SlideShare a Scribd company logo
SHARED SECURITY
RESPONSIBILITY IN AZURE
Speaker - Chris Camaclang
Agenda
• Intro + Housecleaning + Surveys
• Hybrid Cloud Landscape
• Threat Landscape
• Security Best Practices
• Alert Logic Solutions and Value
Hybrid Cloud Today
CLOUD FALLOVER
(DIFFERENT GEOGRAPHY)
INTERNALEXTERNAL
PRIVATE CLOUD
PUBLIC CLOUD
DEMO SITES
MOBILE PHONES
PROSPECT CUSTOMER BIZ PARTNER MANAGER PM ARCHITECT DEVELOPER SUPPORT
SMART PHONE SMART TV TABLET/iPAD DESKTOP CLOUDTOPNOTEBOOK
NETBOOK
PRODUCTION STAGING QA DEV/TEST
DEMO SITESPERFORMANCE
TESTING
IT + DEV SUPP
SERVICES OFFICE SERVICES TIM/TAM
SERVICES
DESKTOP
SERVICES
MONITORING
SERVICES
BIZ. SUPP.
SERVICES
TRANSFORMATION
SERVICES
ADOBE LC
SERVICES
MESSAGING
SERVICES
SECURITY
SERVICES
BIZ. INT.
SERVICES
CODE MANAGEMENT
SERVICES
TIM/TAM
SERVICES
MONITORING
SERVICES
SECURITY
SERVICES
PERFORMANCE
TESTING
SECURETUNNEL
SECURETUNNEL
SECURETUNNEL
SECURE
TUNNEL
SECURE
TUNNEL
The	Impact	of	a	Breach	is	Far-Reaching	and	Long-Lived
THE	CYBER	KILL	CHAIN¹ THE	IMPACT
Financial	loss
Harm	brand	and	reputation
Scrutiny	from	regulators
IDENTIFY	
& RECON
INITIAL	
ATTACK
COMMAND	&	
CONTROL
DISCOVER	
& SPREAD
EXTRACT	&	
EXFILTRATE
1. http://cyber.lockheedmartin.com/cyber-kill-chain-lockheed-martin-poster
COMPANIES	OF	ALL	SIZES	ARE	IMPACTED
Global Analysis
Threats by Customer Industry Vertical
Source: Alert Logic CSR 2016
29%
48%
10%
11%
2%
Finance-Insurance-Real	Estate
APPLICATION	ATTACK
BRUTE	FORCE
RECON
SUSPICIOUS	ACTIVITY
TROJAN	ACTIVITY
56%25%
17%
0%
2%
Retail-Wholesale
APPLICATION	ATTACK
BRUTE	FORCE
RECON
SUSPICIOUS	ACTIVITY
TROJAN	ACTIVITY
54%
21%
22%
1%
2%
Information	Technology
APPLICATION	ATTACK
BRUTE	FORCE
RECON
SUSPICIOUS	ACTIVITY
TROJAN	ACTIVITY
1
49
56
86
125
155
172
197
525
908
Denial of Service
Crimeware
Physical Theft / Loss
Payment Card Skimmers
Everything Else
Cyber-espionage
Privilege Misuse
Miscellaneous Errors
POS Intrusions
Web App Attacks
Security risk is shifting to unprotected web applications
Web app attacks are now the
#1 source of data breaches
But less than 5% of data center security
budgets are spent on app security
Source: Verizon
UP 500% SINCE 2014
$23 to $1
Percentage of Breaches
10% 20% 30% 40%
Source: Gartner
Web App Attacks
Cloud Security is a Shared, but not Equal, Responsibility
• Security Monitoring
• Log Analysis
• Vulnerability Scanning
• Network Threat Detection
• Security Monitoring
• Logical Network Segmentation
• Perimeter Security Services
• External DDOS, spoofing, and
scanning monitored
• Hypervisor Management
• System Image Library
• Root Access for Customers
• Managed Patching (PaaS, not IaaS)
• Web Application Firewall
• Vulnerability Scanning
• Secure Coding and Best Practices
• Software and Virtual Patching
• Configuration Management
• Access Management
(inc. Multi-factor Authentication)
• Application level attack monitoring
• Access Management
• Configuration Hardening
• Patch Management
• TLS/SSL Encryption
• Network Security
Configuration
CUSTOMER ALERT LOGICMICROSOFT
SECURITY
BEST PRACTICES
10 Best Practices for Security
1. Understand the Cloud Providers Shared Responsibility Model
2. Secure your code
3. Create access management policies
4. Data Classification
5. Adopt a patch management approach
6. Review logs regularly
7. Build a security toolkit
8. Stay informed of the latest vulnerabilities that may affect you
9. Understand your cloud service providers security model
10. Know your adversaries
1. Understand the Cloud Providers Shared Responsibility Model
The first step to securing cloud workloads
is understanding the shared responsibility
model
Microsoft will secure most of the
underlying infrastructure, including the
physical access to the datacenters, the
servers and hypervisors, and parts of the
networking infrastructure…but the
customer is responsible for the rest.
Taken from the Shared Responsibility for Cloud Computing whitepaper, published by Microsoft in March 2016
2. Secure Your Code
• Test inputs that are open to the Internet
• Add delays to your code to confuse bots
• Use encryption when you can
• Test libraries
• Scan plugins
• Scan your code after every update
• Limit privileges
• DevSecOps
3. Create Secure Access Management Policies
• Simplify access controls (KISS)
• Lock down Admin account in Azure
• Enable MFA (Azure, hardware/software token)
• Identify data infrastructure that requires access
(*Lock down AzureSQL)
• Define roles and responsibilities (delegating
service admins)
• Azure NSG (private vs public)
• Continually audit access (Azure Audit Logs)
• Start with a least privilege access model (RBAC)
*avoid owner role unless absolutely necessary
• Don’t store keys in code (e.g. secret keys)
• AAD Premium – (*Security analytics and alerting)
4. Data Classification
• Identify data repositories and mobile
backups
• Identify classification levels and
requirements
• Analyze data to determine classification
• Build Access Management policy around
classification
• Monitor file modifications and users
5. Adopt a Patch Management Approach
• Use trusted images (*Prevent users from
launching untrusted images)
• Constantly scan all vulnerabilities in your images
and patch them
• Compare reported vulnerabilities to production
infrastructure
• Classify the risk based on vulnerability and
likelihood
• Test patches before you release into production
• Setup a regular patching schedule
• Keep informed, follow bugtraqer
• Follow a SDLC
6. Log Management Strategy
• Monitoring for malicious activity
• Forensic investigations
• Compliance needs
• System performance
• All sources of log data is collected
and retained
• Data types (Windows, Syslog)
• Azure AD behavior
• Azure Audit Logs (services,
instances…activity, powershell)
• Azure SQL Logs
• Azure App Services Logs
• Review process
• Live monitoring
• Correlation logic
7. Build a Security Toolkit
• Recommended Security Solutions
• Antivirus
• IP tables/Firewall
• Backups
• FIM
• Intrusion Detection System (VNET ingress/egress)
• Malware Detection
• Web Application Firewalls (inspection at Layer 7)
• Forensic Image of hardware remotely
• Future Deep Packet Forensics
• Web Filters
• Mail Filters
• Encryption Solutions
• Proxies
• Log collection
• SIEM Monitoring and Escalation
• Penetration Testing
8. Stay Informed of the Latest Vulnerabilities
• Websites to follow
• http://www.securityfocus.com
• http://www.exploit-db.com
• http://seclists.org/fulldisclosure/
• http://www.securitybloggersnetwork.com/
• http://cve.mitre.org/
• http://nvd.nist.gov/
• https://www.alertlogic.com/weekly-threat-report/
9. Understand Your Service Providers Security Model
• Understand the security offerings from your provider
• Probe into the Security vendors to find their prime service
• Hypervisor exploits are patched by the service provider
• Questions to use when evaluating cloud service providers
10. Understand your Adversaries
Threats are 24x7 = Security Operations 24x7
Monitor intrusion detection and
vulnerability scan activity
Search for Industry trends and
deliver intelligence on lost or
stolen data
Collect data from OSINT and
Underground Sources to deliver
Intelligence and Content
Identify and implement
required policy changes
Escalate incidents and provide guidance to
the response team to quickly mitigate
Incidents
Monitor for Zero-Day
and New and Emerging
attacks
Cross product correlate
data sources to find
anomalies
ALERT LOGIC
SOLUTIONS
Cloud Security is a Shared, but not Equal, Responsibility
• Security Monitoring
• Log Analysis
• Vulnerability Scanning
• Network Threat Detection
• Security Monitoring
• Logical Network Segmentation
• Perimeter Security Services
• External DDOS, spoofing, and
scanning monitored
• Hypervisor Management
• System Image Library
• Root Access for Customers
• Managed Patching (PaaS, not IaaS)
• Web Application Firewall
• Vulnerability Scanning
• Secure Coding and Best Practices
• Software and Virtual Patching
• Configuration Management
• Access Management
(inc. Multi-factor Authentication)
• Application level attack monitoring
• Access Management
• Configuration Hardening
• Patch Management
• TLS/SSL Encryption
• Network Security
Configuration
CUSTOMER ALERT LOGICMICROSOFT
Vulnerabilities
+ Change
+ Shortage
Complexity of defending web applications and workloads
Risks are moving up the stack
1. Wide range of attacks at every
layer of the stack
2. Rapidly changing codebase can
introduces unknown vulnerabilities
3. Long tail of exposures inherited
from 3rd party development tools
4. Extreme shortage of cloud and
application security expertise
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
Perimeter & end-point security tools
fail to protect cloud attack surface
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
Block
Analyze
Allow
Your Data
Focus requires full stack inspection…and complex analysis
Known Good
Known Bad
Suspicious
Security DecisionYour App Stack
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
Threats
App Transactions
Log Data
Network Traffic
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
APP+CONFIG
ASSESMENT
Your Data
Focus requires full stack inspection…and complex analysis
Known Bad
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
App Transactions
Log Data
Network Traffic
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
COLLECTION
TECHNOLOGY
Your Data
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
App Transactions
Log Data
Network Traffic
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
APP+CONFIG
ASSESMENT
COLLECTION
TECHNOLOGY
Integrated value chain delivering full stack security…
Signatures &
Rules
Anomaly
Detection
Machine
Learning
ANALYTICS
Petabytes of normalized data from 4000+
customers
Your Data
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
App Transactions
Log Data
Network Traffic
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
APP+CONFIG
ASSESMENT
COLLECTION
TECHNOLOGY
Signatures &
Rules
Anomaly
Detection
Machine
Learning
ANALYTICS
Integrated value chain delivering full stack security, experts included
Petabytes of normalized data from 4000+
customers
• Threat Intelligence
• Security Research
• Data Science
• Security Content
• Security Operations
Center
24/7 EXPERTS
& PROCESS
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
CLOUD INSIGHT
Signatures &
Rules
Anomaly
Detection
Machine
Learning
Integrated value chain delivering full stack security, experts included
• Threat Intelligence
• Security Research
• Data Science
• Security Content
• Security Operations
Center
ACTIVEWATCHDETECTION &
PROTECTION
Web Security
Manager
Log
Manager
Threat
Manager
ALERT LOGIC CLOUD DEFENDER
New capabilities focused on Web Attack Detection
1
Over	150	new	web	attack	incidents
2
Improved	OWASP	Top	10	Coverage
powered	by	Anomaly	Detection
3
Advanced	SQL	Injection	Detection	
powered	by	Machine	Learning
Web	App	
Attacks
OWASP	top	
10
Platform	/	
library	
attacks
App	/		
System	
misconfig
attacks
Attacks
Over	250	breaches	
detected	in	2016
Alert Logic solutions are easy to deploy
• Use a combination of host based agents and appliances to collect
network and application traffic
• Agents also collect logs from the VM
• Azure Activity Logs are collected via the Azure Monitor API
• Azure SQL or App Services Logs are collected from Azure storage
accounts
• Appliances can be used to do internal scanning, or we can do
external and PCI scanning from our cloud
HOW IT WORKS:
Alert Logic Threat Manager for 3 Tier Application Stack + Azure SQL
VNET
RESOURCE GROUP
Alert Logic
Web Traffic
Threat Manager
Appliance
AutoScale AutoScale Azure SQL
Database
Tier
Azure Storage
Table
SQL Logs
Application Tier
VM ScaleSets
Web Tier
VM ScaleSets
Application
Gateway
VM
3-Tier applications using VMs only
VNET
RESOURCE GROUP
Web Traffic
Customer B
Alert Logic
Threat Manager
Appliance
VM
AutoScale
Application Tier
VM ScaleSets
AutoScale
Web Tier
VM ScaleSets
Database Tier
SQL VM
AvailabilitySets
VNET
RESOURCE GROUP
AutoScale
Application Tier
VM ScaleSets
AutoScale
Web Tier
VM ScaleSets
Database Tier
SQL VM
AvailabilitySets
Web Traffic
Customer A
ARM Template automate appliance deployments
https://github.com/alertlogic/al-arm-templates
Agents can be baked into VM images, or automatically installed
using DevOps toolsets
https://supermarket.chef.io/cookbooks/al_agents
Alert Logic – a Leader in Forrester’s 2016 NA MSSP WAVETM
“Alert Logic has a head start in the
cloud, and it shows.
Alert Logic is an excellent fit for clients
looking to secure their current or
planned cloud migrations, clients
requiring a provider than can span
seamlessly between hybrid
architectures, and those that demand
strong API capabilities for integrations.”
- Forrester WAVETM Report
Addressing Customers with Compliance Requirements
Alert	Logic	
Solution PCI	DSS SOX HIPAA	&	HITECH
Alert	Logic	Web	
Security	
Manager™
• 6.5.d	Have	processes	in	place	to	protect	applications	from	
common	vulnerabilities	such	as	injection	flaws,	buffer	overflows	
and	others	
• 6.6					Address	new	threats	and	vulnerabilities	on	an	ongoing	
basis	by	installing	a	web	application	firewall	in	front	of	public-
facing	web	applications.	
• DS	5.10	Network	Security
• AI	3.2	Infrastructure	resource	
protection	and	availability	
• 164.308(a)(1)	Security	Management	
Process	
• 164.308(a)(6)	Security	Incident	
Procedures
Alert	Logic	Log	
Manager™
• 10.2			Automated	audit	trails
• 10.3			Capture	audit	trails
• 10.5			Secure	logs
• 10.6			Review	logs	at	least	daily
• 10.7			Maintain	logs	online	for	three	months
• 10.7			Retain	audit	trail	for	at	least	one	year
• DS	5.5	Security	Testing,	
Surveillance	and	Monitoring
• 164.308	(a)(1)(ii)(D)	Information	
System	Activity	Review	
• 164.308	(a)(6)(i)	Login	Monitoring	
• 164.312	(b)	Audit	Controls
Alert	Logic	
Threat	
Manager™
• 5.1.1	Monitor	zero	day	attacks	not	covered	by	anti-virus
• 6.2				Identify	newly	discovered	security	vulnerabilities
• 11.2			Perform	network	vulnerability	scans	quarterly	by	an	ASV	or	
after	any	significant	network	change
• 11.4			Maintain	IDS/IPS	to	monitor	and	alert	personnel;	keep	
engines	up	to	date
• DS5.9	Malicious	Software	
Prevention,	Detection	and	
Correction
• DS	5.6	Security	Incident	
Definition
• DS	5.10	Network	Security
• 164.308	(a)(1)(ii)(A)	Risk	Analysis	
• 164.308	(a)(1)(ii)(B)	Risk	Management	
• 164.308	(a)(5)(ii)(B)	Protection	from	
Malicious	Software
• 164.308	(a)(6)(iii)	Response	&	
Reporting
Alert	Logic	Security	Operations	Center	providing	Monitoring,	Protection,	and	Reporting
Scalable Threat Intel Process Delivers Relevant Content
FUSIONNORMALIZATION
ENTITY RESOLUTION
LINK ANALYSIS
CLUSTERING ANALYSIS
COMPLEX ANALYSIS
EXTRACTION
HONEYNET
3RD-PARTY
INTEL
VULNERABILITIES
WATCHLISTS
RESEARCH
TELEMETRY
Big
Data
ReputationReputation
BlacklistsBlacklists
Content CoverageContent Coverage
Incident ModelingIncident Modeling
Intelligence GatheringIntelligence Gathering
Relevant VulnerabilitiesRelevant Vulnerabilities
Increased Contextual Awareness
Increased Contextual Awareness
Increase Incident Understanding
Increase Incident Understanding
Key Service CapabilitiesAnalysis TechniquesThreat Analytics PlatformInput Sources
Stopping Imminent Data Exfiltration
INCIDENT ESCALATION
Partner and customer notified with
threat source information and
remediation tactics
8 min
FUTHER ANALYSIS
Alert Logic Analyst confirms user
IDs and password hashes leaked
as part of initial attack
2 hours
EXFILTRATION ATTEMPT
PREVENTED
Partner works with customer to mitigate
compromised accounts
6 hours
COMPROMISE ACTIVITY
Discovered through inspection
of 987 log messages indicative
of a SQL injection attack
Customer Type: Retail
Threat Type: Advanced SQL Injection
Preventing Ransomware Spread
INCIDENT ESCALATION
Critical risk of lateral movement
through shared drives identified
14 min
LATERAL MALWARE MOVEMENT PREVENTED
Analyst performs forensic review of additional 8,000 log
messages and 1,400 events that identifies additional attack
vectors through related events
6 hours
SUSPICOUS ACTIVITY
Cryptowall detected on key
gateway server in over 1,400
events (6,000 Packets)
Customer Type: Retail
Threat Type: Ransomware
To Follow our Research & Contact Information
Blog
https://www.alertlogtic.com/resources/blog
Newsletter
https://www.alertlogic.com/weekly-threat-report/
Cloud Security Report
https://www.alertlogic.com/resources/cloud-security-report/
Zero Day Magazine
https://www.alertlogic.com/zerodaymagazine/
Twitter
@AlertLogic For More Information on Alert Logic Solutions
Chris	Camaclnag
ccamaclang@alertlogic.com
206-673-4387
Thank you.

More Related Content

What's hot

CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web Applications
Alert Logic
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloud
Himani Singh
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Azure security
Azure  securityAzure  security
Azure security
Lalit Rawat
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
Allen Brokken
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
Lalit Rawat
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Azure Saturday: Security + DevOps + Azure = Awesomeness
Azure Saturday: Security + DevOps + Azure = AwesomenessAzure Saturday: Security + DevOps + Azure = Awesomeness
Azure Saturday: Security + DevOps + Azure = Awesomeness
Karl Ots
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
Alert Logic
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
Cheah Eng Soon
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
Cheah Eng Soon
 
AWS Security
AWS Security AWS Security
Azure Security Center- Zero to Hero
Azure Security Center-  Zero to HeroAzure Security Center-  Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
Giovanni Mazzeo
 
Azure Networking - The First Technical Challenge
Azure Networking  - The First Technical ChallengeAzure Networking  - The First Technical Challenge
Azure Networking - The First Technical Challenge
Aidan Finn
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Udaiappa Ramachandran
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloads
Asaf Nakash
 

What's hot (20)

CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web Applications
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloud
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
Azure security
Azure  securityAzure  security
Azure security
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure Saturday: Security + DevOps + Azure = Awesomeness
Azure Saturday: Security + DevOps + Azure = AwesomenessAzure Saturday: Security + DevOps + Azure = Awesomeness
Azure Saturday: Security + DevOps + Azure = Awesomeness
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
 
AWS Security
AWS Security AWS Security
AWS Security
 
Azure Security Center- Zero to Hero
Azure Security Center-  Zero to HeroAzure Security Center-  Zero to Hero
Azure Security Center- Zero to Hero
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Azure Networking - The First Technical Challenge
Azure Networking  - The First Technical ChallengeAzure Networking  - The First Technical Challenge
Azure Networking - The First Technical Challenge
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloads
 

Viewers also liked

Baker 2 Vegas 2017 Medical Team Orientation
Baker 2 Vegas 2017 Medical Team Orientation Baker 2 Vegas 2017 Medical Team Orientation
Baker 2 Vegas 2017 Medical Team Orientation
Troy Pennington
 
CULMINACION DE LA RELACION LABORAL
CULMINACION DE LA RELACION LABORALCULMINACION DE LA RELACION LABORAL
CULMINACION DE LA RELACION LABORAL
Jose Rodriguez
 
GITN maakt een merk sterk.....
GITN maakt een merk sterk.....GITN maakt een merk sterk.....
GITN maakt een merk sterk.....
Louis Kester
 
Optics
OpticsOptics
Optics
hamid raza
 
Film trailer questionnaire with commentary
Film trailer questionnaire with commentaryFilm trailer questionnaire with commentary
Film trailer questionnaire with commentary
afkbbs_
 
Linear equations
Linear equationsLinear equations
Linear equations
jessica gonzalez
 
Rhabdomyosarcoma Of head and neck
Rhabdomyosarcoma Of head and neckRhabdomyosarcoma Of head and neck
Rhabdomyosarcoma Of head and neck
Prof. Ahmed Mohamed Badheeb
 
A estrela perdida
A estrela perdidaA estrela perdida
A estrela perdida
andreiasilva007
 
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
Konstantin Ivanovich Samoilov
 
Firma Sven De Ridder buigt verlies om in winst
Firma Sven De Ridder buigt verlies om in winstFirma Sven De Ridder buigt verlies om in winst
Firma Sven De Ridder buigt verlies om in winst
Thierry Debels
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
Nuno Godinho
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
vivekbhat
 
Comportamientos digítales
Comportamientos digítalesComportamientos digítales
Comportamientos digítales
aolerlopezmariafernanda
 
Primer clase geometria arigossi
Primer clase geometria arigossiPrimer clase geometria arigossi
Primer clase geometria arigossi
moniprofe09
 
2 sesion de aprendizaje cuarto grado
2 sesion de aprendizaje  cuarto grado2 sesion de aprendizaje  cuarto grado
2 sesion de aprendizaje cuarto grado
MANUEL CONDORI QUISPE
 
Expert advisor brokerzy forex
Expert advisor  brokerzy forexExpert advisor  brokerzy forex
Expert advisor brokerzy forex
Dariusz Partelski
 
Adverts
AdvertsAdverts
6 betsy mineraleS
6 betsy mineraleS6 betsy mineraleS
O οδυσσέας στον ανεμόμυλο
O οδυσσέας στον ανεμόμυλοO οδυσσέας στον ανεμόμυλο
O οδυσσέας στον ανεμόμυλο
theatropaizontas
 
LAK17 Reflective Writing Analytics
LAK17 Reflective Writing AnalyticsLAK17 Reflective Writing Analytics
LAK17 Reflective Writing Analytics
Simon Buckingham Shum
 

Viewers also liked (20)

Baker 2 Vegas 2017 Medical Team Orientation
Baker 2 Vegas 2017 Medical Team Orientation Baker 2 Vegas 2017 Medical Team Orientation
Baker 2 Vegas 2017 Medical Team Orientation
 
CULMINACION DE LA RELACION LABORAL
CULMINACION DE LA RELACION LABORALCULMINACION DE LA RELACION LABORAL
CULMINACION DE LA RELACION LABORAL
 
GITN maakt een merk sterk.....
GITN maakt een merk sterk.....GITN maakt een merk sterk.....
GITN maakt een merk sterk.....
 
Optics
OpticsOptics
Optics
 
Film trailer questionnaire with commentary
Film trailer questionnaire with commentaryFilm trailer questionnaire with commentary
Film trailer questionnaire with commentary
 
Linear equations
Linear equationsLinear equations
Linear equations
 
Rhabdomyosarcoma Of head and neck
Rhabdomyosarcoma Of head and neckRhabdomyosarcoma Of head and neck
Rhabdomyosarcoma Of head and neck
 
A estrela perdida
A estrela perdidaA estrela perdida
A estrela perdida
 
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
THE ANCIENT GREEK ARCHITECTURE / The history of Architecture from Prehistoric...
 
Firma Sven De Ridder buigt verlies om in winst
Firma Sven De Ridder buigt verlies om in winstFirma Sven De Ridder buigt verlies om in winst
Firma Sven De Ridder buigt verlies om in winst
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
 
Comportamientos digítales
Comportamientos digítalesComportamientos digítales
Comportamientos digítales
 
Primer clase geometria arigossi
Primer clase geometria arigossiPrimer clase geometria arigossi
Primer clase geometria arigossi
 
2 sesion de aprendizaje cuarto grado
2 sesion de aprendizaje  cuarto grado2 sesion de aprendizaje  cuarto grado
2 sesion de aprendizaje cuarto grado
 
Expert advisor brokerzy forex
Expert advisor  brokerzy forexExpert advisor  brokerzy forex
Expert advisor brokerzy forex
 
Adverts
AdvertsAdverts
Adverts
 
6 betsy mineraleS
6 betsy mineraleS6 betsy mineraleS
6 betsy mineraleS
 
O οδυσσέας στον ανεμόμυλο
O οδυσσέας στον ανεμόμυλοO οδυσσέας στον ανεμόμυλο
O οδυσσέας στον ανεμόμυλο
 
LAK17 Reflective Writing Analytics
LAK17 Reflective Writing AnalyticsLAK17 Reflective Writing Analytics
LAK17 Reflective Writing Analytics
 

Similar to Azure 101: Shared responsibility in the Azure Cloud

클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
Amazon Web Services Korea
 
Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
Alert Logic
 
Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...
Ryan Hodgin
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
Protecting Against Web App Attacks
Protecting Against Web App AttacksProtecting Against Web App Attacks
Protecting Against Web App Attacks
Alert Logic
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
MSAdvAnalytics
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
ober64
 
IANS information security forum 2019 summary
IANS information security forum 2019 summaryIANS information security forum 2019 summary
IANS information security forum 2019 summary
Karun Chennuri
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
Alert Logic
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYC
Patrick Sklodowski
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Alert Logic
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
CloudHesive
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
Hostway|HOSTING
 
Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool
sangam biradar
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
Alert Logic
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
Patrick Sklodowski
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Amazon Web Services
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
lior mazor
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
Trupti Shiralkar, CISSP
 

Similar to Azure 101: Shared responsibility in the Azure Cloud (20)

클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
 
Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...Regulated Reactive - Security Considerations for Building Reactive Systems in...
Regulated Reactive - Security Considerations for Building Reactive Systems in...
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
 
Protecting Against Web App Attacks
Protecting Against Web App AttacksProtecting Against Web App Attacks
Protecting Against Web App Attacks
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
 
IANS information security forum 2019 summary
IANS information security forum 2019 summaryIANS information security forum 2019 summary
IANS information security forum 2019 summary
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYC
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
 
Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool Terrascan - Cloud Native Security Tool
Terrascan - Cloud Native Security Tool
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
 

Recently uploaded

Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
Priyanka Aash
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
Bhajan Mehta
 
Sonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdfSonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdf
SubhamMandal40
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
Baishakhi Ray
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
alexjohnson7307
 
Zaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdfZaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdf
AmandaCheung15
 
Step-By-Step Process to Develop a Mobile App From Scratch
Step-By-Step Process to Develop a Mobile App From ScratchStep-By-Step Process to Develop a Mobile App From Scratch
Step-By-Step Process to Develop a Mobile App From Scratch
softsuave
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
ldtexsolbl
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
DianaGray10
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
janagijoythi
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Nicolás Lopéz
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
DianaGray10
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
Priyanka Aash
 

Recently uploaded (20)

Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
 
Sonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdfSonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdf
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
 
Zaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdfZaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdf
 
Step-By-Step Process to Develop a Mobile App From Scratch
Step-By-Step Process to Develop a Mobile App From ScratchStep-By-Step Process to Develop a Mobile App From Scratch
Step-By-Step Process to Develop a Mobile App From Scratch
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
 

Azure 101: Shared responsibility in the Azure Cloud

  • 1. SHARED SECURITY RESPONSIBILITY IN AZURE Speaker - Chris Camaclang
  • 2. Agenda • Intro + Housecleaning + Surveys • Hybrid Cloud Landscape • Threat Landscape • Security Best Practices • Alert Logic Solutions and Value
  • 3. Hybrid Cloud Today CLOUD FALLOVER (DIFFERENT GEOGRAPHY) INTERNALEXTERNAL PRIVATE CLOUD PUBLIC CLOUD DEMO SITES MOBILE PHONES PROSPECT CUSTOMER BIZ PARTNER MANAGER PM ARCHITECT DEVELOPER SUPPORT SMART PHONE SMART TV TABLET/iPAD DESKTOP CLOUDTOPNOTEBOOK NETBOOK PRODUCTION STAGING QA DEV/TEST DEMO SITESPERFORMANCE TESTING IT + DEV SUPP SERVICES OFFICE SERVICES TIM/TAM SERVICES DESKTOP SERVICES MONITORING SERVICES BIZ. SUPP. SERVICES TRANSFORMATION SERVICES ADOBE LC SERVICES MESSAGING SERVICES SECURITY SERVICES BIZ. INT. SERVICES CODE MANAGEMENT SERVICES TIM/TAM SERVICES MONITORING SERVICES SECURITY SERVICES PERFORMANCE TESTING SECURETUNNEL SECURETUNNEL SECURETUNNEL SECURE TUNNEL SECURE TUNNEL
  • 6. Threats by Customer Industry Vertical Source: Alert Logic CSR 2016 29% 48% 10% 11% 2% Finance-Insurance-Real Estate APPLICATION ATTACK BRUTE FORCE RECON SUSPICIOUS ACTIVITY TROJAN ACTIVITY 56%25% 17% 0% 2% Retail-Wholesale APPLICATION ATTACK BRUTE FORCE RECON SUSPICIOUS ACTIVITY TROJAN ACTIVITY 54% 21% 22% 1% 2% Information Technology APPLICATION ATTACK BRUTE FORCE RECON SUSPICIOUS ACTIVITY TROJAN ACTIVITY
  • 7. 1 49 56 86 125 155 172 197 525 908 Denial of Service Crimeware Physical Theft / Loss Payment Card Skimmers Everything Else Cyber-espionage Privilege Misuse Miscellaneous Errors POS Intrusions Web App Attacks Security risk is shifting to unprotected web applications Web app attacks are now the #1 source of data breaches But less than 5% of data center security budgets are spent on app security Source: Verizon UP 500% SINCE 2014 $23 to $1 Percentage of Breaches 10% 20% 30% 40% Source: Gartner Web App Attacks
  • 8. Cloud Security is a Shared, but not Equal, Responsibility • Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Web Application Firewall • Vulnerability Scanning • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (inc. Multi-factor Authentication) • Application level attack monitoring • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration CUSTOMER ALERT LOGICMICROSOFT
  • 10. 10 Best Practices for Security 1. Understand the Cloud Providers Shared Responsibility Model 2. Secure your code 3. Create access management policies 4. Data Classification 5. Adopt a patch management approach 6. Review logs regularly 7. Build a security toolkit 8. Stay informed of the latest vulnerabilities that may affect you 9. Understand your cloud service providers security model 10. Know your adversaries
  • 11. 1. Understand the Cloud Providers Shared Responsibility Model The first step to securing cloud workloads is understanding the shared responsibility model Microsoft will secure most of the underlying infrastructure, including the physical access to the datacenters, the servers and hypervisors, and parts of the networking infrastructure…but the customer is responsible for the rest. Taken from the Shared Responsibility for Cloud Computing whitepaper, published by Microsoft in March 2016
  • 12. 2. Secure Your Code • Test inputs that are open to the Internet • Add delays to your code to confuse bots • Use encryption when you can • Test libraries • Scan plugins • Scan your code after every update • Limit privileges • DevSecOps
  • 13. 3. Create Secure Access Management Policies • Simplify access controls (KISS) • Lock down Admin account in Azure • Enable MFA (Azure, hardware/software token) • Identify data infrastructure that requires access (*Lock down AzureSQL) • Define roles and responsibilities (delegating service admins) • Azure NSG (private vs public) • Continually audit access (Azure Audit Logs) • Start with a least privilege access model (RBAC) *avoid owner role unless absolutely necessary • Don’t store keys in code (e.g. secret keys) • AAD Premium – (*Security analytics and alerting)
  • 14. 4. Data Classification • Identify data repositories and mobile backups • Identify classification levels and requirements • Analyze data to determine classification • Build Access Management policy around classification • Monitor file modifications and users
  • 15. 5. Adopt a Patch Management Approach • Use trusted images (*Prevent users from launching untrusted images) • Constantly scan all vulnerabilities in your images and patch them • Compare reported vulnerabilities to production infrastructure • Classify the risk based on vulnerability and likelihood • Test patches before you release into production • Setup a regular patching schedule • Keep informed, follow bugtraqer • Follow a SDLC
  • 16. 6. Log Management Strategy • Monitoring for malicious activity • Forensic investigations • Compliance needs • System performance • All sources of log data is collected and retained • Data types (Windows, Syslog) • Azure AD behavior • Azure Audit Logs (services, instances…activity, powershell) • Azure SQL Logs • Azure App Services Logs • Review process • Live monitoring • Correlation logic
  • 17. 7. Build a Security Toolkit • Recommended Security Solutions • Antivirus • IP tables/Firewall • Backups • FIM • Intrusion Detection System (VNET ingress/egress) • Malware Detection • Web Application Firewalls (inspection at Layer 7) • Forensic Image of hardware remotely • Future Deep Packet Forensics • Web Filters • Mail Filters • Encryption Solutions • Proxies • Log collection • SIEM Monitoring and Escalation • Penetration Testing
  • 18. 8. Stay Informed of the Latest Vulnerabilities • Websites to follow • http://www.securityfocus.com • http://www.exploit-db.com • http://seclists.org/fulldisclosure/ • http://www.securitybloggersnetwork.com/ • http://cve.mitre.org/ • http://nvd.nist.gov/ • https://www.alertlogic.com/weekly-threat-report/
  • 19. 9. Understand Your Service Providers Security Model • Understand the security offerings from your provider • Probe into the Security vendors to find their prime service • Hypervisor exploits are patched by the service provider • Questions to use when evaluating cloud service providers
  • 20. 10. Understand your Adversaries
  • 21. Threats are 24x7 = Security Operations 24x7 Monitor intrusion detection and vulnerability scan activity Search for Industry trends and deliver intelligence on lost or stolen data Collect data from OSINT and Underground Sources to deliver Intelligence and Content Identify and implement required policy changes Escalate incidents and provide guidance to the response team to quickly mitigate Incidents Monitor for Zero-Day and New and Emerging attacks Cross product correlate data sources to find anomalies
  • 23. Cloud Security is a Shared, but not Equal, Responsibility • Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Web Application Firewall • Vulnerability Scanning • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (inc. Multi-factor Authentication) • Application level attack monitoring • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration CUSTOMER ALERT LOGICMICROSOFT
  • 24. Vulnerabilities + Change + Shortage Complexity of defending web applications and workloads Risks are moving up the stack 1. Wide range of attacks at every layer of the stack 2. Rapidly changing codebase can introduces unknown vulnerabilities 3. Long tail of exposures inherited from 3rd party development tools 4. Extreme shortage of cloud and application security expertise Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Perimeter & end-point security tools fail to protect cloud attack surface Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management
  • 25. Block Analyze Allow Your Data Focus requires full stack inspection…and complex analysis Known Good Known Bad Suspicious Security DecisionYour App Stack Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Threats App Transactions Log Data Network Traffic Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management
  • 26. APP+CONFIG ASSESMENT Your Data Focus requires full stack inspection…and complex analysis Known Bad Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks App Transactions Log Data Network Traffic Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management COLLECTION TECHNOLOGY
  • 27. Your Data Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks App Transactions Log Data Network Traffic Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management APP+CONFIG ASSESMENT COLLECTION TECHNOLOGY Integrated value chain delivering full stack security… Signatures & Rules Anomaly Detection Machine Learning ANALYTICS Petabytes of normalized data from 4000+ customers
  • 28. Your Data Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks App Transactions Log Data Network Traffic Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management APP+CONFIG ASSESMENT COLLECTION TECHNOLOGY Signatures & Rules Anomaly Detection Machine Learning ANALYTICS Integrated value chain delivering full stack security, experts included Petabytes of normalized data from 4000+ customers • Threat Intelligence • Security Research • Data Science • Security Content • Security Operations Center 24/7 EXPERTS & PROCESS
  • 29. Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management CLOUD INSIGHT Signatures & Rules Anomaly Detection Machine Learning Integrated value chain delivering full stack security, experts included • Threat Intelligence • Security Research • Data Science • Security Content • Security Operations Center ACTIVEWATCHDETECTION & PROTECTION Web Security Manager Log Manager Threat Manager ALERT LOGIC CLOUD DEFENDER
  • 30. New capabilities focused on Web Attack Detection 1 Over 150 new web attack incidents 2 Improved OWASP Top 10 Coverage powered by Anomaly Detection 3 Advanced SQL Injection Detection powered by Machine Learning Web App Attacks OWASP top 10 Platform / library attacks App / System misconfig attacks Attacks Over 250 breaches detected in 2016
  • 31. Alert Logic solutions are easy to deploy • Use a combination of host based agents and appliances to collect network and application traffic • Agents also collect logs from the VM • Azure Activity Logs are collected via the Azure Monitor API • Azure SQL or App Services Logs are collected from Azure storage accounts • Appliances can be used to do internal scanning, or we can do external and PCI scanning from our cloud
  • 32. HOW IT WORKS: Alert Logic Threat Manager for 3 Tier Application Stack + Azure SQL VNET RESOURCE GROUP Alert Logic Web Traffic Threat Manager Appliance AutoScale AutoScale Azure SQL Database Tier Azure Storage Table SQL Logs Application Tier VM ScaleSets Web Tier VM ScaleSets Application Gateway VM
  • 33. 3-Tier applications using VMs only VNET RESOURCE GROUP Web Traffic Customer B Alert Logic Threat Manager Appliance VM AutoScale Application Tier VM ScaleSets AutoScale Web Tier VM ScaleSets Database Tier SQL VM AvailabilitySets VNET RESOURCE GROUP AutoScale Application Tier VM ScaleSets AutoScale Web Tier VM ScaleSets Database Tier SQL VM AvailabilitySets Web Traffic Customer A
  • 34. ARM Template automate appliance deployments https://github.com/alertlogic/al-arm-templates
  • 35. Agents can be baked into VM images, or automatically installed using DevOps toolsets https://supermarket.chef.io/cookbooks/al_agents
  • 36. Alert Logic – a Leader in Forrester’s 2016 NA MSSP WAVETM “Alert Logic has a head start in the cloud, and it shows. Alert Logic is an excellent fit for clients looking to secure their current or planned cloud migrations, clients requiring a provider than can span seamlessly between hybrid architectures, and those that demand strong API capabilities for integrations.” - Forrester WAVETM Report
  • 37. Addressing Customers with Compliance Requirements Alert Logic Solution PCI DSS SOX HIPAA & HITECH Alert Logic Web Security Manager™ • 6.5.d Have processes in place to protect applications from common vulnerabilities such as injection flaws, buffer overflows and others • 6.6 Address new threats and vulnerabilities on an ongoing basis by installing a web application firewall in front of public- facing web applications. • DS 5.10 Network Security • AI 3.2 Infrastructure resource protection and availability • 164.308(a)(1) Security Management Process • 164.308(a)(6) Security Incident Procedures Alert Logic Log Manager™ • 10.2 Automated audit trails • 10.3 Capture audit trails • 10.5 Secure logs • 10.6 Review logs at least daily • 10.7 Maintain logs online for three months • 10.7 Retain audit trail for at least one year • DS 5.5 Security Testing, Surveillance and Monitoring • 164.308 (a)(1)(ii)(D) Information System Activity Review • 164.308 (a)(6)(i) Login Monitoring • 164.312 (b) Audit Controls Alert Logic Threat Manager™ • 5.1.1 Monitor zero day attacks not covered by anti-virus • 6.2 Identify newly discovered security vulnerabilities • 11.2 Perform network vulnerability scans quarterly by an ASV or after any significant network change • 11.4 Maintain IDS/IPS to monitor and alert personnel; keep engines up to date • DS5.9 Malicious Software Prevention, Detection and Correction • DS 5.6 Security Incident Definition • DS 5.10 Network Security • 164.308 (a)(1)(ii)(A) Risk Analysis • 164.308 (a)(1)(ii)(B) Risk Management • 164.308 (a)(5)(ii)(B) Protection from Malicious Software • 164.308 (a)(6)(iii) Response & Reporting Alert Logic Security Operations Center providing Monitoring, Protection, and Reporting
  • 38. Scalable Threat Intel Process Delivers Relevant Content FUSIONNORMALIZATION ENTITY RESOLUTION LINK ANALYSIS CLUSTERING ANALYSIS COMPLEX ANALYSIS EXTRACTION HONEYNET 3RD-PARTY INTEL VULNERABILITIES WATCHLISTS RESEARCH TELEMETRY Big Data ReputationReputation BlacklistsBlacklists Content CoverageContent Coverage Incident ModelingIncident Modeling Intelligence GatheringIntelligence Gathering Relevant VulnerabilitiesRelevant Vulnerabilities Increased Contextual Awareness Increased Contextual Awareness Increase Incident Understanding Increase Incident Understanding Key Service CapabilitiesAnalysis TechniquesThreat Analytics PlatformInput Sources
  • 39. Stopping Imminent Data Exfiltration INCIDENT ESCALATION Partner and customer notified with threat source information and remediation tactics 8 min FUTHER ANALYSIS Alert Logic Analyst confirms user IDs and password hashes leaked as part of initial attack 2 hours EXFILTRATION ATTEMPT PREVENTED Partner works with customer to mitigate compromised accounts 6 hours COMPROMISE ACTIVITY Discovered through inspection of 987 log messages indicative of a SQL injection attack Customer Type: Retail Threat Type: Advanced SQL Injection
  • 40. Preventing Ransomware Spread INCIDENT ESCALATION Critical risk of lateral movement through shared drives identified 14 min LATERAL MALWARE MOVEMENT PREVENTED Analyst performs forensic review of additional 8,000 log messages and 1,400 events that identifies additional attack vectors through related events 6 hours SUSPICOUS ACTIVITY Cryptowall detected on key gateway server in over 1,400 events (6,000 Packets) Customer Type: Retail Threat Type: Ransomware
  • 41. To Follow our Research & Contact Information Blog https://www.alertlogtic.com/resources/blog Newsletter https://www.alertlogic.com/weekly-threat-report/ Cloud Security Report https://www.alertlogic.com/resources/cloud-security-report/ Zero Day Magazine https://www.alertlogic.com/zerodaymagazine/ Twitter @AlertLogic For More Information on Alert Logic Solutions Chris Camaclnag ccamaclang@alertlogic.com 206-673-4387