SlideShare a Scribd company logo

NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armendariz

North Texas Chapter of the ISSA
North Texas Chapter of the ISSA

Critical Criteria for (Cloud) Workload Security

Technology
1 of 20
Download to read offline
@NTXISSA #NTXISSACSC3 Critical Criteria For (Cloud) Workload Security Steve Armendariz Enterprise Sales Director CloudPassage October 3, 2015
@NTXISSA #NTXISSACSC3 Does anyone remember when server security was EASY? NTX ISSA Cyber Security Conference – October 2-3, 2015 2
@NTXISSA #NTXISSACSC3 Times have changed…! NTX ISSA Cyber Security Conference – October 2-3, 2015 3
@NTXISSA #NTXISSACSC3NTX ISSA Cyber Security Conference – October 2-3, 2015 4 Classic Data Center Architecture
@NTXISSA #NTXISSACSC3 Act 1 - Tenants of Traditional Server Security NTX ISSA Cyber Security Conference – October 2-3, 2015 5 • Servers in a trusted network • Segmentation for added protection • Anti-malware (virus) for all servers, added security capability for critical servers • Security had time to plan, test & deploy for each new application • Provisioned with plentiful overhead Servers viewed as “investments”
@NTXISSA #NTXISSACSC3 Act 2 - Server Virtualization – A New Dawn • Economic benefit to adoption • Combatting data center sprawl • Physical servers more powerful • Pressure applied on Security to be: • Faster • More efficient • More accurate • Traditional tools proved adequate NTX ISSA Cyber Security Conference – October 2-3, 2015 6
@NTXISSA #NTXISSACSC3 Virtualization Impacts Traditional Security • Servers in a trusted network • Segmentation for added protection (shared hardware = segmentation challenges) • Anti-malware (virus) for all servers, added security products for critical servers (difficult given VM density, overhead impact and licensing) • Security had time to test & deploy for each new application (policies and images became more powerful) • Provision with plentiful overhead (at odds with VM density) NTX ISSA Cyber Security Conference – October 2-3, 2015 7
@NTXISSA #NTXISSACSC3 Act 3 - Server Workloads - The Next Wave • Utility Computing • Cloud servers or “Cloud server workloads in the data center, public cloud, private cloud or any combination • These server workloads are: • On-demand, Elastic and Agile • Cloned, Orchestrated and Automated • Often short-lived • Can be “containers” (i.e. Docker) • Possibly never patched • Part of an overall movement of deploying and updating faster (DevOps) NTX ISSA Cyber Security Conference – October 2-3, 2015 8
@NTXISSA #NTXISSACSC3 Critical Server Instances Data Center Architecture Changes NTX ISSA Cyber Security Conference – October 2-3, 2015 9 Non-Critical Server Instances - Anti-Malware Semi-critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan Critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan - Config. Monitor - HIPS/HIDS - FIM Internet Data CenterPublic Cloud Some Semi-critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan
@NTXISSA #NTXISSACSC3 Server Workloads Break Security • Servers in a trusted network (Cloud viewed as non-trusted) • Segmentation for added protection (shared hardware = segmentation challenges) • Anti-malware (virus) for all servers, added security products for critical servers (difficult given VM density, overhead impact and licensing) • Security had time to test & deploy for each new application (Security must move faster often with little lead time) • Provision with plentiful overhead (at odds with VM density) NTX ISSA Cyber Security Conference – October 2-3, 2015 10 Servers viewed as “application building blocks”
@NTXISSA #NTXISSACSC3 • Public Cloud servers only accessible from inside the data center’s trusted network • Positioned by many cloud providers to resolve “Tenant #1” • “Servers in a trusted network…” • Issues • Can be cost prohibitive • May impact performance • Does not mitigate security issues NTX ISSA Cyber Security Conference – October 2-3, 2015 11 Cloud VPC = Bringing The Trusted Network Back?
@NTXISSA #NTXISSACSC3 Are Data Center Networks Really Secure? NTX ISSA Cyber Security Conference – October 2-3, 2015 12
@NTXISSA #NTXISSACSC3 Workload Security – The New Tenants • Embrace the “Workload as an Application Building Block” philosophy • Take advantage of automation and orchestration • Small footprints matter • Minimize staff overhead • Total visibility • Limit server communication • Integrate versus manage stand-alone NTX ISSA Cyber Security Conference – October 2-3, 2015 13
@NTXISSA #NTXISSACSC3 The Basics Still Apply • Use server (host) firewalls • Reduce attack surface • Manage East-West traffic • Require multi-factor authentication for server logins • Monitor configurations for “drift” • Discover & address vulnerabilities • Monitor system file integrity • Monitor security logs Dump anti-malware (if you can) NTX ISSA Cyber Security Conference – October 2-3, 2015 14 Radical Thought!!!!
@NTXISSA #NTXISSACSC3 Approaches to Workload Security • Do it manually with multiple security tools • Too time consuming • Many consoles, difficult integration • Use orchestration tools with multiple security tools • Many consoles, difficult integration • Set of security tools can consume more resources than what they’re protecting • Use CloudPassage® Halo® NTX ISSA Cyber Security Conference – October 2-3, 2015 15
@NTXISSA #NTXISSACSC3 CloudPassage Halo: Instant Layered Security for Every Server Workload • One tool providing 8 layers of visibility & enforcement • Using less compute resources than a single-layer point product • Highly automated; “set and forget” security • Add to gold images, protects servers at instantiation NTX ISSA Cyber Security Conference – October 2-3, 2015 16
@NTXISSA #NTXISSACSC3 CloudPassage Halo • A Security Orchestration Framework • Integrated and layered security • Automated into your workflow • Visibility • See vulnerabilities, configuration errors, file integrity, access – no matter where the workload is • Apply controls – even quarantine workloads • Compliance • Drive automation to audits • Continuous vs. point-in-time NTX ISSA Cyber Security Conference – October 2-3, 2015 17
@NTXISSA #NTXISSACSC3 CloudPassage Halo Architecture NTX ISSA Cyber Security Conference – October 2-3, 2015 18
@NTXISSA #NTXISSACSC3 Questions NTX ISSA Cyber Security Conference – October 2-3, 2015 19
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 20 Thank you

Recommended

Secure Your Apps with NGINX Plus and the ModSecurity WAF
Secure Your Apps with NGINX Plus and the ModSecurity WAFSecure Your Apps with NGINX Plus and the ModSecurity WAF
Secure Your Apps with NGINX Plus and the ModSecurity WAFNGINX, Inc.
 
Ending the Tyranny of Expensive Security Tools: A New Hope
Ending the Tyranny of Expensive Security Tools: A New HopeEnding the Tyranny of Expensive Security Tools: A New Hope
Ending the Tyranny of Expensive Security Tools: A New HopeMichele Chubirka
 
Attacking VPN's
Attacking VPN'sAttacking VPN's
Attacking VPN'sn|u - The Open Security Community
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNorth Texas Chapter of the ISSA
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceAlgoSec
 
7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud AdoptionProtectWise
 
Running Secure Server Software on Insecure Hardware Without Parachute
Running Secure Server Software on Insecure Hardware Without ParachuteRunning Secure Server Software on Insecure Hardware Without Parachute
Running Secure Server Software on Insecure Hardware Without ParachuteCloudflare
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 

Recommended

Secure Your Apps with NGINX Plus and the ModSecurity WAF
Secure Your Apps with NGINX Plus and the ModSecurity WAFSecure Your Apps with NGINX Plus and the ModSecurity WAF
Secure Your Apps with NGINX Plus and the ModSecurity WAFNGINX, Inc.
 
Ending the Tyranny of Expensive Security Tools: A New Hope
Ending the Tyranny of Expensive Security Tools: A New HopeEnding the Tyranny of Expensive Security Tools: A New Hope
Ending the Tyranny of Expensive Security Tools: A New HopeMichele Chubirka
 
Attacking VPN's
Attacking VPN'sAttacking VPN's
Attacking VPN'sn|u - The Open Security Community
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNorth Texas Chapter of the ISSA
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceAlgoSec
 
7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud Adoption7 Security Requirements to Accelerate Cloud Adoption
7 Security Requirements to Accelerate Cloud AdoptionProtectWise
 
Running Secure Server Software on Insecure Hardware Without Parachute
Running Secure Server Software on Insecure Hardware Without ParachuteRunning Secure Server Software on Insecure Hardware Without Parachute
Running Secure Server Software on Insecure Hardware Without ParachuteCloudflare
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...Cisco DevNet
 
Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014Cloudflare
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Cloudflare
 
CloudStack Secured
CloudStack SecuredCloudStack Secured
CloudStack SecuredJohn Kinsella
 
Vp ns
Vp nsVp ns
Vp nsAyano Midakso
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkGreater Noida Institute Of Technology
 
Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Cloudflare
 
Matriux blue
Matriux blueMatriux blue
Matriux blueInMobi Technology
 
Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014Cloudflare
 
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...Altoros
 
Security for Complex Networks on AWS
Security for Complex Networks on AWSSecurity for Complex Networks on AWS
Security for Complex Networks on AWSTeri Radichel
 
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo AppMRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo AppNGINX, Inc.
 
Simplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementSimplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementDevOps.com
 
kali linix
kali linixkali linix
kali linixMirza Baig
 
Implementation of IPsec with PKI
Implementation of IPsec with PKIImplementation of IPsec with PKI
Implementation of IPsec with PKISukhpreet Singh
 
Botconf ppt
Botconf pptBotconf ppt
Botconf pptCloudflare
 
Microservices: A Security Nightmare?
Microservices: A Security Nightmare?Microservices: A Security Nightmare?
Microservices: A Security Nightmare?Container Solutions
 
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTTIn search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTTDominik Obermaier
 
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security ThreatsLacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security ThreatsLacework
 
IBM Secret Key management protoco
IBM Secret Key management protocoIBM Secret Key management protoco
IBM Secret Key management protocogori4
 
Examen
ExamenExamen
Examenviridiana29
 
Success in the cloud, why workload matters
Success in the cloud, why workload mattersSuccess in the cloud, why workload matters
Success in the cloud, why workload mattersIBM
 

More Related Content

What's hot

CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...Cisco DevNet
 
Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014Cloudflare
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Cloudflare
 
Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Cloudflare
 
Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014Cloudflare
 
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...Altoros
 
Security for Complex Networks on AWS
Security for Complex Networks on AWSSecurity for Complex Networks on AWS
Security for Complex Networks on AWSTeri Radichel
 
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo AppMRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo AppNGINX, Inc.
 
Simplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementSimplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementDevOps.com
 
Implementation of IPsec with PKI
Implementation of IPsec with PKIImplementation of IPsec with PKI
Implementation of IPsec with PKISukhpreet Singh
 
Microservices: A Security Nightmare?
Microservices: A Security Nightmare?Microservices: A Security Nightmare?
Microservices: A Security Nightmare?Container Solutions
 
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTTIn search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTTDominik Obermaier
 
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security ThreatsLacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security ThreatsLacework
 
IBM Secret Key management protoco
IBM Secret Key management protocoIBM Secret Key management protoco
IBM Secret Key management protocogori4
 

What's hot (20)

CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
CSTA - Cisco Security Technical Alliances, New Ecosystem Program Built on the...
 
Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014Sullivan handshake proxying-ieee-sp_2014
Sullivan handshake proxying-ieee-sp_2014
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013
 
CloudStack Secured
CloudStack SecuredCloudStack Secured
CloudStack Secured
 
Vp ns
Vp nsVp ns
Vp ns
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Sullivan red october-oscon-2014
Sullivan red october-oscon-2014
 
Matriux blue
Matriux blueMatriux blue
Matriux blue
 
Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014Sullivan heartbleed-defcon22 2014
Sullivan heartbleed-defcon22 2014
 
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
Building an IoT Cloud for Healthcare: How to Solve Networking Challenges and ...
 
Security for Complex Networks on AWS
Security for Complex Networks on AWSSecurity for Complex Networks on AWS
Security for Complex Networks on AWS
 
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo AppMRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
MRA AMA: Ingenious: The Journey to Service Mesh using a Microservices Demo App
 
Simplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementSimplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes Management
 
kali linix
kali linixkali linix
kali linix
 
Implementation of IPsec with PKI
Implementation of IPsec with PKIImplementation of IPsec with PKI
Implementation of IPsec with PKI
 
Botconf ppt
Botconf pptBotconf ppt
Botconf ppt
 
Microservices: A Security Nightmare?
Microservices: A Security Nightmare?Microservices: A Security Nightmare?
Microservices: A Security Nightmare?
 
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTTIn search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
In search of the perfect IoT Stack - Scalable IoT Architectures with MQTT
 
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security ThreatsLacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security Threats
 
IBM Secret Key management protoco
IBM Secret Key management protocoIBM Secret Key management protoco
IBM Secret Key management protoco
 

Viewers also liked

Success in the cloud, why workload matters
Success in the cloud, why workload mattersSuccess in the cloud, why workload matters
Success in the cloud, why workload mattersIBM
 
Control the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the WorkloadControl the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the Workloadaregnerus
 
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...EMC
 
Quick & Dirty Tips for : Better PowerPoint Presentations Faster
Quick & Dirty Tips for : Better PowerPoint Presentations FasterQuick & Dirty Tips for : Better PowerPoint Presentations Faster
Quick & Dirty Tips for : Better PowerPoint Presentations FasterEugene Cheng
 
Email Marketing 101: The Welcome Email
Email Marketing 101: The Welcome EmailEmail Marketing 101: The Welcome Email
Email Marketing 101: The Welcome EmailSendGrid
 
The Science of Email Marketing
The Science of Email MarketingThe Science of Email Marketing
The Science of Email MarketingHubSpot
 
Social Proof Tips to Boost Landing Page Conversions
Social Proof Tips to Boost Landing Page ConversionsSocial Proof Tips to Boost Landing Page Conversions
Social Proof Tips to Boost Landing Page ConversionsAngie Schottmuller
 
Pitching Ideas: How to sell your ideas to others
Pitching Ideas: How to sell your ideas to othersPitching Ideas: How to sell your ideas to others
Pitching Ideas: How to sell your ideas to othersJeroen van Geel
 
26 Top Crowdfunding Sites (Infographic)
26 Top Crowdfunding Sites (Infographic)26 Top Crowdfunding Sites (Infographic)
26 Top Crowdfunding Sites (Infographic)Wrike
 
How To Assemble a High Converting eBook
How To Assemble a High Converting eBookHow To Assemble a High Converting eBook
How To Assemble a High Converting eBookUberflip
 
Create icons in PowerPoint
Create icons in PowerPointCreate icons in PowerPoint
Create icons in PowerPointPresentitude
 
People Don't Care About Your Brand
People Don't Care About Your BrandPeople Don't Care About Your Brand
People Don't Care About Your BrandSlides That Rock
 
10 Disruptive Quotes for Entrepreneurs
10 Disruptive Quotes for Entrepreneurs10 Disruptive Quotes for Entrepreneurs
10 Disruptive Quotes for EntrepreneursGuy Kawasaki
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentationixiademandgen
 
The Sharing Economy
The Sharing EconomyThe Sharing Economy
The Sharing EconomyLoic Le Meur
 
Go Viral on the Social Web: The Definitive How-To guide!
Go Viral on the Social Web: The Definitive How-To guide!Go Viral on the Social Web: The Definitive How-To guide!
Go Viral on the Social Web: The Definitive How-To guide!XPLAIN
 
17 Copywriting Do's and Don'ts: How To Write Persuasive Content
17 Copywriting Do's and Don'ts: How To Write Persuasive Content17 Copywriting Do's and Don'ts: How To Write Persuasive Content
17 Copywriting Do's and Don'ts: How To Write Persuasive ContentHenneke Duistermaat
 

Viewers also liked (20)

Examen
ExamenExamen
Examen
 
Success in the cloud, why workload matters
Success in the cloud, why workload mattersSuccess in the cloud, why workload matters
Success in the cloud, why workload matters
 
Control the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the WorkloadControl the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the Workload
 
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...
White Paper: What's on Your Cloud? Workload Deployment Strategies for Private...
 
The Ultimate Freebies Guide for Presentations by @damonify
The Ultimate Freebies Guide for Presentations by @damonifyThe Ultimate Freebies Guide for Presentations by @damonify
The Ultimate Freebies Guide for Presentations by @damonify
 
Quick & Dirty Tips for : Better PowerPoint Presentations Faster
Quick & Dirty Tips for : Better PowerPoint Presentations FasterQuick & Dirty Tips for : Better PowerPoint Presentations Faster
Quick & Dirty Tips for : Better PowerPoint Presentations Faster
 
Email Marketing 101: The Welcome Email
Email Marketing 101: The Welcome EmailEmail Marketing 101: The Welcome Email
Email Marketing 101: The Welcome Email
 
Brand New World
Brand New WorldBrand New World
Brand New World
 
The Science of Email Marketing
The Science of Email MarketingThe Science of Email Marketing
The Science of Email Marketing
 
Social Proof Tips to Boost Landing Page Conversions
Social Proof Tips to Boost Landing Page ConversionsSocial Proof Tips to Boost Landing Page Conversions
Social Proof Tips to Boost Landing Page Conversions
 
Pitching Ideas: How to sell your ideas to others
Pitching Ideas: How to sell your ideas to othersPitching Ideas: How to sell your ideas to others
Pitching Ideas: How to sell your ideas to others
 
26 Top Crowdfunding Sites (Infographic)
26 Top Crowdfunding Sites (Infographic)26 Top Crowdfunding Sites (Infographic)
26 Top Crowdfunding Sites (Infographic)
 
How To Assemble a High Converting eBook
How To Assemble a High Converting eBookHow To Assemble a High Converting eBook
How To Assemble a High Converting eBook
 
Create icons in PowerPoint
Create icons in PowerPointCreate icons in PowerPoint
Create icons in PowerPoint
 
People Don't Care About Your Brand
People Don't Care About Your BrandPeople Don't Care About Your Brand
People Don't Care About Your Brand
 
10 Disruptive Quotes for Entrepreneurs
10 Disruptive Quotes for Entrepreneurs10 Disruptive Quotes for Entrepreneurs
10 Disruptive Quotes for Entrepreneurs
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentation
 
The Sharing Economy
The Sharing EconomyThe Sharing Economy
The Sharing Economy
 
Go Viral on the Social Web: The Definitive How-To guide!
Go Viral on the Social Web: The Definitive How-To guide!Go Viral on the Social Web: The Definitive How-To guide!
Go Viral on the Social Web: The Definitive How-To guide!
 
17 Copywriting Do's and Don'ts: How To Write Persuasive Content
17 Copywriting Do's and Don'ts: How To Write Persuasive Content17 Copywriting Do's and Don'ts: How To Write Persuasive Content
17 Copywriting Do's and Don'ts: How To Write Persuasive Content
 

Similar to NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armendariz

NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...North Texas Chapter of the ISSA
 
2017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f022017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f02Shawn Wells
 
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...North Texas Chapter of the ISSA
 
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...North Texas Chapter of the ISSA
 
Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology Austin Ross
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignAmazon Web Services
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWSAmazon Web Services
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyAmazon Web Services
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure SecurityRicky Sanders
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
MongoDB World 2018: Enterprise Security in the Cloud
MongoDB World 2018: Enterprise Security in the CloudMongoDB World 2018: Enterprise Security in the Cloud
MongoDB World 2018: Enterprise Security in the CloudMongoDB
 
MongoDB World 2018: Enterprise Cloud Security
MongoDB World 2018: Enterprise Cloud SecurityMongoDB World 2018: Enterprise Cloud Security
MongoDB World 2018: Enterprise Cloud SecurityMongoDB
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore apponix123
 

Similar to NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armendariz (20)

NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
 
NTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James LeeNTXISSACSC3 - Metasploit Year in Review by James Lee
NTXISSACSC3 - Metasploit Year in Review by James Lee
 
2017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f022017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f02
 
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
 
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
NTXISSACSC3 - Cyber Warfare: Identifying Attackers Hiding Amongst the Flock b...
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
 
Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology Preatorian Secure partners with Cipher loc - New Encryption Technology
Preatorian Secure partners with Cipher loc - New Encryption Technology
 
Praetorian secure encryption_services_overview
Praetorian secure encryption_services_overviewPraetorian secure encryption_services_overview
Praetorian secure encryption_services_overview
 
Praetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_OverviewPraetorian_Secure_EncryptionServices_Overview
Praetorian_Secure_EncryptionServices_Overview
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By Design
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWS
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure Security
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
MongoDB World 2018: Enterprise Security in the Cloud
MongoDB World 2018: Enterprise Security in the CloudMongoDB World 2018: Enterprise Security in the Cloud
MongoDB World 2018: Enterprise Security in the Cloud
 
MongoDB World 2018: Enterprise Cloud Security
MongoDB World 2018: Enterprise Cloud SecurityMongoDB World 2018: Enterprise Cloud Security
MongoDB World 2018: Enterprise Cloud Security
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore
 

More from North Texas Chapter of the ISSA

Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNorth Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...North Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNorth Texas Chapter of the ISSA
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNorth Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNorth Texas Chapter of the ISSA
 

More from North Texas Chapter of the ISSA (20)

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
 
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc groupNtxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
 

Recently uploaded

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 

NTXISSACSC3 - Critical Criteria for (Cloud) Workload Security by Steve Armendariz

  • 1. @NTXISSA #NTXISSACSC3 Critical Criteria For (Cloud) Workload Security Steve Armendariz Enterprise Sales Director CloudPassage October 3, 2015
  • 2. @NTXISSA #NTXISSACSC3 Does anyone remember when server security was EASY? NTX ISSA Cyber Security Conference – October 2-3, 2015 2
  • 3. @NTXISSA #NTXISSACSC3 Times have changed…! NTX ISSA Cyber Security Conference – October 2-3, 2015 3
  • 4. @NTXISSA #NTXISSACSC3NTX ISSA Cyber Security Conference – October 2-3, 2015 4 Classic Data Center Architecture
  • 5. @NTXISSA #NTXISSACSC3 Act 1 - Tenants of Traditional Server Security NTX ISSA Cyber Security Conference – October 2-3, 2015 5 • Servers in a trusted network • Segmentation for added protection • Anti-malware (virus) for all servers, added security capability for critical servers • Security had time to plan, test & deploy for each new application • Provisioned with plentiful overhead Servers viewed as “investments”
  • 6. @NTXISSA #NTXISSACSC3 Act 2 - Server Virtualization – A New Dawn • Economic benefit to adoption • Combatting data center sprawl • Physical servers more powerful • Pressure applied on Security to be: • Faster • More efficient • More accurate • Traditional tools proved adequate NTX ISSA Cyber Security Conference – October 2-3, 2015 6
  • 7. @NTXISSA #NTXISSACSC3 Virtualization Impacts Traditional Security • Servers in a trusted network • Segmentation for added protection (shared hardware = segmentation challenges) • Anti-malware (virus) for all servers, added security products for critical servers (difficult given VM density, overhead impact and licensing) • Security had time to test & deploy for each new application (policies and images became more powerful) • Provision with plentiful overhead (at odds with VM density) NTX ISSA Cyber Security Conference – October 2-3, 2015 7
  • 8. @NTXISSA #NTXISSACSC3 Act 3 - Server Workloads - The Next Wave • Utility Computing • Cloud servers or “Cloud server workloads in the data center, public cloud, private cloud or any combination • These server workloads are: • On-demand, Elastic and Agile • Cloned, Orchestrated and Automated • Often short-lived • Can be “containers” (i.e. Docker) • Possibly never patched • Part of an overall movement of deploying and updating faster (DevOps) NTX ISSA Cyber Security Conference – October 2-3, 2015 8
  • 9. @NTXISSA #NTXISSACSC3 Critical Server Instances Data Center Architecture Changes NTX ISSA Cyber Security Conference – October 2-3, 2015 9 Non-Critical Server Instances - Anti-Malware Semi-critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan Critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan - Config. Monitor - HIPS/HIDS - FIM Internet Data CenterPublic Cloud Some Semi-critical Server Instances On-server security: - Anti-Malware - Vulnerability Scan
  • 10. @NTXISSA #NTXISSACSC3 Server Workloads Break Security • Servers in a trusted network (Cloud viewed as non-trusted) • Segmentation for added protection (shared hardware = segmentation challenges) • Anti-malware (virus) for all servers, added security products for critical servers (difficult given VM density, overhead impact and licensing) • Security had time to test & deploy for each new application (Security must move faster often with little lead time) • Provision with plentiful overhead (at odds with VM density) NTX ISSA Cyber Security Conference – October 2-3, 2015 10 Servers viewed as “application building blocks”
  • 11. @NTXISSA #NTXISSACSC3 • Public Cloud servers only accessible from inside the data center’s trusted network • Positioned by many cloud providers to resolve “Tenant #1” • “Servers in a trusted network…” • Issues • Can be cost prohibitive • May impact performance • Does not mitigate security issues NTX ISSA Cyber Security Conference – October 2-3, 2015 11 Cloud VPC = Bringing The Trusted Network Back?
  • 12. @NTXISSA #NTXISSACSC3 Are Data Center Networks Really Secure? NTX ISSA Cyber Security Conference – October 2-3, 2015 12
  • 13. @NTXISSA #NTXISSACSC3 Workload Security – The New Tenants • Embrace the “Workload as an Application Building Block” philosophy • Take advantage of automation and orchestration • Small footprints matter • Minimize staff overhead • Total visibility • Limit server communication • Integrate versus manage stand-alone NTX ISSA Cyber Security Conference – October 2-3, 2015 13
  • 14. @NTXISSA #NTXISSACSC3 The Basics Still Apply • Use server (host) firewalls • Reduce attack surface • Manage East-West traffic • Require multi-factor authentication for server logins • Monitor configurations for “drift” • Discover & address vulnerabilities • Monitor system file integrity • Monitor security logs Dump anti-malware (if you can) NTX ISSA Cyber Security Conference – October 2-3, 2015 14 Radical Thought!!!!
  • 15. @NTXISSA #NTXISSACSC3 Approaches to Workload Security • Do it manually with multiple security tools • Too time consuming • Many consoles, difficult integration • Use orchestration tools with multiple security tools • Many consoles, difficult integration • Set of security tools can consume more resources than what they’re protecting • Use CloudPassage® Halo® NTX ISSA Cyber Security Conference – October 2-3, 2015 15
  • 16. @NTXISSA #NTXISSACSC3 CloudPassage Halo: Instant Layered Security for Every Server Workload • One tool providing 8 layers of visibility & enforcement • Using less compute resources than a single-layer point product • Highly automated; “set and forget” security • Add to gold images, protects servers at instantiation NTX ISSA Cyber Security Conference – October 2-3, 2015 16
  • 17. @NTXISSA #NTXISSACSC3 CloudPassage Halo • A Security Orchestration Framework • Integrated and layered security • Automated into your workflow • Visibility • See vulnerabilities, configuration errors, file integrity, access – no matter where the workload is • Apply controls – even quarantine workloads • Compliance • Drive automation to audits • Continuous vs. point-in-time NTX ISSA Cyber Security Conference – October 2-3, 2015 17
  • 18. @NTXISSA #NTXISSACSC3 CloudPassage Halo Architecture NTX ISSA Cyber Security Conference – October 2-3, 2015 18
  • 19. @NTXISSA #NTXISSACSC3 Questions NTX ISSA Cyber Security Conference – October 2-3, 2015 19
  • 20. @NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3 The Collin College Engineering Department Collin College Student Chapter of the North Texas ISSA North Texas ISSA (Information Systems Security Association) NTX ISSA Cyber Security Conference – October 2-3, 2015 20 Thank you