and less about data. The reason is because data has a significant relationship to data as well as applications and systems. If applications and systems aren't protected from the bad guys Data security isn't feasible. "Data has become the latest Oil This phrase describes the relationship between applications and data. Data is just like oil in its unprocessed form is not beneficial unless it's refined to be used. Software processes data and display it to users in an simple to consume fashion. SASE's function for Data Security Please go through the the Decoding SASE blog to learn more about SASE. SASE plays a crucial role in securing applications that are part of the distributed workforces and distributed deployments in the cloud, On-Prem and public edges. The following sections will highlight the main security issues and the way SASE can address them. Enterprises design and implement many applications to serve various business needs. Each application may not need access to all Enterprise data. In addition, all users of applications do not need access to all information in the application. Because of this "Least Access Privilege" and "Identity Based access Controls" constitute the keys in securing data. Applications aren't as simple anymore. Software developers use a myriad of components, including in-house built as well as purchased and open source. This makes the software more complicated and susceptible to attack. Attackers are likely to use the threat information base and attempt to exploit the weaknesses to gain access to applications, and eventually access to the data. Therefore, securing against threat vulnerabilities is crucial for the security of data. Administration of applications and systems is crucial since administrators of applications typically enjoy higher privileges. Any theft of administrator credentials accounts can cause chaos for Enterprises. Certain security strategies, like the use of a second layer of MFA, limiting users accessing their accounts from unsecure or unknown places, and limiting users with unusual behavior patterns are required to protect data. Enterprises use applications across multiple locations to provide a low -latency experience to the workforce distributed across the globe and ensure that the
applications are able to handle increased or unusual loads. In distributed applications the data also gets distributed. This is why security should also be distributed to combat the rise in demand and DDoS attack on apps. ZTNA (Zero Trust Network Access) platform as well as its NGFW (Next Generation Firewall) of SASE solves the security issues above. Because of this, SASE is fast becoming one of the most important cybersecurity tools that tackle data security by protecting applications and enabling authorization and access controls based on an identity. One could ask, "Are ZTNA and NGFW sufficient to secure the application and thus securing the data. With Cloud transformation that leverages public cloud infrastructure, public edges and Enterprise applications will create more attack points. Data security is the need to fix these attack points. This is the point where CNAPP is able to help. An increase in attack surface is possible with cloud transformation Cloud transformation of less complex applications can reduce Enterprises response since security for the software for infrastructure is handled by cloud providers. In this scenario, application developers are increasingly focused on the business aspects and leaving the more mundane software components' work to cloud service providers. It's true that developers must concentrate only on the application logic, and leave maintenance and security patches for operating frameworks, frameworks, and general services like database storage, file storage key management and authenti cation systems, authorization systems, and observation systems to cloud providers and thereby making security responsibility that are confined to applications However, distributed workforces and the new varieties of applications that require low latency experiences are making deployment of applications and opening up more attack areas. Applications are becoming increasingly required to be deployed across multiple locations , not just across the regions of a cloud provider as well as over multiple cloud service providers as well as edge providers to ensure the an optimal user experience. Furthermore the majority of applications are installed in Edges on a per- demand basis. In other words, they are only deployed when there are customers nearby that require services from the application. Implementing the complete applications across the Edges is not recommended for costs reasons. Welcoming to the microservice architecture. Applications developers are adopting microservice architecture not only to achieve increased productivity but also to allow part-time application deployment on Edges and to keep all the rest in the cloud. The next image (made easy to understand for speed) illustrates the microservices - based application deployment. In this example of an arbitrary application Microservice 1 and 2 for the program are placed on the Edges to provide a low latency experiences, while Microservice 3, and 4 are deployed to the cloud for various other functions that the app needs to perform. There are five attack surface areas that are shown in the figure. 1. Communication between clients at the end with front-end microservices 1. inter- microservice communication between Edges & Cloud
2. Communication between microservices in the cloud or in edge locations. 3. Microservices that communicate with application microservices as well as cloud/edge service providers 4. Contact with service providers coming from outside to providers services. 5. Microservices are internal software components that make up microservices. A comprehensive security system is expected to cover all possible attack points. Surfaces of attack (1) are addressed through SASE ZTNA & NGFW. Other attack surfaces have come to light because of distributed computing, microservice architecture , and applications that use cloud-based services. As this is most likely because of cloud/edge transformations, Gartner defined a new category called the CNAPP model to tackle the security issues. CNAPP (Cloud Native Application Protection Platform) to counter the increase in attacks CNAPP is a cloud-native security technology that blends Cloud Security Posture Management (CSPM), Cloud Service Network Security (CSNS) and Cloud Workload Protection Platform (CWPP) on a single platform. By combining several cloud security tools into a single system, CNAPP provides benefits such as a comprehensive view of the all phases of the application lifecycle - design deployment to runtime phases as well as comprehensive control for a range of technology. Similar to other terms created by Gartner, CNAPP term is also expected to facilitate a common understanding of security functions and platform capabilities for both consumers and suppliers. Let's look at what CNAPP comprises and then assign the attack surface to the constituents. Cloud Security Posture Management (CSPM): CSPM capability gives Enterprises the ability to see the services and cloud resources Enterprise applications utilize from various cloud providers. CSPM additionally maps cloud-based services and applications which use these services. The biggest benefits of CSPMs is the ability to scan configurations to spot any incorrect configurations. As cloud services are very general, their security is as strong as the configuration. It is essential to know that cloud provider services can be multi - tenant and their access isn't managed by enterprises. If they're configured incorrectly and accessed by attackers, they can access these services and take over and da mage the data. For instance that if a database server is configured to permit access to anyone by accident the service could be able to give away the Enterprise information stored by the applications within the database. CSPMs additionally conduct check for compliance of the cloud services' information and provide visibility of compliance violations for Enterprises. Cloud Service Network Security (CSNS): CSNS provides network security at the microservice level of the application and also the security of networks between microservices as well as cloud services. Its function is similar to ZTNA/SASE. Its features include NGFW WAF, NGFW, Identity controlled access based on identity WAF, API protection as well as DoS/DDoS security. CSNS differs in its speed in comparison to traditional security. Because of the dynamic nature of workloads, CSNS security life cycle should be aligned with the lifecycle of the applications.
CSNS is a defense against attack surfaces (2) as well as (3) as shown in this image . is the most fundamental way CSNS offers security to networks to E-W data. Cloud Workload Protection Platform (CWPP):CWPP function predominantly checks for • Potential vulnerabilities in the images of workloads (VM Serverless, Container, VM) by analysing the images, taking a copy of inventory inventory and software versions, and checking databases for threat intelligence to discover any vulnerabilities that are known to exist in the inventory of software. • Unwanted software and malware detection is included in these images in order to make sure no malware has been introduced into the supply chain. • Exploits can be detected at run-time via Host Intrusion Prevention technology. • Protection of memory during runtime with secure guarding techniques such as Intel SGx. • Runtime workload protection via RASP (Runtime Application Self Protection) With the increasing popularity of Kubernetes for application development, a variety of technologies are available to run on Kubernetes. KSPM (Kubernetes Security Posture Management) is like CSPM however it is specifically tuned for Kubernetes. It is possible that in the case that in the near future and one could see terms like KWPP (Kubernetes Workload Protection Platform) and KSNS (Kubernetes Network Security Service). SASE and CSNS The CSNS function looks similar to ZTNA and ZTNA functionality is similar to NGFW and. It is because they are both networking security techniques. Enterprises want the same technology used for E-W (North-South) as well as East-West (East-West) transport. This is why it is believed that CSNS functions will be offered through SASE providers. Universal SASE is expected to deal with all network-related attack points, regardless of regardless of whether they're WAN, Kubernetes networks, Kubernetes networks using service meshes, VPC networks, Edge networks, etc. This is apparently the current trend and is accepted since numerous CNAPP providers do not talk much about CSNS any more. Cyber Security Mesh Architecture (CSMA) One of the major problems Enterprises have to face is the problem of security silos. Enterprises have to implement numerous security functions across a variety of vendors to meet on-prem Security, Endpoint security, Security for Networks, Security Cloud security requirements. Each security feature comes with the ability to manage policies, observeability as well as a data plane. This means that management and visibility become more complicated which can lead to security configuration mistakes and consequently delayed or missed security incident detection and responses. Gartner invented the CSMA term to be part of their security thinking leadership. Gartner realized that Enterprises have to look for multiple security functions offered by different security vendors. CSMA concept is attempting to meet the requirements of Enterprises which require a single pane of glass for policy management and observability. Gartner identified a set of guidelines that must be adhered to by security vendors to facilitate the composition of security functions across multiple systems. Most important is the API accessibility by security vendors that goes over CLI as well as Portal
interfaces. API-first approaches allow Enterprises as well as managed security companies to create an integrated dashboard for managing policies and analytics on security. Gartner is also adamant about the necessity for an "identity fabric' that is decentralized in the identity of users. Nowadays, enterprises manage the database of credentials using technology like AD, LDAP, SAML IdPs and OIDC IdPs and others. Although it's acceptable to keep a database of employee identities, keeping an ID database for all public users poses a problem from security and privacy aspects. Transferring identity databases and identification checks on to distributed identities is beneficial for both enterprises and users. ADI Association and W3C are developing a common framework and specifications for a the decentralized identity fabric. Although CSMA is not directly addressing security issues, this design minimizes security configuration errors and also provides E2E visibility to speed up response to incidents and detection. SASE along with CNAPP are both in the right direction of realizing CSMA. SASE integrates all security and network functions , by offering a single-pane of glass to manage security policies for networks and visibility. CNAPP brings the cloud-based security features into one. CSMA is a different level of consolidation that encompasses SASE, CNAPP, Endpoint security identity, as well as various other cybersecurity technology. Summary Data security is a complex process that requires a variety of techniques, including Data encryption Data management, Data masking, and Cybersecurity. SASE plays a crucial component of Cybersecurity. Cloud and Edge transformations, coupled with the latest applications architectures like Microservice architecture can expose more attack areas. CNAPP together to Universal SASE addresses the security problems associated with the advent of new attack surface types. DIGITAL DEVICES LTD Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.
Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.

Recommended

SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfSahilSingh316535
 
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and SolutionsSecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutionsijccsa
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
improve cloud security
improve cloud securityimprove cloud security
improve cloud securityBalkees Shereek
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computingSuranga Nisiwasala
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...ijccsa
 

Recommended

SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfSahilSingh316535
 
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and SolutionsSecSecuring Software as a Service Model of Cloud Computing: Issues and Solutions
SecSecuring Software as a Service Model of Cloud Computing: Issues and Solutionsijccsa
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
improve cloud security
improve cloud securityimprove cloud security
improve cloud securityBalkees Shereek
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computingSuranga Nisiwasala
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...ijccsa
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Cloud computing
Cloud computingCloud computing
Cloud computingDulith Kasun
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Cloud Data Protection for the Masses
Cloud Data Protection for the MassesCloud Data Protection for the Masses
Cloud Data Protection for the MassesIRJET Journal
 
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud EnvironmentsA Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environmentsmlaij
 
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...United International Journal for Research & Technology
 
A017130104
A017130104A017130104
A017130104IOSR Journals
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelinesSrishti Ahuja
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelinesSrishti Ahuja
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...ijcnes
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --SymantecAbhishek Sood
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET Journal
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
From One Crisis to the Next: Supply Chain Issues and Climate Change
From One Crisis to the Next: Supply Chain Issues and Climate ChangeFrom One Crisis to the Next: Supply Chain Issues and Climate Change
From One Crisis to the Next: Supply Chain Issues and Climate ChangeDigital Devices LTD: Top B2B IT Reseller in UK | Digital Devices
 
What CEOs Really Want From CIOs of today (2).pdf
What CEOs Really Want From CIOs of today (2).pdfWhat CEOs Really Want From CIOs of today (2).pdf
What CEOs Really Want From CIOs of today (2).pdfDigital Devices LTD: Top B2B IT Reseller in UK | Digital Devices
 

More Related Content

Similar to Security of the Data Secure the Data SASE, CNAPP and CSMA functions

Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Cloud Data Protection for the Masses
Cloud Data Protection for the MassesCloud Data Protection for the Masses
Cloud Data Protection for the MassesIRJET Journal
 
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud EnvironmentsA Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environmentsmlaij
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelinesSrishti Ahuja
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelinesSrishti Ahuja
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...ijcnes
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --SymantecAbhishek Sood
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET Journal
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 

Similar to Security of the Data Secure the Data SASE, CNAPP and CSMA functions (20)

Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud Data Protection for the Masses
Cloud Data Protection for the MassesCloud Data Protection for the Masses
Cloud Data Protection for the Masses
 
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud EnvironmentsA Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
 
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
 
A017130104
A017130104A017130104
A017130104
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud Computing
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi Clouds
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 

More from Digital Devices LTD: Top B2B IT Reseller in UK | Digital Devices

More from Digital Devices LTD: Top B2B IT Reseller in UK | Digital Devices (20)

From One Crisis to the Next: Supply Chain Issues and Climate Change
From One Crisis to the Next: Supply Chain Issues and Climate ChangeFrom One Crisis to the Next: Supply Chain Issues and Climate Change
From One Crisis to the Next: Supply Chain Issues and Climate Change
 
What CEOs Really Want From CIOs of today (2).pdf
What CEOs Really Want From CIOs of today (2).pdfWhat CEOs Really Want From CIOs of today (2).pdf
What CEOs Really Want From CIOs of today (2).pdf
 
New Hacktivism Model Trends Worldwide
New Hacktivism Model Trends WorldwideNew Hacktivism Model Trends Worldwide
New Hacktivism Model Trends Worldwide
 
What Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets BreachedWhat Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets Breached
 
How Extended Security Posture Management Empowers Every Security Team
How Extended Security Posture Management Empowers Every Security TeamHow Extended Security Posture Management Empowers Every Security Team
How Extended Security Posture Management Empowers Every Security Team
 
Designing Channels 6GHz
Designing Channels 6GHzDesigning Channels 6GHz
Designing Channels 6GHz
 
IoT Devices Security from Within - Why IoT devices require a different securi...
IoT Devices Security from Within - Why IoT devices require a different securi...IoT Devices Security from Within - Why IoT devices require a different securi...
IoT Devices Security from Within - Why IoT devices require a different securi...
 
Forecasting Metaverse Threats: Will it Become Metaworse?
Forecasting Metaverse Threats: Will it Become Metaworse?Forecasting Metaverse Threats: Will it Become Metaworse?
Forecasting Metaverse Threats: Will it Become Metaworse?
 
XDR - The latest TLA or the Newest Cyber Shield.
XDR - The latest TLA or the Newest Cyber Shield.XDR - The latest TLA or the Newest Cyber Shield.
XDR - The latest TLA or the Newest Cyber Shield.
 
How Cyber Resilience Enables Business Growth
How Cyber Resilience Enables Business GrowthHow Cyber Resilience Enables Business Growth
How Cyber Resilience Enables Business Growth
 
The Way Quantum Computing Will Change Encryption Forever
The Way Quantum Computing Will Change Encryption ForeverThe Way Quantum Computing Will Change Encryption Forever
The Way Quantum Computing Will Change Encryption Forever
 
A digital attack surface map is in order.
A digital attack surface map is in order.A digital attack surface map is in order.
A digital attack surface map is in order.
 
The thirst of a worker can cause toxic resumes
The thirst of a worker can cause toxic resumesThe thirst of a worker can cause toxic resumes
The thirst of a worker can cause toxic resumes
 
3 Reasons Manufacturers Are a Prime Target for Cyberattacks
3 Reasons Manufacturers Are a Prime Target for Cyberattacks3 Reasons Manufacturers Are a Prime Target for Cyberattacks
3 Reasons Manufacturers Are a Prime Target for Cyberattacks
 
No More Ransom - Six Years of Innovating to Fight Ransomware Together
No More Ransom - Six Years of Innovating to Fight Ransomware TogetherNo More Ransom - Six Years of Innovating to Fight Ransomware Together
No More Ransom - Six Years of Innovating to Fight Ransomware Together
 
Safeguarding Against the Five Stages Of a Ransomware Attack
Safeguarding Against the Five Stages Of a Ransomware AttackSafeguarding Against the Five Stages Of a Ransomware Attack
Safeguarding Against the Five Stages Of a Ransomware Attack
 
2022 Cymulate Breaches Survey - Five Key Takeaways
2022 Cymulate Breaches Survey - Five Key Takeaways2022 Cymulate Breaches Survey - Five Key Takeaways
2022 Cymulate Breaches Survey - Five Key Takeaways
 
Part 1: Data Distribution Service
Part 1: Data Distribution ServicePart 1: Data Distribution Service
Part 1: Data Distribution Service
 
How Cyber Resilience Enables Business Growth
How Cyber Resilience Enables Business GrowthHow Cyber Resilience Enables Business Growth
How Cyber Resilience Enables Business Growth
 
Manual user provisioning is dangerous
Manual user provisioning is dangerousManual user provisioning is dangerous
Manual user provisioning is dangerous
 

Recently uploaded

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Security of the Data Secure the Data SASE, CNAPP and CSMA functions

  • 1. Security of the Data Secure the Data SASE, CNAPP and CSMA functions Data is now an essential resource available to Enterprises. It's no wonder that there are many criminals trying to stop Enterprise companies by stealing and damaging the data. Data security is about protecting information from being accessed by unauthorized users, data corruption with malicious intent , and theft of data. It is possible to ask why security companies speak about protecting their network, applications, and the endpoints, and less about data. The reason is because data has a significant relationship to data as well as applications and systems. If applications and systems aren't protected from the bad guys Data security isn't feasible. "Data has become the latest Oil This phrase describes the relationship between applications and data. Data is just like oil in its unprocessed form is not beneficial unless it's refined to be used. Software processes data and display it to users in an simple to consume fashion. SASE's function for Data Security Please go through the the Decoding SASE blog to learn more about SASE. SASE plays a crucial role in securing applications that are part of the distributed workforces and distributed deployments in the cloud, On-Prem and public edges. The following sections will highlight the main security issues and the way SASE can address them. Enterprises design and implement many applications to serve various business needs. Each application may not need access to all Enterprise data. In addition, all users of applications do not need access to all information in the application. Because of this "Least Access Privilege" and "Identity Based access Controls" constitute the keys in securing data. Applications aren't as simple anymore. Software developers use a myriad of components, including in-house built as well as purchased and open source. This makes the software more complicated and susceptible to attack. Attackers are likely to use the threat information base and attempt to exploit the weaknesses to gain access to applications, and eventually access to the data. Therefore, securing against threat vulnerabilities is crucial for the security of data. Administration of applications and systems is crucial since administrators of applications typically enjoy higher privileges. Any theft of administrator credentials accounts can cause chaos for Enterprises. Certain security strategies, like the use of a second layer of MFA, limiting users accessing their accounts from unsecure or unknown places, and limiting users with unusual behavior patterns are required to protect data. Enterprises use applications across multiple locations to provide a low -latency experience to the workforce distributed across the globe and ensure that the
  • 2. applications are able to handle increased or unusual loads. In distributed applications the data also gets distributed. This is why security should also be distributed to combat the rise in demand and DDoS attack on apps. ZTNA (Zero Trust Network Access) platform as well as its NGFW (Next Generation Firewall) of SASE solves the security issues above. Because of this, SASE is fast becoming one of the most important cybersecurity tools that tackle data security by protecting applications and enabling authorization and access controls based on an identity. One could ask, "Are ZTNA and NGFW sufficient to secure the application and thus securing the data. With Cloud transformation that leverages public cloud infrastructure, public edges and Enterprise applications will create more attack points. Data security is the need to fix these attack points. This is the point where CNAPP is able to help. An increase in attack surface is possible with cloud transformation Cloud transformation of less complex applications can reduce Enterprises response since security for the software for infrastructure is handled by cloud providers. In this scenario, application developers are increasingly focused on the business aspects and leaving the more mundane software components' work to cloud service providers. It's true that developers must concentrate only on the application logic, and leave maintenance and security patches for operating frameworks, frameworks, and general services like database storage, file storage key management and authenti cation systems, authorization systems, and observation systems to cloud providers and thereby making security responsibility that are confined to applications However, distributed workforces and the new varieties of applications that require low latency experiences are making deployment of applications and opening up more attack areas. Applications are becoming increasingly required to be deployed across multiple locations , not just across the regions of a cloud provider as well as over multiple cloud service providers as well as edge providers to ensure the an optimal user experience. Furthermore the majority of applications are installed in Edges on a per- demand basis. In other words, they are only deployed when there are customers nearby that require services from the application. Implementing the complete applications across the Edges is not recommended for costs reasons. Welcoming to the microservice architecture. Applications developers are adopting microservice architecture not only to achieve increased productivity but also to allow part-time application deployment on Edges and to keep all the rest in the cloud. The next image (made easy to understand for speed) illustrates the microservices - based application deployment. In this example of an arbitrary application Microservice 1 and 2 for the program are placed on the Edges to provide a low latency experiences, while Microservice 3, and 4 are deployed to the cloud for various other functions that the app needs to perform. There are five attack surface areas that are shown in the figure. 1. Communication between clients at the end with front-end microservices 1. inter- microservice communication between Edges & Cloud
  • 3. 2. Communication between microservices in the cloud or in edge locations. 3. Microservices that communicate with application microservices as well as cloud/edge service providers 4. Contact with service providers coming from outside to providers services. 5. Microservices are internal software components that make up microservices. A comprehensive security system is expected to cover all possible attack points. Surfaces of attack (1) are addressed through SASE ZTNA & NGFW. Other attack surfaces have come to light because of distributed computing, microservice architecture , and applications that use cloud-based services. As this is most likely because of cloud/edge transformations, Gartner defined a new category called the CNAPP model to tackle the security issues. CNAPP (Cloud Native Application Protection Platform) to counter the increase in attacks CNAPP is a cloud-native security technology that blends Cloud Security Posture Management (CSPM), Cloud Service Network Security (CSNS) and Cloud Workload Protection Platform (CWPP) on a single platform. By combining several cloud security tools into a single system, CNAPP provides benefits such as a comprehensive view of the all phases of the application lifecycle - design deployment to runtime phases as well as comprehensive control for a range of technology. Similar to other terms created by Gartner, CNAPP term is also expected to facilitate a common understanding of security functions and platform capabilities for both consumers and suppliers. Let's look at what CNAPP comprises and then assign the attack surface to the constituents. Cloud Security Posture Management (CSPM): CSPM capability gives Enterprises the ability to see the services and cloud resources Enterprise applications utilize from various cloud providers. CSPM additionally maps cloud-based services and applications which use these services. The biggest benefits of CSPMs is the ability to scan configurations to spot any incorrect configurations. As cloud services are very general, their security is as strong as the configuration. It is essential to know that cloud provider services can be multi - tenant and their access isn't managed by enterprises. If they're configured incorrectly and accessed by attackers, they can access these services and take over and da mage the data. For instance that if a database server is configured to permit access to anyone by accident the service could be able to give away the Enterprise information stored by the applications within the database. CSPMs additionally conduct check for compliance of the cloud services' information and provide visibility of compliance violations for Enterprises. Cloud Service Network Security (CSNS): CSNS provides network security at the microservice level of the application and also the security of networks between microservices as well as cloud services. Its function is similar to ZTNA/SASE. Its features include NGFW WAF, NGFW, Identity controlled access based on identity WAF, API protection as well as DoS/DDoS security. CSNS differs in its speed in comparison to traditional security. Because of the dynamic nature of workloads, CSNS security life cycle should be aligned with the lifecycle of the applications.
  • 4. CSNS is a defense against attack surfaces (2) as well as (3) as shown in this image . is the most fundamental way CSNS offers security to networks to E-W data. Cloud Workload Protection Platform (CWPP):CWPP function predominantly checks for • Potential vulnerabilities in the images of workloads (VM Serverless, Container, VM) by analysing the images, taking a copy of inventory inventory and software versions, and checking databases for threat intelligence to discover any vulnerabilities that are known to exist in the inventory of software. • Unwanted software and malware detection is included in these images in order to make sure no malware has been introduced into the supply chain. • Exploits can be detected at run-time via Host Intrusion Prevention technology. • Protection of memory during runtime with secure guarding techniques such as Intel SGx. • Runtime workload protection via RASP (Runtime Application Self Protection) With the increasing popularity of Kubernetes for application development, a variety of technologies are available to run on Kubernetes. KSPM (Kubernetes Security Posture Management) is like CSPM however it is specifically tuned for Kubernetes. It is possible that in the case that in the near future and one could see terms like KWPP (Kubernetes Workload Protection Platform) and KSNS (Kubernetes Network Security Service). SASE and CSNS The CSNS function looks similar to ZTNA and ZTNA functionality is similar to NGFW and. It is because they are both networking security techniques. Enterprises want the same technology used for E-W (North-South) as well as East-West (East-West) transport. This is why it is believed that CSNS functions will be offered through SASE providers. Universal SASE is expected to deal with all network-related attack points, regardless of regardless of whether they're WAN, Kubernetes networks, Kubernetes networks using service meshes, VPC networks, Edge networks, etc. This is apparently the current trend and is accepted since numerous CNAPP providers do not talk much about CSNS any more. Cyber Security Mesh Architecture (CSMA) One of the major problems Enterprises have to face is the problem of security silos. Enterprises have to implement numerous security functions across a variety of vendors to meet on-prem Security, Endpoint security, Security for Networks, Security Cloud security requirements. Each security feature comes with the ability to manage policies, observeability as well as a data plane. This means that management and visibility become more complicated which can lead to security configuration mistakes and consequently delayed or missed security incident detection and responses. Gartner invented the CSMA term to be part of their security thinking leadership. Gartner realized that Enterprises have to look for multiple security functions offered by different security vendors. CSMA concept is attempting to meet the requirements of Enterprises which require a single pane of glass for policy management and observability. Gartner identified a set of guidelines that must be adhered to by security vendors to facilitate the composition of security functions across multiple systems. Most important is the API accessibility by security vendors that goes over CLI as well as Portal
  • 5. interfaces. API-first approaches allow Enterprises as well as managed security companies to create an integrated dashboard for managing policies and analytics on security. Gartner is also adamant about the necessity for an "identity fabric' that is decentralized in the identity of users. Nowadays, enterprises manage the database of credentials using technology like AD, LDAP, SAML IdPs and OIDC IdPs and others. Although it's acceptable to keep a database of employee identities, keeping an ID database for all public users poses a problem from security and privacy aspects. Transferring identity databases and identification checks on to distributed identities is beneficial for both enterprises and users. ADI Association and W3C are developing a common framework and specifications for a the decentralized identity fabric. Although CSMA is not directly addressing security issues, this design minimizes security configuration errors and also provides E2E visibility to speed up response to incidents and detection. SASE along with CNAPP are both in the right direction of realizing CSMA. SASE integrates all security and network functions , by offering a single-pane of glass to manage security policies for networks and visibility. CNAPP brings the cloud-based security features into one. CSMA is a different level of consolidation that encompasses SASE, CNAPP, Endpoint security identity, as well as various other cybersecurity technology. Summary Data security is a complex process that requires a variety of techniques, including Data encryption Data management, Data masking, and Cybersecurity. SASE plays a crucial component of Cybersecurity. Cloud and Edge transformations, coupled with the latest applications architectures like Microservice architecture can expose more attack areas. CNAPP together to Universal SASE addresses the security problems associated with the advent of new attack surface types. DIGITAL DEVICES LTD Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.
  • 6. Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.