The document discusses the importance of a full stack cyber security approach for multi-cloud environments due to the complex and evolving threat landscape. It emphasizes the need for continuous assessment and protection strategies like Outpost24 CloudSec Inspect to identify vulnerabilities and ensure security compliance across various platforms such as AWS, Azure, and Google Cloud. Key features include automated risk assessment, cloud configuration awareness, and actionable insights to enhance cloud security workflows.

1. Mastering the art of multi-cloud
security
Barry Butler
November 2019

2. 2
Why the Full Stack Cyber Security Approach?
• Hackers take a holistic view when trying to
attack your organization
• Therefore you need to think about your risk
profile holistically
• With digital transformation the threat
landscape has become more complex and
less homogenous making it harder for your
organization to spot vulnerabilities easily
• Cloud and Multi-cloud environments have
their own risks and vulnerabilities
Full Stack Cyber Security
Network
Cloud
Applications
User/Data
Devices
Business Value

3. 3Security – Step by Step
Your company is being targeted
Outpost24 Cloudsec Inspect
As a first line of defense protect your cloud and multi-
cloud environment and assets.
Check all doors and windows are locked.
Protecting your company using traditional methods will
protect you from certain attacks. But what about the
attacks on the cloud environment itself?
CloudSec Inspect provides a complete view of your attack
surface and continuously assesses weak points across
multi-cloud including misconfiguration.

4. 4
• Cloud configuration awareness
• Logging
• Encryption
• Lack of skills
• Shadow Cloud / Cloud Sprawl
• Shared Responsibility Model
• Complexity and Elasticity
• Cloud workloads
Cloud Configurations Are At Risk

5. Whereas in the Cloud you need to secure:
• Logging
• Encryption
• Rogue network ports
• Access controls
• Multi-cloud and hybrid
• Configuration
• Cloud workloads
Your assets need securing in IaaS. The cloud
providers only monitor the infrastructure!
5Security considerations Data centers vs Cloud?
Traditional data centers require security for:
• Access controls
• Wireless access
• Flood prevention systems
• Fire detection systems
• Air conditioning
• Office space

6. Key outcomes: Product Demo
• Guidance to improve cloud security
workflow
• Including automation to enhance day
to day cloud vulnerability checking
• Best practices to build stronger
working relationships
• Implementing best practices
• Resolving Cloud configuration issues
6

7. Product Demo 7

8. Features and benefits:
• Multi-cloud coverage
• Continuous scanning to test misconfigurations
• Auto discovery
• Clone and scan
• CIS benchmarking:
• Amazon Web Services
• Microsoft Azure
• Google Cloud Platform
• Comprehensive reporting
• Outpost24 Full Stack Assessment
8

9. Cloud Security Assessment Workflow 9
Identify what you own
Assess where it is weak
Focused risk reduction

10. About us

11. Cloudsec Inspect ensures you are fully protected and
maintains your shared responsibility in the public clouds
through auto discovery of assets and continuous
assessment against CIS benchmarks and cloud workloads.
Uncovering real risks, vulnerabilities, and providing
actionable insights to better inform your strategic
decisions.
11

12. Barry Butler
Senior Pre-Sales Consultant
bbu@outspot24.com
Q & A