Layer 7: Cloud Security For The Public Sector

CA API Management
CA API ManagementCA API Management
Cloud Security for Public Sector Tower Club Presented by: Adam Vincent, CTO Public Sector, Layer 7 Technologies avincent@gov.layer7tech.com
In the Cloud Risks to Cloud Consumers: • Security and Privacy – how can I be sure that my data and applications will be secure? • Business Continuity – what happens if my Internet provider or cloud provider goes down? • Business Value – how can I be sure my cloud service provider is meeting my SLA? • Compliance – how can I ensure regulatory/legal compliance? “Sharing the Cloud” 2 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
Traditional Information Assurance - Multi-Tenant Multi-Tenant Cloud Environments = Problem Cloud Consumers 3 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
Introducing New Risk: Cloud Attack Surface Enterprise Enterprise Enterprise Perimeter Zone Internet Zone Perimeter Zone Internet Zone Perimeter Zone Internet Zone Traditional Software/OS & Perimeter Defense ApplicationZone Perimeter Zone ApplicationZone Perimeter Zone ApplicationZone Perimeter Zone Virtual Server Zone Application Zone Virtual Server Zone Application Zone Virtual Server Zone Application Zone Cloud API’s & Governance Shared API’s & Cloud Governance vulnerabilities Hypervisor Exploitation Shared Hypervisor Hardware Exploitation Shared Hardware & Supply Chain Insider Threat Shared People 4 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
Introducing New Risk: When the Cloud Attacks Leveraging the Cloud Nefariously: • Denial of Service – how can I be sure that my cloud is not being used to launch a DoS? • Cryptographic Analysis– how can I be sure that my cloud isn’t working towards breaking someone's encryption? • Command & Control – how can I ensure that my cloud is not providing an adversary a platform to monitor and control a cyber attack? “Responsibility for Good not Evil” 5 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
Example: Thunderclap Proof of Concept Thunderclap – “Cloud Computing – A Weapon of Mass Destruction? (DEFCON 2010)” • Proof of Concept showing how DDoS attack could be run from the cloud Value Proposition (my interpretation) • Performance: Massive Bandwidth & Power = Plentiful • Up Front Cost: Stolen Credit Card Number = Free • Time: Little to none once initial R&D is completed = Time for hobbies • Value: Charge $$$ to highest bidder = Make massive profit Conclusion: Not a bad business model! 6 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
Conclusions  Cloud provides a powerful & agile capability for small, medium, and large businesses.  Cloud Consumers - Connect: “your cloud capabilities” to current information assurance/cyber defense solutions & requirements - Protect: “your cloud capabilities” from the threat of shared governance, API’s, networks, virtualization platforms, and hardware  Cloud Providers - Control: “your cloud infrastructure” with detection and discovery to ensure that it isn't being abused, directed against others, compromised or used for free Layer 7 Technologies: CloudSpan products: CloudConnect, CloudProtect and CloudControl help organizations at each stage of their cloud adoption curve, from consuming SaaS services, to running applications securely in the cloud, to becoming a provider of cloud and SaaS services. 7 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
1 of 7

Layer 7: Cloud Security For The Public Sector

Download to read offline
Technology

Presentation by Layer 7 Public Sector CTO Adam Vincent on Cloud risks, threats and security for the public sector.

CA API Management
CA API ManagementCA API Management

Recommended

Bridging the Enterprise and the Cloud from Layer 7 by
Bridging the Enterprise and the Cloud from Layer 7Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7CA API Management
634 views32 slides
Open APIs + Software Competitions = Innovative & Creative Solutions by
Open APIs + Software Competitions = Innovative & Creative SolutionsOpen APIs + Software Competitions = Innovative & Creative Solutions
Open APIs + Software Competitions = Innovative & Creative SolutionsCA API Management
683 views29 slides
Security As A Service by
Security As A ServiceSecurity As A Service
Security As A ServiceGeorge Fares
1.2K views14 slides
Cloud Escrow van Escrow Alliance by
Cloud Escrow van Escrow AllianceCloud Escrow van Escrow Alliance
Cloud Escrow van Escrow AllianceEscrowDirect.eu
451 views29 slides
John Merline - How make your cloud SASE by
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE AWS Chicago
197 views17 slides
Strategy Cloud and Security as a Service by
Strategy Cloud and Security as a ServiceStrategy Cloud and Security as a Service
Strategy Cloud and Security as a ServiceAberla
948 views13 slides

More Related Content

What's hot

2012 10 cloud security architecture by
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architectureVladimir Jirasek
1K views7 slides
Cloud security and security architecture by
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
27.8K views12 slides
SECURE CLOUD ARCHITECTURE by
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
456 views14 slides
Cloud Access Security Brokers - CASB by
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
2.8K views25 slides
PCI and the Cloud by
PCI and the CloudPCI and the Cloud
PCI and the CloudCloudPassage
729 views45 slides
Architect secure cloud services. by
Architect secure cloud services.Architect secure cloud services.
Architect secure cloud services.Moshe Ferber
852 views36 slides

What's hot(20)

2012 10 cloud security architecture by Vladimir Jirasek
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architecture
Vladimir Jirasek1K views
Cloud security and security architecture by Vladimir Jirasek
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek27.8K views
SECURE CLOUD ARCHITECTURE by acijjournal
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
acijjournal456 views
Cloud Access Security Brokers - CASB by Samrat Das
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
Samrat Das2.8K views
PCI and the Cloud by CloudPassage
PCI and the CloudPCI and the Cloud
PCI and the Cloud
CloudPassage729 views
Architect secure cloud services. by Moshe Ferber
Architect secure cloud services.Architect secure cloud services.
Architect secure cloud services.
Moshe Ferber852 views
How SASE can help you move securely from the PSN with VMware and Breeze Networks by Articulate Marketing
How SASE can help you move securely from the PSN with VMware and Breeze NetworksHow SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze Networks
Articulate Marketing662 views
Trend micro v2 by JD Sherry
Trend micro v2Trend micro v2
Trend micro v2
JD Sherry2.7K views
Ot ics cyberattaques dans les organisations industrielles by Cisco Canada
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
Cisco Canada347 views
What Comes After VPN? by Zscaler
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler783 views
Ea2009 Cloud Computing Discussion by Marc Caltabiano
Ea2009 Cloud Computing DiscussionEa2009 Cloud Computing Discussion
Ea2009 Cloud Computing Discussion
Marc Caltabiano1.4K views
Cloud vs. On-Premises Security: Can you afford not to switch? by Zscaler
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler1.6K views
Cisco Meraki Overview by SSISG
Cisco Meraki OverviewCisco Meraki Overview
Cisco Meraki Overview
SSISG907 views
Cloud Security Topics: Network Intrusion Detection for Amazon EC2 by Alert Logic
Cloud Security Topics: Network Intrusion Detection for Amazon EC2Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Alert Logic4.4K views
The Context Aware Network A Holistic Approach to BYOD by Cisco Canada
The Context Aware Network A Holistic Approach to BYODThe Context Aware Network A Holistic Approach to BYOD
The Context Aware Network A Holistic Approach to BYOD
Cisco Canada2.2K views
Palo Alto Networks: Protection for Security & Compliance by Amazon Web Services
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
Amazon Web Services3.1K views
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber by Moshe Ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Moshe Ferber346 views
Aws IoT and robotics reinvent attendee guide 2021 by Anthony Charbonnier
Aws IoT and robotics reinvent attendee guide 2021Aws IoT and robotics reinvent attendee guide 2021
Aws IoT and robotics reinvent attendee guide 2021
Anthony Charbonnier244 views
Meraki Company Presentation by Gautham Sajith
Meraki Company PresentationMeraki Company Presentation
Meraki Company Presentation
Gautham Sajith1.6K views
Rethinking Cybersecurity for the Digital Transformation Era by Zscaler
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler337 views

Viewers also liked

Governance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile by
Governance 2.0: A New Look at SOA Governance in The Age of Cloud and MobileGovernance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile
Governance 2.0: A New Look at SOA Governance in The Age of Cloud and MobileCA API Management
688 views19 slides
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements? by
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CloudIDSummit
642 views20 slides
Layer 7: Building Multi Enterprise SOA by
Layer 7: Building Multi Enterprise SOALayer 7: Building Multi Enterprise SOA
Layer 7: Building Multi Enterprise SOACA API Management
589 views23 slides
Effective Emails That Give a Response Every Time by
Effective Emails That Give a Response Every TimeEffective Emails That Give a Response Every Time
Effective Emails That Give a Response Every TimeEnoch James
351 views71 slides
Successful Enterprise Single Sign-on: Addressing Deployment Challenges by
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
1.8K views17 slides
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise by
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
610 views28 slides

Viewers also liked(6)

Governance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile by CA API Management
Governance 2.0: A New Look at SOA Governance in The Age of Cloud and MobileGovernance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile
Governance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile
CA API Management688 views
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements? by CloudIDSummit
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CloudIDSummit642 views
Layer 7: Building Multi Enterprise SOA by CA API Management
Layer 7: Building Multi Enterprise SOALayer 7: Building Multi Enterprise SOA
Layer 7: Building Multi Enterprise SOA
CA API Management589 views
Effective Emails That Give a Response Every Time by Enoch James
Effective Emails That Give a Response Every TimeEffective Emails That Give a Response Every Time
Effective Emails That Give a Response Every Time
Enoch James351 views
Successful Enterprise Single Sign-on: Addressing Deployment Challenges by Hitachi ID Systems, Inc.
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Hitachi ID Systems, Inc.1.8K views
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise by CA API Management
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
CA API Management610 views

Similar to Layer 7: Cloud Security For The Public Sector

Enhancing your Cyber Skills through a Cyber Range by
Enhancing your Cyber Skills through a Cyber RangeEnhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber Rangescoopnewsgroup
1.1K views20 slides
VMware Zimbra vs. Novell Groupwise by
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseMike K
617 views48 slides
Cloud computing security john abrena - chicago tour by
Cloud computing security john abrena - chicago tourCloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tourRamon Ray
273 views22 slides
Cloud Security: Perception Vs. Reality by
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
716 views24 slides
Appistry Cloud Computing for Government Featuring FedEx by
Appistry Cloud Computing for Government Featuring FedExAppistry Cloud Computing for Government Featuring FedEx
Appistry Cloud Computing for Government Featuring FedExAppistry
987 views30 slides
BayThreat Why The Cloud Changes Everything by
BayThreat Why The Cloud Changes EverythingBayThreat Why The Cloud Changes Everything
BayThreat Why The Cloud Changes EverythingCloudPassage
690 views42 slides

Similar to Layer 7: Cloud Security For The Public Sector(20)

Enhancing your Cyber Skills through a Cyber Range by scoopnewsgroup
Enhancing your Cyber Skills through a Cyber RangeEnhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber Range
scoopnewsgroup1.1K views
VMware Zimbra vs. Novell Groupwise by Mike K
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell Groupwise
Mike K617 views
Cloud computing security john abrena - chicago tour by Ramon Ray
Cloud computing security john abrena - chicago tourCloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tour
Ramon Ray273 views
Cloud Security: Perception Vs. Reality by Internap
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Internap716 views
Appistry Cloud Computing for Government Featuring FedEx by Appistry
Appistry Cloud Computing for Government Featuring FedExAppistry Cloud Computing for Government Featuring FedEx
Appistry Cloud Computing for Government Featuring FedEx
Appistry987 views
BayThreat Why The Cloud Changes Everything by CloudPassage
BayThreat Why The Cloud Changes EverythingBayThreat Why The Cloud Changes Everything
BayThreat Why The Cloud Changes Everything
CloudPassage690 views
EclipseCon Europe 2011 m2m workshop by Thibault Cantegrel
EclipseCon Europe 2011 m2m workshopEclipseCon Europe 2011 m2m workshop
EclipseCon Europe 2011 m2m workshop
Thibault Cantegrel986 views
The Complexities of Cloud Computing - The Rules are New, But is the Game by Janine Anthony Bowen, Esq.
The Complexities of Cloud Computing - The Rules are New, But is the GameThe Complexities of Cloud Computing - The Rules are New, But is the Game
The Complexities of Cloud Computing - The Rules are New, But is the Game
Janine Anthony Bowen, Esq. 1.1K views
null Bangalore meet - Cloud Computing and Security by n|u - The Open Security Community
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
n|u - The Open Security Community2.6K views
Cloud computing by vdvennen
Cloud computingCloud computing
Cloud computing
vdvennen138 views
The Move to the Cloud for Regulated Industries by dirkbeth
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
dirkbeth1.6K views
IIA2013 PPT SLIDES DECK by Bhavesh Bhagat, CGEIT, CISM (LION)
IIA2013 PPT SLIDES DECKIIA2013 PPT SLIDES DECK
IIA2013 PPT SLIDES DECK
Bhavesh Bhagat, CGEIT, CISM (LION)1.4K views
Vr storm cips_03nov2010 by National Research Council Canada
Vr storm cips_03nov2010Vr storm cips_03nov2010
Vr storm cips_03nov2010
National Research Council Canada233 views
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance by UNIT4 IT Solutions
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
UNIT4 IT Solutions660 views
Cw13 securing your journey to the cloud by rami naccache-trend micro by TheInevitableCloud
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
TheInevitableCloud252 views
Ippeis Cloud Computing Presentation(Tokyo2.0) by ippei_suzuki
Ippeis Cloud Computing Presentation(Tokyo2.0)Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)
ippei_suzuki528 views
Secure & Automate AWS Deployments with Next-Generation on Security by Amazon Web Services
Secure & Automate AWS Deployments with Next-Generation on SecuritySecure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on Security
Amazon Web Services510 views
Delivering infrastructure, security, and operations as code with AWS - DEM10-... by Amazon Web Services
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Amazon Web Services2.4K views
2021 01-27 reducing risk of ransomware webinar by AlgoSec
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
AlgoSec314 views
Cloud Computing by D Douglas Chalk by krishnaontop
Cloud Computing by D Douglas ChalkCloud Computing by D Douglas Chalk
Cloud Computing by D Douglas Chalk
krishnaontop308 views

More from CA API Management

Api architectures for the modern enterprise by
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterpriseCA API Management
12.9K views32 slides
Mastering Digital Channels with APIs by
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIsCA API Management
2.7K views42 slides
Takeaways from API Security Breaches Webinar by
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarCA API Management
2.4K views30 slides
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca... by
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...CA API Management
5.2K views108 slides
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director... by
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...CA API Management
1.4K views130 slides
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente... by
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...CA API Management
3.1K views47 slides

More from CA API Management(20)

Api architectures for the modern enterprise by CA API Management
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
CA API Management12.9K views
Mastering Digital Channels with APIs by CA API Management
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
CA API Management2.7K views
Takeaways from API Security Breaches Webinar by CA API Management
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
CA API Management2.4K views
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca... by CA API Management
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
CA API Management5.2K views
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director... by CA API Management
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
CA API Management1.4K views
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente... by CA API Management
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
CA API Management3.1K views
API Monetization: Unlock the Value of Your Data by CA API Management
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
CA API Management4.8K views
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur... by CA API Management
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
CA API Management1.5K views
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ... by CA API Management
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
CA API Management1.4K views
Enabling the Multi-Device Universe by CA API Management
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
CA API Management1.6K views
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S... by CA API Management
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
CA API Management1.5K views
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ... by CA API Management
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
CA API Management2.5K views
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis... by CA API Management
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
CA API Management2.5K views
Adapting to Digital Change: Use APIs to Delight Customers & Win by CA API Management
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
CA API Management1.7K views
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan... by CA API Management
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
CA API Management3.1K views
5 steps end to end security consumer apps by CA API Management
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
CA API Management1.1K views
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis... by CA API Management
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management46.2K views
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely... by CA API Management
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
CA API Management1.5K views
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla... by CA API Management
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
CA API Management1.6K views
Using APIs to Create an Omni-Channel Retail Experience by CA API Management
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
CA API Management4.5K views

Recently uploaded

Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates by
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesShapeBlue
178 views15 slides
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...ShapeBlue
69 views29 slides
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue by
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueElevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueShapeBlue
149 views7 slides
MVP and prioritization.pdf by
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdfrahuldharwal141
39 views8 slides
Business Analyst Series 2023 - Week 4 Session 7 by
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7DianaGray10
110 views31 slides
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... by
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...ShapeBlue
74 views17 slides

Recently uploaded(20)

Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates by ShapeBlue
Keynote Talk: Open Source is Not Dead - Charles Schulz - VatesKeynote Talk: Open Source is Not Dead - Charles Schulz - Vates
Keynote Talk: Open Source is Not Dead - Charles Schulz - Vates
ShapeBlue178 views
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue69 views
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue by ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueElevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
ShapeBlue149 views
MVP and prioritization.pdf by rahuldharwal141
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdf
rahuldharwal14139 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10110 views
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... by ShapeBlue
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
ShapeBlue74 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue114 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc130 views
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue128 views
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O... by ShapeBlue
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue59 views
State of the Union - Rohit Yadav - Apache CloudStack by ShapeBlue
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
ShapeBlue218 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH49 views
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading... by The Digital Insurer
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...
Webinar : Desperately Seeking Transformation - Part 2: Insights from leading...
The Digital Insurer40 views
Data Integrity for Banking and Financial Services by Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely76 views
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... by ShapeBlue
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
ShapeBlue48 views
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue134 views
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash103 views
Why and How CloudStack at weSystems - Stephan Bienek - weSystems by ShapeBlue
Why and How CloudStack at weSystems - Stephan Bienek - weSystemsWhy and How CloudStack at weSystems - Stephan Bienek - weSystems
Why and How CloudStack at weSystems - Stephan Bienek - weSystems
ShapeBlue172 views
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue by ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlueCloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
CloudStack Managed User Data and Demo - Harikrishna Patnala - ShapeBlue
ShapeBlue68 views
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit... by ShapeBlue
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
Transitioning from VMware vCloud to Apache CloudStack: A Path to Profitabilit...
ShapeBlue86 views

Layer 7: Cloud Security For The Public Sector

  • 1. Cloud Security for Public Sector Tower Club Presented by: Adam Vincent, CTO Public Sector, Layer 7 Technologies avincent@gov.layer7tech.com
  • 2. In the Cloud Risks to Cloud Consumers: • Security and Privacy – how can I be sure that my data and applications will be secure? • Business Continuity – what happens if my Internet provider or cloud provider goes down? • Business Value – how can I be sure my cloud service provider is meeting my SLA? • Compliance – how can I ensure regulatory/legal compliance? “Sharing the Cloud” 2 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • 3. Traditional Information Assurance - Multi-Tenant Multi-Tenant Cloud Environments = Problem Cloud Consumers 3 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • 4. Introducing New Risk: Cloud Attack Surface Enterprise Enterprise Enterprise Perimeter Zone Internet Zone Perimeter Zone Internet Zone Perimeter Zone Internet Zone Traditional Software/OS & Perimeter Defense ApplicationZone Perimeter Zone ApplicationZone Perimeter Zone ApplicationZone Perimeter Zone Virtual Server Zone Application Zone Virtual Server Zone Application Zone Virtual Server Zone Application Zone Cloud API’s & Governance Shared API’s & Cloud Governance vulnerabilities Hypervisor Exploitation Shared Hypervisor Hardware Exploitation Shared Hardware & Supply Chain Insider Threat Shared People 4 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • 5. Introducing New Risk: When the Cloud Attacks Leveraging the Cloud Nefariously: • Denial of Service – how can I be sure that my cloud is not being used to launch a DoS? • Cryptographic Analysis– how can I be sure that my cloud isn’t working towards breaking someone's encryption? • Command & Control – how can I ensure that my cloud is not providing an adversary a platform to monitor and control a cyber attack? “Responsibility for Good not Evil” 5 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • 6. Example: Thunderclap Proof of Concept Thunderclap – “Cloud Computing – A Weapon of Mass Destruction? (DEFCON 2010)” • Proof of Concept showing how DDoS attack could be run from the cloud Value Proposition (my interpretation) • Performance: Massive Bandwidth & Power = Plentiful • Up Front Cost: Stolen Credit Card Number = Free • Time: Little to none once initial R&D is completed = Time for hobbies • Value: Charge $$$ to highest bidder = Make massive profit Conclusion: Not a bad business model! 6 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • 7. Conclusions  Cloud provides a powerful & agile capability for small, medium, and large businesses.  Cloud Consumers - Connect: “your cloud capabilities” to current information assurance/cyber defense solutions & requirements - Protect: “your cloud capabilities” from the threat of shared governance, API’s, networks, virtualization platforms, and hardware  Cloud Providers - Control: “your cloud infrastructure” with detection and discovery to ensure that it isn't being abused, directed against others, compromised or used for free Layer 7 Technologies: CloudSpan products: CloudConnect, CloudProtect and CloudControl help organizations at each stage of their cloud adoption curve, from consuming SaaS services, to running applications securely in the cloud, to becoming a provider of cloud and SaaS services. 7 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com