Submit Search
Upload
CSA Presentation - Software Defined Perimeter
•
Download as PPTX, PDF
•
4 likes
•
1,314 views
Vishwas Manral
Follow
CSA SDP Software Defined perimeter talk by Junaid Islam
Read less
Read more
Technology
Report
Share
Report
Share
1 of 9
Download now
Recommended
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the Cloud
Cryptzone
SDP Glossary v2.0
SDP Glossary v2.0
Shamun Mahmud
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
Cryptzone AppGate Technical Architecture
Cryptzone AppGate Technical Architecture
Cryptzone
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Government Technology & Services Coalition
Zero trust Architecture
Zero trust Architecture
AddWeb Solution Pvt. Ltd.
Recommended
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the Cloud
Cryptzone
SDP Glossary v2.0
SDP Glossary v2.0
Shamun Mahmud
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
Cryptzone AppGate Technical Architecture
Cryptzone AppGate Technical Architecture
Cryptzone
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Government Technology & Services Coalition
Zero trust Architecture
Zero trust Architecture
AddWeb Solution Pvt. Ltd.
CSA SV Threat detection and prediction
CSA SV Threat detection and prediction
Vishwas Manral
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Cryptzone
Microservices security CSA meetup ppt 10_21_2015_v2-2
Microservices security CSA meetup ppt 10_21_2015_v2-2
Vishwas Manral
How sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
DevOps.com
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without Firewalls
Priyanka Aash
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Cyxtera Technologies
Microservices Security: dos and don'ts
Microservices Security: dos and don'ts
Minded Security
Security in microservices architectures
Security in microservices architectures
inovia
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
Alert Logic
Cloud Access Security Brokers
Cloud Access Security Brokers
Abhishek Tripathi
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
rkulandaivel
Securing virtual workload and cloud
Securing virtual workload and cloud
Himani Singh
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
Ivan Dwyer
Comprehensive Information on CASB
Comprehensive Information on CASB
HTS Hosting
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
Advanced Technology Consulting (ATC)
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
Samrat Das
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
Bitglass
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
Priyanka Aash
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1
Priyanka Aash
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Standards Customer Council
Net scaler appfw customer technical presentation dec 2012f
Net scaler appfw customer technical presentation dec 2012f
xKinAnx
More Related Content
What's hot
CSA SV Threat detection and prediction
CSA SV Threat detection and prediction
Vishwas Manral
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Cryptzone
Microservices security CSA meetup ppt 10_21_2015_v2-2
Microservices security CSA meetup ppt 10_21_2015_v2-2
Vishwas Manral
How sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
DevOps.com
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without Firewalls
Priyanka Aash
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Cyxtera Technologies
Microservices Security: dos and don'ts
Microservices Security: dos and don'ts
Minded Security
Security in microservices architectures
Security in microservices architectures
inovia
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
Alert Logic
Cloud Access Security Brokers
Cloud Access Security Brokers
Abhishek Tripathi
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
rkulandaivel
Securing virtual workload and cloud
Securing virtual workload and cloud
Himani Singh
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
Ivan Dwyer
Comprehensive Information on CASB
Comprehensive Information on CASB
HTS Hosting
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
Advanced Technology Consulting (ATC)
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
Samrat Das
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
Bitglass
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
Priyanka Aash
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1
Priyanka Aash
What's hot
(20)
CSA SV Threat detection and prediction
CSA SV Threat detection and prediction
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Operational Complexity: The Biggest Security Threat to Your AWS Environment
Microservices security CSA meetup ppt 10_21_2015_v2-2
Microservices security CSA meetup ppt 10_21_2015_v2-2
How sdp delivers_zero_trust
How sdp delivers_zero_trust
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without Firewalls
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Microservices Security: dos and don'ts
Microservices Security: dos and don'ts
Security in microservices architectures
Security in microservices architectures
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
Cloud Access Security Brokers
Cloud Access Security Brokers
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
Securing virtual workload and cloud
Securing virtual workload and cloud
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
Comprehensive Information on CASB
Comprehensive Information on CASB
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1
Similar to CSA Presentation - Software Defined Perimeter
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Standards Customer Council
Net scaler appfw customer technical presentation dec 2012f
Net scaler appfw customer technical presentation dec 2012f
xKinAnx
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Symantec Brasil
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
JoshuaCiccone2
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013
David Linthicum
CA CloudMinder Vasu Surabhi
CA CloudMinder Vasu Surabhi
Vasu Surabhi
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
CA API Management
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - Vasu
Vasu Surabhi
AWS November meetup Slides
AWS November meetup Slides
JacksonMorgan9
AWS User Group November
AWS User Group November
PolarSeven Pty Ltd
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
MongoDB
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
Tour to Azure Security Center
Tour to Azure Security Center
Lalit Rawat
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
Nordic APIs
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
CA API Management
Migrating and Modernizing Identity on the Path to Multi Cloud
Migrating and Modernizing Identity on the Path to Multi Cloud
Strata Identity
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust Strategy
Okta-Inc
Similar to CSA Presentation - Software Defined Perimeter
(20)
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
Net scaler appfw customer technical presentation dec 2012f
Net scaler appfw customer technical presentation dec 2012f
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
Becomming a cloud governance ninja linthicum interop fall 2013
Becomming a cloud governance ninja linthicum interop fall 2013
CA CloudMinder Vasu Surabhi
CA CloudMinder Vasu Surabhi
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
CA Security - Deloitte IAM Summit - Vasu
CA Security - Deloitte IAM Summit - Vasu
AWS November meetup Slides
AWS November meetup Slides
AWS User Group November
AWS User Group November
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
Tour to Azure Security Center
Tour to Azure Security Center
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Migrating and Modernizing Identity on the Path to Multi Cloud
Migrating and Modernizing Identity on the Path to Multi Cloud
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust Strategy
Recently uploaded
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Paola De la Torre
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Recently uploaded
(20)
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
CSA Presentation - Software Defined Perimeter
1.
© Cloud Security
Alliance, 2016 Junaid Islam Co Chair
2.
Agenda © Cloud Security
Alliance, 2016 •Architecture •Achievements •Action Plan
3.
Security Challenge © Cloud
Security Alliance, 2014. Connect to Application Denial of Service Provide Credentials Credential Theft Server Exploitation Multifactor Token Connection Hijacking APT/Lateral Movement
4.
Security Challenge © Cloud
Security Alliance, 2014. Connect to Application Provide Credentials Multifactor Token
5.
SDP Security Model ©
Cloud Security Alliance, 2014. Connect to Application Provide Credentials Multifactor Token
6.
SDP Security Architecture ©
Cloud Security Alliance, 2014. SDP Controller SDP Gateways 2. User Authentication & Authorization Enterprise identity: separation of trust SAML IdP integrated with LDAP groups 0. One time on-boarding Client root of trust Digital artifacts & thin client 3. Dynamically Provisioned Connections Applications isolated and protected Usability: portal page of applications Hosting & IaaS DMZ & Data Center SD P Client Crypto Client Crypto Gatewa y IP’s 1. Device Authentication & Authorization SPA: anti DDoS, defeats SSL attacks mTLS & fingerprint: anti credential theft SAML IdP Issuing CA
7.
Achievements (last 2
years) © Cloud Security Alliance, 2014. • Version 1 specification • 3 SDP Hackathons (4th in progress) • Gartner endorsement as “next big thing” • 4 Workgroups • Enterprise • FISMA Moderate • Auto/IoT • DDoS
8.
Action Plan © Cloud
Security Alliance, 2014. • 2 new workgroups • IaaS • IoT • Version 2 specification • Content challenge • Increased outreach • The future is looks good!
9.
? ? ? © Cloud
Security Alliance, 2016
Download now