The document discusses the evolving security landscape in cloud environments, emphasizing the increased complexity and risks associated with cybercrime, where attackers have become more organized and attacks more sophisticated. It highlights the need for a shift in security approaches, maintaining traditional security best practices while adapting them for cloud technologies, and stresses the shared responsibility model between service providers and users. Additionally, it presents Alert Logic as a solution for providing integrated security and analytics for cloud workloads and web applications.

1. Introduction
to Security
in the Cloud
Mark Brooks
VP, Solution Engineering, Alert Logic

2. SECURITY IS A CHALLENGE

3. Infrastructure Has Changed
EARLY 2000’s MID 2000’s NOW
Buying Hardware

4. Infrastructure Has Changed
EARLY 2000’s MID 2000’s NOW
Infrastructure As a ServiceBuying Hardware

5. Security Has Changed

6. Security Has Changed

7. Cybercrime Has Also Changed
Single Actors
EARLY 2000’s MID 2000’s NOW

8. Cybercrime Has Also Changed
Single Actors Highly Organized Groups
EARLY 2000’s MID 2000’s NOW

9. Cybercrime is Flourishing
508 is the average
number of applications
in an enterprise
Evolution of AdversariesExpanding Attack Surfaces Overwhelmed Defenses
37% of US companies
face 50,000+ alerts
per month
390,000 new malicious
programs every day with
a viable ecosystem
Forbes, 2014
FireEye, 2015
AV-TEST, 2016

10. Attack methods are evolving
• Security risks
-Perception of increased risk due to lack of control
-Blind spots: no way to connect on-premise and cloud attacks
-Increased threat surface
-Tuning tools for relevant notifications
Cloud Environment On Premise Environment
Source: Alert Logic CSR 2016
42%
25%
19%
8%
4% 2%
application-attack brute-force suspicious-activity
recon trojan-activity denial-of-service
51%
22%
18%
5% 3% 1%
brute-force suspicious-activity application-attack
trojan-activity recon denial-of-service

11. Today’s Attacks Have Several Stages

12. Who is being targeted? BIG

13. Who is being targeted? And Small

14. SECURITY IN THE CLOUD

15. The Cloud Can be Secure
“Public cloud workloads can be at least as
secure as those in your own data center,
likely better.”
Neil McDonald – Gartner Security and Risk Management Summit
London Sept 2015

16. Cloud has disrupted traditional security
DEPLOYMENT & MANAGEMENT PERFORMANCE & OPERATIONS
CUSTOMER APPLICATION
REQUIREMENTS
TRADITIONAL
SECURITY
CLOUD
DRIVERS
SLOW, COMPLEX
CONFIGURATIONS
AGILITY & AUTOMATION HYPER-SCALABILITY PRIORITY: WEB APPLICATIONS
SCALING CHOKEPOINTS
POOR DETECTION OF
WEB APP ATTACKS
vs vs vs

17. Challenges of being Secure in the Cloud
SECURITY TOOLS ARE
Complicated to use
Difficult to deploy
Expensive to manage
and tune
HUMAN EXPERTISE IS
Hard to find
Harder to keep
Very expensive
THREAT INTELLIGENCE
AND SECURITY CONTENT
Gets stale quickly
Requires specific
know-how
Validation required to avoid
false positives

18. Cloud Security – New Approach
The Principles of security do not change
but your Approach to security needs to
change:
• Security best practices are no different in the cloud
• You need to apply the same security standards to
cloud workloads as applied to on-premises
• Understand the Shared Responsibility of Cloud
Security

19. • Security Monitoring
• Log Analysis
• Vulnerability Scanning
• Network Threat Detection
• Security Monitoring
• Secure Coding and Best Practices
• Software and Virtual Patching
• Configuration Management
• Access Management (including multi-
factor authentication)
• Access Management
• Configuration Hardening
• Patch Management
• TLS/SSL Encryption
• Network Security
Configuration
• Web Application Firewall
• Vulnerability Scanning
• Application level attack monitoring
• Hypervisor Management
• System Image Library
• Root Access for Customers
• Managed Patching (PaaS, not IaaS)
• Logical Network Segmentation
• Perimeter Security Services
• External DDOS, spoofing, and
scanning monitored
APPS
CUSTOMER ALERT LOGICMICROSOFT
VIRTUAL MACHINES
NETWORKING
INFRASTRUCTURE
SERVICES
Cloud Security is a Shared, but not Equal, Responsibility

20. ALERT LOGIC HAS A SOLUTION

21. We protect cloud workloads & web applications
• Full-stack security
• Integrated analytics & experts
• Built for cloud
• Cost-effective outcomes
ASSESS
BLOCK COMPLY
DETECT
FULLY-MANAGED SECURITY, DELIVERED AS A SERVICE
Data
Center
Hosting

22. Your Data
Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
App Transactions
Log Data
Network Traffic
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
APP+CONFIG
ASSESMENT
COLLECTION
TECHNOLOGY
Signatures &
Rules
Anomaly
Detection
Machine
Learning
ANALYTICS
Integrated value chain delivering full stack security, experts included
Petabytes of normalized data from 4000+
customers
• Threat Intelligence
• Security Research
• Data Science
• Security Content
• Security Operations
Center
24/7 EXPERTS
& PROCESS

23. Web App
Attacks
OWASP
Top 10
Platform /
Library
Attacks
System /
Network
Attacks
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Networking
Cloud Management
CLOUD INSIGHT
Signatures &
Rules
Anomaly
Detection
Machine
Learning
Integrated value chain delivering full stack security, experts included
• Threat Intelligence
• Security Research
• Data Science
• Security Content
• Security Operations
Center
ACTIVEWATCHDETECTION &
PROTECTION
Web Security
Manager
Log
Manager
Threat
Manager
ALERT LOGIC CLOUD DEFENDER

24. We designed security for cloud and hybrid environments
GET STARTED IN MINUTES
MAINTAIN COVERAGE AT
CLOUD SCALE
KEEP PRODUCTION FLOWING
with modular services that
grow with you
Comply
with integration to cloud APIs
and DevOps automation
with auto-scaling support and
out-of-band detection
Single pane of glass for workload and application security
across cloud, hosted & on-premises

25. Leaders
28
8
6
4
10
25
3
5
5
11
8
10
15
24
Other
Amazon
Check Point
Chronicle Data
Cisco
Fortinet
Intel Security
Okta
Symantec
Barricade
JumpCloud
Evident.io
Palerra
Microsoft
CloudPassage
CloudCheckr
FortyCloud
ThreatStack
Alert Logic
A recognized security leader
“Alert Logic has a
head start in the cloud,
and it shows.”
PETER STEPHENSON
SC Magazine review
“…the depth and breadth
of the offering’s analytics
and threat management
process goes beyond
anything we’ve seen…”Who is your primary
in-use vendor for Cloud
Infrastructure Security?
Who are the top vendors
in consideration for Cloud
Infrastructure Security?
Alert Logic

26. Over 4,000 worldwide customers
AUTOMOTIVE HEALTHCARE
EDUCATION
FINANCIAL SERVICES
MANUFACTURING
MEDIA/PUBLISHING
RETAIL/E-COMMERCE
ENERGY & CHEMICALS
TECHNOLOGY & SERVICES
GOV’T / NON-PROFIT

27. BEST PRACTICE & TAKEAWAYS

28. 10 Cloud Security Best Practices
1. Secure your code
2. Create access management policies
3. Data Classification
4. Adopt a patch management approach
5. Review logs regularly
6. Build a security toolkit
7. Stay informed of the latest vulnerabilities that may affect you
8. Understand your cloud service providers security model
9. Understand the shared security responsibility
10. Know your adversaries

29. 10 Cloud Security Best Practices
1. Secure your code
2. Create access management policies
3. Data Classification
4. Adopt a patch management approach
5. Review logs regularly
6. Build a security toolkit
7. Stay informed of the latest vulnerabilities that may affect you
8. Understand your cloud service providers security model
9. Understand the shared security responsibility
10. Know your adversaries

30. Top 3 Takeaways
1. Cyber Crime is flourishing – Big
and small companies
2. Security in the Cloud has similar
overall principles but new
complexity
3. Alert Logic provides full stack
security with experts included

31. Thank You.