This document discusses assessing a cloud-based approach to cyber security. It begins by comparing typical on-premise security measures like appliances and virtual machines to cloud-based security measures that use instances, APIs and third-party services. It then asks 5 questions about data, access controls, service protection and traffic visibility in the cloud. The document outlines security solutions from open source to commercial cloud-based options and lists many cloud security services providers offer. It discusses three operating models for these services - proxy, install and API modes - and weighs the pros and cons of each. The document concludes by providing guidance on selecting a cloud security provider based on factors like data collection, connections, licensing and independent research.

1. Assessing a Cloud Based Approach to
Cyber Security
Aladdin Dandis
Souq.com

2. Typical Vs Cloud
● Typical
○ HW + SW
○ Data in storage,
shared-folders, DBs and
Servers
○ Security measures:
Appliances, VMs, Servers,
Agents

3. Typical Vs Cloud (cont.)
● Cloud
○ VMs/Instances + SW
○ Data in Volumes, Servers,
Buckets, DBs,
shared-folders, …
○ Security measures:
Instances, APIs, 3rd party
services, Cloud Provider
services

4. Reality ...

5. Reality ...
?

6. 5 Major Questions
1. Where is my Data?
2. How they are Accessed?
3. How do I protect my computing power?
4. How do I protect my service and performance?
5. Do I have visibility on my traffic (inbound/outbound)?

7. Security Solutions
● Open Source
● Commercial:
○ Traditional
○ Cloud Based
■ CP native
■ CSP

8. We can fulfill all your
requirements …. !

9. Cloud Security Services (CSP)
● Scanners (SAST, DAST…)
● Identity Management/ Access/ SSO
● Security Analytics
● WAF
● Firewalls (network and database)
● DDoS Protection
● Malware Protection
● Email Protection
● CASB
● Encryption
● ….. Many much more …!

10. 3 Operating Models
1. Proxy Mode
○ Screen/Proxy your traffic through my cloud
2. Install Mode
○ Install/Import my VM/Instance/Agent in your environment and let
me manage it
3. API Mode
○ Let me access your cloud/application APIs

11. Proxy Mode

12. Pros and Cons
● Pros
○ Hide your resources from
public
○ Apply controls before the
fact
○ Immediate updates
● Cons
○ Performance issues
○ Availability issues
○ MitM…

13. Install Mode

14. Pros and Cons
● Pros
○ Limit access to certain
resources
○ You have more control on
the traffic...
● Cons
○ More complexity on
permissions and supported
systems
○ Open non-standard ports
○ Don’t forget! .. They are in
your network!

15. APIs Mode

16. Pros and Cons
● Pros
○ Work independently from
your production resources
○ More demand on CSP APIs
● Cons
○ More complexity on
permissions and supported
systems
○

17. Facts
● Security is Not the ultimate goal in your business
○ You don’t have unlimited or get what and when you need budget
○ Prioritize your security investments
● Not all CSPs can satisfy your requirements
○ You may need more than 1 Security CSPs to fulfill your requirements
● SLA and QoS are not the same
○ Be specific and do a thorough POC.
○ Ask those who used the service..

18. Selection Guide
● How you collect, process and store my data and findings?
○ Logs, reports, controls...
● Do you act as MITM? ….
○ Managing encryption, Performance impact and latency…
● Can I control your service?
○ Managed, I can put my policies and change my rules...
● How do you connect to me?
○ VPN, SFTP, APIs, …
● Is it end2end automated?
○ No human interaction, needs human verification, 3rd party involved...

19. Selection Guide (cont.)
● How do you license me?
○ Daily Traffic, Tenant based, Per server, Per user, Yearly...etc
○ Traffic and hosting
● What is the success criteria for your solution?
○ Cost effective, Immediate remediation, Performance friendly….
● What do independent security and technology research firms say?
○ Check Gartner, Forrester and other global research firms for pros and cons

20. Thank You
Souq.com

21. Architecture Approach
● Define Problem
● Define Stakeholders
● List all your Requirements
● Decompose your requirements to Business, Data, Apps and Tech
● Define your Architecture Building Blocks ABBs
● Define your Solution Building Blocks SBBs
● Search/Develop SBBs APPROPRIATE to your ABBs
● Build your Action Plan
● Implement and Govern
● Operate and manage Monitor