Modernizing Traditional Security - DEM13 - AWS re:Inforce 2019

•

0 likes•440 views

As containers become the commonplace method for delivering and deploying applications, we’ve seen more of our customers taking a “lift-and-shift” approach to migrating their existing applications. In this session, John Morello from Twistlock discusses a non-profit that provides environmental science and engineering oversight to some of the world’s largest civil waterworks projects. This organization relies on a critical 14-year-old app that models storm surge. The move to containers for this application delivered immediate benefits, making it easier to manage vulnerabilities, ensure regulatory compliance, and provide runtime defense. In this session, we break down the security advantages of containers relative to traditional architectures.

Software is eating the world
Every org is becoming a software org
Software orgs need modern tools
DevOps, containers, and cloud native are those tools
The world is unpredictable
‘Democratization’ of sophisticated attacks
Security teams and SOCs overloaded
Your own software is the softest target

Think about your cloud native infrastructure… it’s
abstraction on top of abstraction, especially from a
networking standpoint
Everything is ephemeral and everything is constantly
changing — many more entities to secure
Security is largely in the hands of the developer
Security needs to be as portable as the applications
Cloud Native Can Be Challenging

The nature of cloud native applications allows for
a new approach to security
Apply machine learning to understand actual
runtime behavior
Build models of what applications should do to
detect and prevent what they shouldn’t
…But Also Easier

| © 2019 | Confidential
Today’s Orgs Have More Infrastructure
Options Than Ever Before

Real World Risks from the Past Two Years
Weight Watchers IT infrastructure
exposed via no-password
Kubernetes server
Kubernetes' first major security
hole discovered, allowing privilege
escalation, with a CVSS 9.8
February 2018
May 2018
June 2018
December 2018
SSRF in Shopify Exchange leads
to root access in all containers
Tesla cloud resources are hacked to
run cryptocurrency mining malware
RunC container escape
flaw enables root access
to host system
February 2019
And last month, Twistlock Labs disclosed a directory traversal vulnerability in kubectl

| © 2019 | Confidential
With the right approach, this new
world is more secure.

Enabling Better Defense
The nature of cloud native technologies
allows for a new approach to security
Machine learning and automation take
manual configuration out of the picture
Whitelist what applications should do to
detect and prevent what they shouldn’t
8

New World Security
Shift security left – modeling
integrated into CI/CD
Policy custom tailored for each
application, each build
Security that automatically scales
with the environment
9

by Twistlock With containers, teams worldwide are deploying faster than ever before. But traditional security practices are slow and manual - leaving many users a choice between strong security or DevOps speed. In this talk, we'll outline how adopting a new 'cloud native' approach to security lets you recognize all the benefits of containerized deployment - and enjoy stronger protection than ever before.

Lacework slides from AWS Meetups

John Varghese

AWS Summit Singapore 2019 | Learn How to Achieve Complete Visibility, Strong ...

AWS Summits

Lacework Overview: Security Redefined for Cloud Scale

Lacework

Cloud computing has revolutionized IT and is disrupting security. Speed, elasticity, and unlimited scale are characteristics of the cloud that conventional security does not support well. To succeed, cloud security teams need to operate at the same pace as DevOps, secure thousands of continuously changing workloads, and monitor activities and metrics that are unique to the cloud. This is exactly what the team had in mind when building the Lacework Cloud Security Platform. Our approach natively brings speed and automation to every cloud security process, and: - Automates the discovery of what must be protected - Monitors for behavioral anomalies to detect threats and prevent breaches - Eliminates the use labor-intensive rules and policies - Delivers comprehensive insights that replace time-consuming log analysis The result is better security regardless of the technology in use now and in the future. Lacework supports public and private clouds, VMs or containers, Docker or Kubernetes, Linux or Windows Server and any combination of these.

AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...

Amazon Web Services

Zero trust security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the zero trust security approach is next-gen access which combines the critical capabilities of such technologies as identity as a service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a zero trust security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console, and the AWS Command Line Interface, and managing developer access to Amazon EC2 instances and containerized applications that run on them.

Lacework for AWS Security Overview

Lacework

Aligning Risk with Growth - Cloud Security for startups

Moshe Ferber

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)

Iftikhar Ali Iqbal

The presentation provides the following: - McAfee Company Overview - McAfee Strategy - McAfee Cloud Security Solutions - Cloud Security Challenges - Cloud Security Threats - MVISION Cloud Overview - MVISION Cloud Platform - MVISION Cloud Use Cases - MVISION Cloud Industry Analyst Recognition - MVISION Cloud Licenses & Packaging - Unifed Cloud Edge (UCE) Please note all the information is based prior to Jan 2020.

Passing through the Lion’s den – How to sell cloud services to security guys: Pitching your SaaS offering is usually fun, until the security guys walks into the room as anyone who try to promote cloud services to organizations probably knows. On the other hand, for the CISO, sometimes cloud vendors represent the sum of all their greatest fears. So, how can providers of cloud based software do better job in satisfying those gate keepers? Learn to speak their language and understand their terminology and way of thinking. In this presentation we will walk through the do’s and don’ts when pitching to information security professionals, and try to better understand their motivation and how to address their concerns. This presentation is an introduction to a workshop providing better tools for cloud based companies to overcome challenges when selling their offering.

Cloud security innovation - Cloud Security Alliance East Europe Congress 2013

Moshe Ferber

We live in interesting times, at least from computer technology point of view. In the last couple years we change the way our backend systems function (Cloud Computing) and the way consume our front end interfaces (Mobility, the Internet of thing). It is safe to say that the technology changes we are now experiencing – will revolutionize the way we consume technology. But the described changes are being held back, and mostly because of information security. The root cause of the slow adoption of cloud among enterprises is Trust. Challenges around transparency, compliance, standardization and immature technologies are causing lack of trust between cloud stakeholders. And this lack of trust is the number one obstacle facing cloud computing. So it is time for innovation. There is great demand for new, innovative solutions that will fuel the engines of the industry. Cloud Computing technologies can be innovative and ground breaking, this has been proved before. Today there are many areas where innovative solution can change the way we think and provide security. In the presentation we will discuss the future of technologies like Identity Management, Encryption, API security and Big Data platforms and evaluate where we should improve the current technologies. Regarding encryption - we know that current technologies are limited in our options to safe guard keys in virtual environments and that we don’t have solutions for using encryption as a method to increase real multi tenancy, audit and access controls, for all data types. Encryption technology must improve at all levels, starting from key management, file level encryption (IRM solutions) and other new technologies such as Homomorfic encryptions should be developed further to be effective.

Best practices for automating cloud security processes with Evident.io and AWS

Amazon Web Services

Evident.io helps modern IT and DevOps teams implement and maintain security within the AWS shared responsibility model by enabling IT, Security, Engineering, and Operations with a continuous global view of security risk and actionable intelligence to rapidly remediate and secure AWS deployments. Hear how one of their customers combined the detection and analysis of misconfigurations, vulnerabilities, and risk with guided remediation and audit capabilities to gain visibility of their security environment, automate processes and meet compliance requirements. Eddie Borrero, Chief Information Security Officer, Robert Half International Phil Rodrigues, Security Solution Architect, AWS Craig Dent, Solutions Architect, Evident.io

How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck

Amazon Web Services

Splunk® offers a leading platform for Operational Intelligence, enabling AWS users to look closely at machine data and gain actionable insights that can help make your organization more productive, profitable, competitive, and secure. Join us to learn how Splunk and AWS together can provide the end-to-end visibility needed to respond proactively and as quickly as possible to rapidly evolving security environments. Learn how Splunk and AWS together can provide the end-to-end visibility needed to respond proactively and as quickly as possible to rapidly evolving security environments. Speakers: David Wall, Country Manager ANZ & Head of Asia Pacific & Japan & Arup Chakrabarti, Director of Engineering - Pager Duty Myles Hosford, Security Solution Architect - AWS Richard Smith, Strategic Alliances - Splunk

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

Netskope

Cloud security for banks - the central bank of Israel regulations for cloud s...

Moshe Ferber

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose

Moshe Ferber

loud computing is evolving fast, and so are the threats and defense tactics. Cloud consumers and providers should always be aware of the latest risks and attack vectors and explore the latest security events to identify new attack vectors. Here, we’ll provide you with a list of the latest threats and discuss their effect on our security posture, and review a recent case study of attacks relevant to those threats.

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report

Iftikhar Ali Iqbal

This document is a sample report on the POC (proof of concept) document of MVISION Cloud (MVC), McAfee's Cloud Access Security Broker (CASB) solution - formerly Skyhigh Networks. It includes the following: - MVISION Cloud (MVC) Overview - MVISION Cloud (MVC) Architecture - MVISION Cloud (MVC) for Shadow IT -- Observations and Recommendations - MVISION Cloud (MVC) for Sanctioned SaaS -- Observations and Recommendations - MVISION Cloud (MVC) for Sanctioned IaaS -- Observations and Recommendations - End User Experience - Administrator Experience Goes well with the MVC POC document uploaded. Please note all the information is based prior to July 2019.

Microsoft threat protection + wdatp+ aatp overview

Allessandra Negri

McAfee - Portfolio Overview

Iftikhar Ali Iqbal

Stop Hackers with Integrated CASB & IDaaS Security

OneLogin

DevSecOps in 10 minutes

kieranjacobsen

DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.

Zero trust for everybody: 3 ways to get there fast

Cloudflare

The COVID-19 pandemic has exposed the weaknesses of the traditional ‘castle-and-moat’ security model. Remote work has expanded attack surfaces infinitely outwards, and more than ever, organizations need to start from the assumption that their ‘castle’ is already compromised. Zero Trust has emerged as a compelling security framework to address the failures of existing perimeter-based security approaches. It’s aspirational, but not unachievable. At Cloudflare, we’re making complicated security challenges easier to solve. Since 2018, Cloudflare Access has helped thousands of organizations big and small take their first steps toward Zero Trust. In this presentation, Cloudflare will share their perspective on what the most successful organizations do first on their journey to Zero Trust. We’ll cover: -The Zero Trust framework, and our recommended ZT security model -How 3 organizations of differing size and security maturity have implemented Zero Trust access -Cloudflare’s Zero Trust implementation and lessons learned

Cloud summit demystifying cloud security

David De Vos

During this session we’ll cover the key solutions and steps to securing a cloud environment. We’ll cover policy creation, security posture management & cybersecurity incident analysis. You’ll see how compliance is made easy in the cloud and how continuous monitoring works. We’ll explain how multi-cloud security works as well! As we walk through the solutions, we’ll share some best practices and use cases from our experience.

Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...

Amazon Web Services

<Management Track> Paul Hidalgo, Security Solutions Architect, APAC, Trend Micro You are quickly building and deploying exciting services on top on the AWS Cloud. As your deployment matures, you start to understand how each of these services has its own unique challenges when it comes to operations and security. Making sure that the diversity available in AWS services doesn't increase the operational burden on your teams is a significant challenge. If you don't use the right strategy, you risk implementing a unique security approach for each service. In this talk we'll look at an overall security strategy for your deployment pulled from the real-world experiences of some of the top companies around the world. This strategy along with services like AWS Lambda can provide a unified view of your deployment and automatically respond to incidents … regardless of scale.

Introduction to Security in the Cloud - Mark Brooks, Alert Logic

Alert Logic

Phone hack

MohammadRizwan126

Hacker

MohammadRizwan126

What's hot

The Cloud & I, The CISO challenges with Cloud Computing

Moshe Ferber

The New Economics of Cloud Security

Alert Logic

SACON - Mobile App Security (Srinath Venkataramani)

Priyanka Aash

Practical DevSecOps Using Security Instrumentation

VMware Tanzu

Surviving the lions den - how to sell SaaS services to security oriented cust...

Moshe Ferber

Cloud security innovation - Cloud Security Alliance East Europe Congress 2013

Moshe Ferber

Best practices for automating cloud security processes with Evident.io and AWS

Amazon Web Services

How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck

Amazon Web Services

Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!

Netskope

Cloud security for banks - the central bank of Israel regulations for cloud s...

Moshe Ferber

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose

Moshe Ferber

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report

Iftikhar Ali Iqbal

Microsoft threat protection + wdatp+ aatp overview

Allessandra Negri

McAfee - Portfolio Overview

Iftikhar Ali Iqbal

Stop Hackers with Integrated CASB & IDaaS Security

OneLogin

DevSecOps in 10 minutes

kieranjacobsen

Zero trust for everybody: 3 ways to get there fast

Cloudflare

Cloud summit demystifying cloud security

David De Vos

Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...

Amazon Web Services

Introduction to Security in the Cloud - Mark Brooks, Alert Logic

Alert Logic

What's hot (20)