Rackspace, profile picture
Uploaded byRackspace
PPTX, PDF719 views

RMS Security Breakfast

The document highlights the increasing security threats faced by Australian businesses, with the average cost of data breaches reaching $2.5 million and a reported increase in global security incidents. It outlines Rackspace's managed security offerings, emphasizing proactive detection, rapid response, and the need for experienced security analysts. Additionally, it discusses the tactics used by advanced persistent threats (APTs) and suggests a comprehensive approach to security that includes vulnerability management, compliance assistance, and advanced protection technologies.

Embed presentation

Downloaded 23 times
#rackspacesolve Melbourne
Increasing and costly security threats • Average cost per data breach to Australian business is $2.5 million • PWC research found 48% increase in reported global security incidents last year versus prior year • McAfee says cost to the global economy from cybercrime is anywhere is $400 - $600 billion per year Source: PWC Global State of Information Security Study 2015, Gartner, MacAfee. Crn.com
P R O P R I E T A R Y & C O N F I D E N T I A L 4 Top Cloud Challenges 2016 1. Lack of resources/expertise 2. Security 3. Compliance 4. Managing multiple cloud services 5. Managing costs SOURCE: RightScale 2016 State of the Cloud Report
Brannon Lacey General Manager, Emerging Businesses Leads Digital Marketing and Managed Security business units at Rackspace. Prior to Rackspace, Brannon was a Principle at Samsung Venture Investment Corp and a Manager within the Strategy Practice at Accenture. Brannon holds an MBA from Columbia Business School and duel degrees in Entrepreneurship and Management Information Systems from the University of Arizona. INTRODUCTION
About Rackspace PORTFOLIO of Hosted Solutions 10 WORLDWIDE Data Centers 6,200 RACKERS DEDICATED :: CLOUD :: HYBRID Annualized RevenueOver $2B 60% 100OF THE WE SERVE FORTUNE® GLOBAL FOOTPRINT Customers in 120 Countries
Global Reach SERVING BUSINESSES IN 120 COUNTRIES DATA CENTERS: Ashburn, VA Chicago, IL Herndon, VA Grapevine, TX Richardson, TX OFFICES: Amsterdam, Netherlands Hayes,UK Zurich, Switzerland DATA CENTERS: Crawley, UK Slough, UK OFFICES: Quarry Bay, Hong Kong Sydney, Australia Bangalore, India DATA CENTERS: Fo Tan, Hong Kong Erskine Park, Australia OFFICES: Austin, TX Blacksburg, VA Chicago, IL Cincinnati, OH Duluth, GA New York, NY San Antonio, TX San Francisco, CA St. Louis, MO North America EMEA APACLATAM OFFICES: Mexico City, MX
www.rackspace.com For the World’s Leading CLOUDS We provide FANATICAL SUPPORT® ®
RACKSPACE® MANAGED CLOUD WORKLOAD / EXPERTISE INFRASTRUCTURE SERVICE Technology Stack Platform Fanatical Support® 24x7x365 DEDICATED HOSTING PRIVATE CLOUD PUBLIC CLOUD HYBRIDCLOUD CLOUD SCALE APPS DATA SERVICES DIGITAL CLOUD OFFICE IT TRANSFORMATION SECURITY SECURITY AND COMPLIANCE ®
Anatomy of an Attack General Manager, Emerging Business :: @rackspace J A R R E T R A I M
Jarret Raim Director of Strategy & Engineering Responsible for the development, implementation and support of all customer facing security products and services. Jarret has held several internal security architecture and product management roles at Rackspace to include the creation of Barbican key management product, now part of the official OpenStack ecosystem. Jarret holds Masters and Bachelors degrees in Computer Science from Trinity and Lehigh Universities, respectively. INTRODUCTION
Advanced Persistent Threat • Advanced – use of sophisticated techniques like malware exploits of vulnerabilities • Persistent – external command and control driven by a threat actor, continuous and varied attacks • Threat – Human based organization with specific goals. Image courtesy of Wikipedia An advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity.
Anatomy of an Attack • Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
Anatomy of an Attack • Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
Phishing
Spear Phishing Jarret Raim: Recon
Anatomy of an Attack • Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
Spear Phishing Jarret Raim: Exploit
Anatomy of an Attack • Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
Malware: Poison Ivy • RATs are generally considered ‘low-tech’, but are used as part of APT style attacks • Poison Ivy has been in use for over 8 years, repacking and other techniques allow it to still be effective • Includes key logging, screen capturing, video capturing, file transfers, password theft, system administration, traffic relaying, and more • Primarily seen at financial institutions – an indication of its use in APT Remote Access Tools (RATs) offer unfettered access to compromised machines. They are deceptively simple— attackers can point and click their way through the target’s network to steal data and intellectual property.
Anatomy of an Attack • Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
Example Pivot: Target 1. Attacker recons Target and catalogues suppliers using public sources 2. Fazio is compromised through spearfishing, which grants access to Target network 3. Attacker uses default password in BMC to move through network (unconf) 4. Attacker installs POS malware and sets up exfiltration servers 5. Credit Card information is collected and exfiltrated An attacker is said to be ‘pivoting’ when they recon and compromise additional machines after an initial incursion – this is also known as lateral movement Attackers had access to the Target networks for just over 30 days. They were detected, but Target was unable to respond due to limited staffing / tool flood issues
C U S T O M E R S E C U R I T Y O P E R A T I O N S
A Security Strategy for the New Normal Building upon the most effective elements of traditional security with a focus on three key areas for uniquely effective protection in today’s threat landscape • Prioritize your data and understand its business value • Abandon the traditional reactive posture triggered by alerts • Enable immediate action to protect data and minimize business impact 3 OUR SECURITY APPROACH Proactive Detection Rapid Response Deep Expertise
Rackspace Managed Security Operations 5 • Holistic 24x7x365 capability to monitor, alert and respond to security incidents on our customers behalf • Do as much as we can on behalf of our customers and do it quickly: ‣ Minimize impact by replacing graduated response with immediate action ‣ Enabled by preapproved actions • Security best practice and hygiene = Compliance outcomes • All customer interaction and oversight handled by a dedicated Customer Experience Team to ensure: ‣ Quality ‣ Consistency ‣ Reliability Customer Customer Experience Team Customer Security Operations Center Compliance Team
Know Your Enemy 7 • The APT actor is a PERSON… ‣ Highly sophisticated ‣ Highly motivated ‣ Well-trained ‣ Well-equipped • An APT Actor is backed by… ‣ Powerful nation states ‣ Well-resourced organized crime groups Who is a Advanced Persistent Threat (APT)?
Technology Alone Will Not Succeed 7 Experienced Security analysts are key for effective protection. Rackspace analysts are: • Highly experienced • Highly motivated • Well-trained • Well-equipped Backed by… • Fanatical Support® • Best-in-breed technology
29 Rackspace Managed Security Reduces an APT’s Most Precious Resource: Time RESPOND Swift & Sure • Triage & investigate • Execute cyber response • Respond immediately through pre-approved actions DETECT Automated & Expertise-Driven • Monitor systems & networks • Identify anomalies through proactive cyber hunting REPORT Timely & Risk-Based • Event-driven flash & after-action reporting • Weekly metrics reporting • Monthly cyber-risk reporting DETER Proactive & Predictive • Prepare the battlespace • Understand the threat landscape • Set operational plan & procedure • Understand business risk 29 ACTION AFTERACTION ANTICIPATION AWARENESS SUPPORT REPORT MEASURE
CYBER HUNTING • What is Cyber Hunting? ‣ Proactive analysis of data ‣ Generic and targeted (focused) hunting • Why do we Hunt? ‣ Catch what is missed by tools • How does Hunting improve security posture? ‣ Earlier detection in the Attacker Life Cycle ‣ Fills gaps in tool visibility
WHAT DO WE HUNT FOR? • Intel-based Indicators of Compromise (IOCs) ‣ Known bad IP Addresses, Domain Names, Hashes, etc. • Anomaly-Based Indicators of Compromise (IOCs) ‣ Abnormal scheduled tasks ‣ Auto-start programs ‣ Process masquerading ‣ Other anomalous activity • Indicators of Attacks (IOAs) ‣ Attacker Life Cycle (Cyber Kill-Chain) ‣ Behavioral indicators
Hunting through the Attack Life Cycle Detecting earlier in lifecycle reduces risk of attacker achieving objectives Degrading security posture / health as the attack lifecycle progresses Conduct Background Research Execute Initial Attack Establish Foothold Enable Persistence Conduct Enterprise Recon Move Laterally to New Systems Escalate Privileges Gather and Encrypt Data of Interest Exfiltrate Data From Victim Systems Maintain Persistent Presence OSINT HUMINT SIGINT Spear Phishing & Malware SQL Inject Broser Compromise PWD Guessing RATs Droppers User Creds Service Generation Web Shell / Beaconing Registry Keys / Sticky Keys Disable Security Agents Port / Services Scans Network and Account Enumeration Network Monitoring RDP PSExec Application Exploitation Scheduled Tasks / Jobs PWDump / GSECDump WCE Token Manipulation Account Creation WinRAR XOR Encryption Tools Move Data to Repository Encrypted Containers Custom Apps FTP (If You Let Them) DNS Exfil Citrix SSH / Telnet VPN INTEL GATHERING COMMAND & CONTROL PRIVILEGE ESCALATION INITIAL EXPLOITATION DATA EXFILTRATION
M A N A G E D S E C U R I T Y O F F E R I N G S
Challenges to Implementing Effective Security Limited security expertise and resources to adequately protect environment Budget constraints in supporting security initiatives Adoption of security technologies and analytic tools to prevent, identify and respond to advanced attacks Increased adoption of cloud-based IT services Adoption of security technologies and analytic tools to prevent, identify and respond to advanced attacks
Rackspace Managed Security Deep Expertise. Leading Tech. Advanced Protection. DETECT & RESPOND TO THREATS 24X7X365 Leverage experienced Rackspace security experts to monitor and manage your environment around the clock. LEVERAGE SECURITY EXPERTS ON YOUR IT AND SECURITY TEAM Use Managed Security as a security force multiplier, tailoring support to meet your tactical and strategic security goals. EMPLOY INDUSTRY BEST PRACTICES AND ADVANCED SOLUTIONS Best-of-breed solution partners to provide collective expertise and advanced technology to help protect your Managed Cloud. ADDRESS SECURITY GOALS WHILE LOWERING TCO Managed Security has a significantly lower Total Cost of Ownership (TCO) over comparable internal and external solutions.
36 How Is Managed Security Implemented? • Host and Network Protection – Provides advanced host and network protection platforms targeted at zero-day and non-malware attacks as well as traditional compromise tactics. • Security Analytics – Utilizes a leading Security Information and Event Management (SIEM) platform paired with big data analytics platforms to collect and analyze data from the customer environment. • Vulnerability Management – Employs scanning and agent technologies to understand the customer’s environment and uses this data to tailor our Customer Security Operations Center response to threats and attacks in the environment. • Log Management – Rackspace will collect standard operating system logs from the hosts in the environment. During the onboarding process, Rackspace will identify additional data to be collected. All log data is retained for 1 year with additional retention available.
37 How is Compliance Assistance Implemented? • Configuration Hardening and Monitoring – Assigns security configuration profiles to hosts based on accepted standards such as those from the Center for Internet Security (CIS), as well as community best practices. Rackspace detects and logs deviations from these profiles in real-time to allow for comprehensive documentation and reduced vulnerability windows. • Patch Monitoring – Provides an understanding of what threats are applicable to an environment including what Common Vulnerabilities and Exposures (CVE) are present. • User Monitoring – Monitors and documents user host access, authentication level and login times to enable customers to demonstrate compliance with access controls. • File Integrity Management – Detects, reports, and documents changes to files on a host based on the customer’s security and compliance requirements.
Next Steps CONTINUE THE CONVERSATION Speak to a Rackspace Security Specialist READ MORE ONLINE http://www.rackspace.com/security
Rackspace Compliance Assistance Leverage Rackspace Expertise to Address your Governance, Risk & Compliance (GRC) Goals. ADDRESS COMPLIANCE GOALS Provide monitoring, management, and reporting necessary to help you meet your goals. LEVERAGE SECURITY EXPERTS ON YOUR IT AND GRC TEAMS Add Rackspace expertise to support your team or your existing compliance team resources. EMPLOY INDUSTRY BEST PRACTICES AND ADVANCED SOLUTIONS Use leading technology to support compliance- related monitoring and management. ADDRESS COMPLIANCE GOALS WHILE LOWERING TCO Provide lower Total Cost of Ownership (TCO) over comparable solutions and services.
RMS Implementation Provides advanced host and network protection platforms targeted at zero-day and non- malware attacks as well as traditional compromise tactics. HOST AND NETWORK PROTECTION
RMS Implementation Utilizes a leading Security Information and Event Management (SIEM) platform paired with big data analytics platforms to collect and analyze data from the customer environment. SECURITY ANALYTICS
RMS Implementation Employs scanning and agent technologies to understand the customer’s environment and uses this data to tailor our Customer Security Operations Center response to threats and attacks in the environment. VULNERABILITY MANAGEMENT
RMS Implementation Rackspace will collect standard operating system logs and work with you to identify additional data that may collected. All log data is retained for one year with additional retention available. LOG MANAGEMENT
Compliance Assistance Implementation Assigns security configuration profiles to hosts based on accepted standards such as those from the Center for Internet Security (CIS), as well as community best practices. Rackspace detects and logs deviations from these profiles in real-time to allow for comprehensive documentation and reduced vulnerability windows. CONFIGURATION HARDENING AND MONITORING
Compliance Assistance Implementation Provides an understanding of what threats are applicable to an environment including what Common Vulnerabilities and Exposures (CVE) are present. PATCH MONITORING
Compliance Assistance Implementation Monitors and documents user host access, authentication level and login times to enable customers to demonstrate compliance with access controls. USER MONITORING
Compliance Assistance Implementation Detects, reports, and documents changes to files on a host based on the customer’s security and compliance requirements. FILE INTEGRITY MANAGEMENT

More Related Content

PPTX
Become an IT Service Broker
byRackspace
 
PPTX
Starting the Journey to Managed Infrastructure Services
byRackspace
 
PPTX
Deploy Apache Spark™ on Rackspace OnMetal™ for Cloud Big Data Platform
byRackspace
 
PPTX
Rethinking People Costs in Enterprise IT
byRackspace
 
PPTX
Preparing for the Cybersecurity Renaissance
byCloudera, Inc.
 
PPTX
Relying on Data for Strategic Decision-Making--Financial Services Experience
byCloudera, Inc.
 
PPTX
Perspectives on Ethical Big Data Governance
byCloudera, Inc.
 
PPTX
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
byCloudera, Inc.
 
Become an IT Service Broker
byRackspace
 
Starting the Journey to Managed Infrastructure Services
byRackspace
 
Deploy Apache Spark™ on Rackspace OnMetal™ for Cloud Big Data Platform
byRackspace
 
Rethinking People Costs in Enterprise IT
byRackspace
 
Preparing for the Cybersecurity Renaissance
byCloudera, Inc.
 
Relying on Data for Strategic Decision-Making--Financial Services Experience
byCloudera, Inc.
 
Perspectives on Ethical Big Data Governance
byCloudera, Inc.
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
byCloudera, Inc.
 

What's hot

PDF
6 Commonly Asked Questions from Customers Building on AWS
byRackspace
 
PPTX
Big Data as Competitive Advantage in Financial Services
byCloudera, Inc.
 
PPTX
Protecting health and life science organizations from breaches and ransomware
byCloudera, Inc.
 
PPTX
Kelley Blue Book Uses Big Data to Increase User Engagement Over 100%
byCloudera, Inc.
 
PPTX
2016 Cybersecurity Analytics State of the Union
byCloudera, Inc.
 
PPTX
Increase your ROI with Hadoop in Six Months - Presented by Dell, Cloudera and...
byCloudera, Inc.
 
PPTX
Optimizing Regulatory Compliance with Big Data
byCloudera, Inc.
 
PPTX
Webinar: DataStax Enterprise 6: 10 Ways to Multiply the Power of Apache Cassa...
byDataStax
 
PPTX
Webinar - Delivering Enhanced Message Processing at Scale With an Always-on D...
byDataStax
 
PPTX
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
byDataStax
 
PPTX
How to Build Continuous Ingestion for the Internet of Things
byCloudera, Inc.
 
PPTX
Building a Modern Analytic Database with Cloudera 5.8
byCloudera, Inc.
 
PPTX
Turning Petabytes of Data into Profit with Hadoop for the World’s Biggest Ret...
byCloudera, Inc.
 
PPTX
Is your big data journey stalling? Take the Leap with Capgemini and Cloudera
byCloudera, Inc.
 
PDF
365 Data Centers Presentation for Businesses
by365 Data Centers
 
PPTX
Turning Data into Business Value with a Modern Data Platform
byCloudera, Inc.
 
PPTX
Multidisziplinäre Analyseanwendungen auf einer gemeinsamen Datenplattform ers...
byCloudera, Inc.
 
PPTX
Wowrack Cloud Services
byDoug Cardinale
 
PPTX
An Operational Data Layer is Critical for Transformative Banking Applications
byDataStax
 
PPTX
Get Started with Cloudera’s Cyber Solution
byCloudera, Inc.
 
6 Commonly Asked Questions from Customers Building on AWS
byRackspace
 
Big Data as Competitive Advantage in Financial Services
byCloudera, Inc.
 
Protecting health and life science organizations from breaches and ransomware
byCloudera, Inc.
 
Kelley Blue Book Uses Big Data to Increase User Engagement Over 100%
byCloudera, Inc.
 
2016 Cybersecurity Analytics State of the Union
byCloudera, Inc.
 
Increase your ROI with Hadoop in Six Months - Presented by Dell, Cloudera and...
byCloudera, Inc.
 
Optimizing Regulatory Compliance with Big Data
byCloudera, Inc.
 
Webinar: DataStax Enterprise 6: 10 Ways to Multiply the Power of Apache Cassa...
byDataStax
 
Webinar - Delivering Enhanced Message Processing at Scale With an Always-on D...
byDataStax
 
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
byDataStax
 
How to Build Continuous Ingestion for the Internet of Things
byCloudera, Inc.
 
Building a Modern Analytic Database with Cloudera 5.8
byCloudera, Inc.
 
Turning Petabytes of Data into Profit with Hadoop for the World’s Biggest Ret...
byCloudera, Inc.
 
Is your big data journey stalling? Take the Leap with Capgemini and Cloudera
byCloudera, Inc.
 
365 Data Centers Presentation for Businesses
by365 Data Centers
 
Turning Data into Business Value with a Modern Data Platform
byCloudera, Inc.
 
Multidisziplinäre Analyseanwendungen auf einer gemeinsamen Datenplattform ers...
byCloudera, Inc.
 
Wowrack Cloud Services
byDoug Cardinale
 
An Operational Data Layer is Critical for Transformative Banking Applications
byDataStax
 
Get Started with Cloudera’s Cyber Solution
byCloudera, Inc.
 

Viewers also liked

DOCX
Estadistica
byFrancy Lizeth Castro Rueda
 
PDF
Polyglot Persistence
byWayne Walls
 
PDF
Enterprise Open Cloud Forum: The Cloud is Making it Rain
byRackspace
 
PPTX
ฉันในอดีต ฉันในปัจจุบัน ฉันในอนาคต
byprimmy1998
 
PDF
3 Must Have Steps for IT to Maintain Relevancy in a Cloud World
byRackspace
 
PDF
Rackspace::Solve NYC - The Future of Applications with Ken Cochrane, Engineer...
byRackspace
 
PPTX
vSphere with Openstack
byRackspace
 
PDF
Butter Web Browsing with Margarine
byWayne Walls
 
PPTX
Pdhpe
byibtaylor
 
PPTX
Rackspace Analytical Compute Grid (ACG)
byRackspace
 
PPTX
Behind The Scenes: New Rackspace Cloud Control Panel
byRackspace
 
PPTX
Build A Better Way to Deliver IT
byRackspace
 
PDF
Curing the 'Migration Migraine' with SharePoint Hosting
byRackspace
 
Estadistica
byFrancy Lizeth Castro Rueda
 
Polyglot Persistence
byWayne Walls
 
Enterprise Open Cloud Forum: The Cloud is Making it Rain
byRackspace
 
ฉันในอดีต ฉันในปัจจุบัน ฉันในอนาคต
byprimmy1998
 
3 Must Have Steps for IT to Maintain Relevancy in a Cloud World
byRackspace
 
Rackspace::Solve NYC - The Future of Applications with Ken Cochrane, Engineer...
byRackspace
 
vSphere with Openstack
byRackspace
 
Butter Web Browsing with Margarine
byWayne Walls
 
Pdhpe
byibtaylor
 
Rackspace Analytical Compute Grid (ACG)
byRackspace
 
Behind The Scenes: New Rackspace Cloud Control Panel
byRackspace
 
Build A Better Way to Deliver IT
byRackspace
 
Curing the 'Migration Migraine' with SharePoint Hosting
byRackspace
 

Similar to RMS Security Breakfast

PPTX
PowerPoint on advanced network threats.pptx
byAngieloBecenia1
 
PDF
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
byOpenDNS
 
PDF
Advanced Threats and Lateral Movement Detection
byGreg Foss
 
PDF
RSA: Security Analytics Architecture for APT
byLee Wei Yeong
 
PDF
Cyber security series advanced persistent threats
byJim Kaplan CIA CFE
 
PDF
Anatomy of a cyber attack
byMark Silver
 
PPTX
APT in the Financial Sector
byLIFARS
 
PDF
SplunkSummit 2015 - Splunk User Behavioral Analytics
bySplunk
 
PDF
SplunkLive! Stockholm 2015 breakout - Analytics based security
bySplunk
 
PDF
Journey to the Center of Security Operations
by♟Sergej Epp
 
PPTX
Emerging Threats to Infrastructure
byJorge Orchilles
 
PDF
Building Security Controls around Attack Models
bySeniorStoryteller
 
PDF
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
byAdam Palmer
 
PDF
Understanding Advanced Cybersecurity Threats for the In-House Counsel
byAdam Palmer
 
PDF
Big Bang Theory: The Evolution of Pentesting High Security Environments
byChris Gates
 
PPTX
Cyber-Espionage: Understanding the Advanced Threat Landscape
byAaron White
 
PDF
Cyber Defense - How to be prepared to APT
bySimone Onofri
 
PDF
Unveiling the Latest Threat Intelligence Practical Strategies for Strengtheni...
byAuxis Consulting & Outsourcing
 
PPTX
Big Bang Theory: The Evolution of Pentesting High Security Environments
byJoe McCray
 
PDF
Why_TG
byTOP GUN
 
PowerPoint on advanced network threats.pptx
byAngieloBecenia1
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
byOpenDNS
 
Advanced Threats and Lateral Movement Detection
byGreg Foss
 
RSA: Security Analytics Architecture for APT
byLee Wei Yeong
 
Cyber security series advanced persistent threats
byJim Kaplan CIA CFE
 
Anatomy of a cyber attack
byMark Silver
 
APT in the Financial Sector
byLIFARS
 
SplunkSummit 2015 - Splunk User Behavioral Analytics
bySplunk
 
SplunkLive! Stockholm 2015 breakout - Analytics based security
bySplunk
 
Journey to the Center of Security Operations
by♟Sergej Epp
 
Emerging Threats to Infrastructure
byJorge Orchilles
 
Building Security Controls around Attack Models
bySeniorStoryteller
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
byAdam Palmer
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
byAdam Palmer
 
Big Bang Theory: The Evolution of Pentesting High Security Environments
byChris Gates
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
byAaron White
 
Cyber Defense - How to be prepared to APT
bySimone Onofri
 
Unveiling the Latest Threat Intelligence Practical Strategies for Strengtheni...
byAuxis Consulting & Outsourcing
 
Big Bang Theory: The Evolution of Pentesting High Security Environments
byJoe McCray
 
Why_TG
byTOP GUN
 

More from Rackspace

PPTX
What Would You Do With More Time?
byRackspace
 
PPTX
The Evolution of OpenStack – From Infancy to Enterprise
byRackspace
 
PPTX
How Startups can leverage big data?
byRackspace
 
PDF
Rackspace::Solve NYC - Welcome Keynote featuring Rackspace CTO John Engates
byRackspace
 
PDF
Rackspace::Solve NYC - Solving for Rapid Customer Growth and Scale Through De...
byRackspace
 
PDF
Rackspace::Solve NYC - Second Stage Cloud
byRackspace
 
PDF
Rackspace::Solve NYC - Solving for Rapid Customer Growth and Scale Through De...
byRackspace
 
PPTX
vCenter Site Recovery Manager: Architecting a DR Solution
byRackspace
 
PPTX
Outsourcing IT Projects to Managed Hosting of the Cloud
byRackspace
 
PPTX
How to Bring Shadow IT to the Light
byRackspace
 
PPTX
DR-to-the-Cloud Best Practices
byRackspace
 
PPTX
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
byRackspace
 
PDF
Rackspace::Solve SFO - CoreOS CEO Alex Polvi on Solving for What's Next
byRackspace
 
PDF
Rackspace::Solve SFO - Rackspace CEO Taylor Rhodes on the Power of Solving Pr...
byRackspace
 
PDF
Rackspace::Solve SFO - Solving for the Coming Tidal Wave of Choices with Avai...
byRackspace
 
PDF
Rackspace::Solve SFO - Solve(Scale) Featuring Docker CEO Ben Golub
byRackspace
 
PDF
Rackspace::Solve SFO - Welcome Keynote featuring Rackspace CTO John Engates
byRackspace
 
PPTX
vSphere with OpenStack
byRackspace
 
PDF
Pre-Aggregated Analytics And Social Feeds Using MongoDB
byRackspace
 
PDF
Ignite Innovation: Turn Developers Loose on the Hybrid Cloud”
byRackspace
 
What Would You Do With More Time?
byRackspace
 
The Evolution of OpenStack – From Infancy to Enterprise
byRackspace
 
How Startups can leverage big data?
byRackspace
 
Rackspace::Solve NYC - Welcome Keynote featuring Rackspace CTO John Engates
byRackspace
 
Rackspace::Solve NYC - Solving for Rapid Customer Growth and Scale Through De...
byRackspace
 
Rackspace::Solve NYC - Second Stage Cloud
byRackspace
 
Rackspace::Solve NYC - Solving for Rapid Customer Growth and Scale Through De...
byRackspace
 
vCenter Site Recovery Manager: Architecting a DR Solution
byRackspace
 
Outsourcing IT Projects to Managed Hosting of the Cloud
byRackspace
 
How to Bring Shadow IT to the Light
byRackspace
 
DR-to-the-Cloud Best Practices
byRackspace
 
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
byRackspace
 
Rackspace::Solve SFO - CoreOS CEO Alex Polvi on Solving for What's Next
byRackspace
 
Rackspace::Solve SFO - Rackspace CEO Taylor Rhodes on the Power of Solving Pr...
byRackspace
 
Rackspace::Solve SFO - Solving for the Coming Tidal Wave of Choices with Avai...
byRackspace
 
Rackspace::Solve SFO - Solve(Scale) Featuring Docker CEO Ben Golub
byRackspace
 
Rackspace::Solve SFO - Welcome Keynote featuring Rackspace CTO John Engates
byRackspace
 
vSphere with OpenStack
byRackspace
 
Pre-Aggregated Analytics And Social Feeds Using MongoDB
byRackspace
 
Ignite Innovation: Turn Developers Loose on the Hybrid Cloud”
byRackspace
 

RMS Security Breakfast

  • 1.
  • 3.
    Increasing and costlysecurity threats • Average cost per data breach to Australian business is $2.5 million • PWC research found 48% increase in reported global security incidents last year versus prior year • McAfee says cost to the global economy from cybercrime is anywhere is $400 - $600 billion per year Source: PWC Global State of Information Security Study 2015, Gartner, MacAfee. Crn.com
  • 4.
    P R OP R I E T A R Y & C O N F I D E N T I A L 4 Top Cloud Challenges 2016 1. Lack of resources/expertise 2. Security 3. Compliance 4. Managing multiple cloud services 5. Managing costs SOURCE: RightScale 2016 State of the Cloud Report
  • 5.
    Brannon Lacey General Manager,Emerging Businesses Leads Digital Marketing and Managed Security business units at Rackspace. Prior to Rackspace, Brannon was a Principle at Samsung Venture Investment Corp and a Manager within the Strategy Practice at Accenture. Brannon holds an MBA from Columbia Business School and duel degrees in Entrepreneurship and Management Information Systems from the University of Arizona. INTRODUCTION
  • 6.
    About Rackspace PORTFOLIO of HostedSolutions 10 WORLDWIDE Data Centers 6,200 RACKERS DEDICATED :: CLOUD :: HYBRID Annualized RevenueOver $2B 60% 100OF THE WE SERVE FORTUNE® GLOBAL FOOTPRINT Customers in 120 Countries
  • 7.
    Global Reach SERVING BUSINESSESIN 120 COUNTRIES DATA CENTERS: Ashburn, VA Chicago, IL Herndon, VA Grapevine, TX Richardson, TX OFFICES: Amsterdam, Netherlands Hayes,UK Zurich, Switzerland DATA CENTERS: Crawley, UK Slough, UK OFFICES: Quarry Bay, Hong Kong Sydney, Australia Bangalore, India DATA CENTERS: Fo Tan, Hong Kong Erskine Park, Australia OFFICES: Austin, TX Blacksburg, VA Chicago, IL Cincinnati, OH Duluth, GA New York, NY San Antonio, TX San Francisco, CA St. Louis, MO North America EMEA APACLATAM OFFICES: Mexico City, MX
  • 8.
  • 9.
    RACKSPACE® MANAGED CLOUD WORKLOAD/ EXPERTISE INFRASTRUCTURE SERVICE Technology Stack Platform Fanatical Support® 24x7x365 DEDICATED HOSTING PRIVATE CLOUD PUBLIC CLOUD HYBRIDCLOUD CLOUD SCALE APPS DATA SERVICES DIGITAL CLOUD OFFICE IT TRANSFORMATION SECURITY SECURITY AND COMPLIANCE ®
  • 10.
    Anatomy of anAttack General Manager, Emerging Business :: @rackspace J A R R E T R A I M
  • 11.
    Jarret Raim Director ofStrategy & Engineering Responsible for the development, implementation and support of all customer facing security products and services. Jarret has held several internal security architecture and product management roles at Rackspace to include the creation of Barbican key management product, now part of the official OpenStack ecosystem. Jarret holds Masters and Bachelors degrees in Computer Science from Trinity and Lehigh Universities, respectively. INTRODUCTION
  • 12.
    Advanced Persistent Threat •Advanced – use of sophisticated techniques like malware exploits of vulnerabilities • Persistent – external command and control driven by a threat actor, continuous and varied attacks • Threat – Human based organization with specific goals. Image courtesy of Wikipedia An advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity.
  • 13.
    Anatomy of an Attack •Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
  • 14.
    Anatomy of an Attack •Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
  • 15.
  • 17.
  • 18.
    Anatomy of an Attack •Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
  • 19.
    Spear Phishing JarretRaim: Exploit
  • 20.
    Anatomy of an Attack •Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
  • 21.
    Malware: Poison Ivy •RATs are generally considered ‘low-tech’, but are used as part of APT style attacks • Poison Ivy has been in use for over 8 years, repacking and other techniques allow it to still be effective • Includes key logging, screen capturing, video capturing, file transfers, password theft, system administration, traffic relaying, and more • Primarily seen at financial institutions – an indication of its use in APT Remote Access Tools (RATs) offer unfettered access to compromised machines. They are deceptively simple— attackers can point and click their way through the target’s network to steal data and intellectual property.
  • 22.
    Anatomy of an Attack •Recon the target • Exploitation of the target, establishing local control • Command established with exploited resources • Recon, pivot and privilege escalation • Data collection and exfiltration
  • 23.
    Example Pivot: Target 1.Attacker recons Target and catalogues suppliers using public sources 2. Fazio is compromised through spearfishing, which grants access to Target network 3. Attacker uses default password in BMC to move through network (unconf) 4. Attacker installs POS malware and sets up exfiltration servers 5. Credit Card information is collected and exfiltrated An attacker is said to be ‘pivoting’ when they recon and compromise additional machines after an initial incursion – this is also known as lateral movement Attackers had access to the Target networks for just over 30 days. They were detected, but Target was unable to respond due to limited staffing / tool flood issues
  • 24.
    C U ST O M E R S E C U R I T Y O P E R A T I O N S
  • 25.
    A Security Strategyfor the New Normal Building upon the most effective elements of traditional security with a focus on three key areas for uniquely effective protection in today’s threat landscape • Prioritize your data and understand its business value • Abandon the traditional reactive posture triggered by alerts • Enable immediate action to protect data and minimize business impact 3 OUR SECURITY APPROACH Proactive Detection Rapid Response Deep Expertise
  • 26.
    Rackspace Managed SecurityOperations 5 • Holistic 24x7x365 capability to monitor, alert and respond to security incidents on our customers behalf • Do as much as we can on behalf of our customers and do it quickly: ‣ Minimize impact by replacing graduated response with immediate action ‣ Enabled by preapproved actions • Security best practice and hygiene = Compliance outcomes • All customer interaction and oversight handled by a dedicated Customer Experience Team to ensure: ‣ Quality ‣ Consistency ‣ Reliability Customer Customer Experience Team Customer Security Operations Center Compliance Team
  • 27.
    Know Your Enemy 7 •The APT actor is a PERSON… ‣ Highly sophisticated ‣ Highly motivated ‣ Well-trained ‣ Well-equipped • An APT Actor is backed by… ‣ Powerful nation states ‣ Well-resourced organized crime groups Who is a Advanced Persistent Threat (APT)?
  • 28.
    Technology Alone Will NotSucceed 7 Experienced Security analysts are key for effective protection. Rackspace analysts are: • Highly experienced • Highly motivated • Well-trained • Well-equipped Backed by… • Fanatical Support® • Best-in-breed technology
  • 29.
    29 Rackspace Managed Security Reducesan APT’s Most Precious Resource: Time RESPOND Swift & Sure • Triage & investigate • Execute cyber response • Respond immediately through pre-approved actions DETECT Automated & Expertise-Driven • Monitor systems & networks • Identify anomalies through proactive cyber hunting REPORT Timely & Risk-Based • Event-driven flash & after-action reporting • Weekly metrics reporting • Monthly cyber-risk reporting DETER Proactive & Predictive • Prepare the battlespace • Understand the threat landscape • Set operational plan & procedure • Understand business risk 29 ACTION AFTERACTION ANTICIPATION AWARENESS SUPPORT REPORT MEASURE
  • 30.
    CYBER HUNTING • Whatis Cyber Hunting? ‣ Proactive analysis of data ‣ Generic and targeted (focused) hunting • Why do we Hunt? ‣ Catch what is missed by tools • How does Hunting improve security posture? ‣ Earlier detection in the Attacker Life Cycle ‣ Fills gaps in tool visibility
  • 31.
    WHAT DO WEHUNT FOR? • Intel-based Indicators of Compromise (IOCs) ‣ Known bad IP Addresses, Domain Names, Hashes, etc. • Anomaly-Based Indicators of Compromise (IOCs) ‣ Abnormal scheduled tasks ‣ Auto-start programs ‣ Process masquerading ‣ Other anomalous activity • Indicators of Attacks (IOAs) ‣ Attacker Life Cycle (Cyber Kill-Chain) ‣ Behavioral indicators
  • 32.
    Hunting through theAttack Life Cycle Detecting earlier in lifecycle reduces risk of attacker achieving objectives Degrading security posture / health as the attack lifecycle progresses Conduct Background Research Execute Initial Attack Establish Foothold Enable Persistence Conduct Enterprise Recon Move Laterally to New Systems Escalate Privileges Gather and Encrypt Data of Interest Exfiltrate Data From Victim Systems Maintain Persistent Presence OSINT HUMINT SIGINT Spear Phishing & Malware SQL Inject Broser Compromise PWD Guessing RATs Droppers User Creds Service Generation Web Shell / Beaconing Registry Keys / Sticky Keys Disable Security Agents Port / Services Scans Network and Account Enumeration Network Monitoring RDP PSExec Application Exploitation Scheduled Tasks / Jobs PWDump / GSECDump WCE Token Manipulation Account Creation WinRAR XOR Encryption Tools Move Data to Repository Encrypted Containers Custom Apps FTP (If You Let Them) DNS Exfil Citrix SSH / Telnet VPN INTEL GATHERING COMMAND & CONTROL PRIVILEGE ESCALATION INITIAL EXPLOITATION DATA EXFILTRATION
  • 33.
    M A NA G E D S E C U R I T Y O F F E R I N G S
  • 34.
    Challenges to ImplementingEffective Security Limited security expertise and resources to adequately protect environment Budget constraints in supporting security initiatives Adoption of security technologies and analytic tools to prevent, identify and respond to advanced attacks Increased adoption of cloud-based IT services Adoption of security technologies and analytic tools to prevent, identify and respond to advanced attacks
  • 35.
    Rackspace Managed Security DeepExpertise. Leading Tech. Advanced Protection. DETECT & RESPOND TO THREATS 24X7X365 Leverage experienced Rackspace security experts to monitor and manage your environment around the clock. LEVERAGE SECURITY EXPERTS ON YOUR IT AND SECURITY TEAM Use Managed Security as a security force multiplier, tailoring support to meet your tactical and strategic security goals. EMPLOY INDUSTRY BEST PRACTICES AND ADVANCED SOLUTIONS Best-of-breed solution partners to provide collective expertise and advanced technology to help protect your Managed Cloud. ADDRESS SECURITY GOALS WHILE LOWERING TCO Managed Security has a significantly lower Total Cost of Ownership (TCO) over comparable internal and external solutions.
  • 36.
    36 How Is ManagedSecurity Implemented? • Host and Network Protection – Provides advanced host and network protection platforms targeted at zero-day and non-malware attacks as well as traditional compromise tactics. • Security Analytics – Utilizes a leading Security Information and Event Management (SIEM) platform paired with big data analytics platforms to collect and analyze data from the customer environment. • Vulnerability Management – Employs scanning and agent technologies to understand the customer’s environment and uses this data to tailor our Customer Security Operations Center response to threats and attacks in the environment. • Log Management – Rackspace will collect standard operating system logs from the hosts in the environment. During the onboarding process, Rackspace will identify additional data to be collected. All log data is retained for 1 year with additional retention available.
  • 37.
    37 How is ComplianceAssistance Implemented? • Configuration Hardening and Monitoring – Assigns security configuration profiles to hosts based on accepted standards such as those from the Center for Internet Security (CIS), as well as community best practices. Rackspace detects and logs deviations from these profiles in real-time to allow for comprehensive documentation and reduced vulnerability windows. • Patch Monitoring – Provides an understanding of what threats are applicable to an environment including what Common Vulnerabilities and Exposures (CVE) are present. • User Monitoring – Monitors and documents user host access, authentication level and login times to enable customers to demonstrate compliance with access controls. • File Integrity Management – Detects, reports, and documents changes to files on a host based on the customer’s security and compliance requirements.
  • 38.
    Next Steps CONTINUE THE CONVERSATION Speakto a Rackspace Security Specialist READ MORE ONLINE http://www.rackspace.com/security
  • 39.
    Rackspace Compliance Assistance LeverageRackspace Expertise to Address your Governance, Risk & Compliance (GRC) Goals. ADDRESS COMPLIANCE GOALS Provide monitoring, management, and reporting necessary to help you meet your goals. LEVERAGE SECURITY EXPERTS ON YOUR IT AND GRC TEAMS Add Rackspace expertise to support your team or your existing compliance team resources. EMPLOY INDUSTRY BEST PRACTICES AND ADVANCED SOLUTIONS Use leading technology to support compliance- related monitoring and management. ADDRESS COMPLIANCE GOALS WHILE LOWERING TCO Provide lower Total Cost of Ownership (TCO) over comparable solutions and services.
  • 40.
    RMS Implementation Provides advancedhost and network protection platforms targeted at zero-day and non- malware attacks as well as traditional compromise tactics. HOST AND NETWORK PROTECTION
  • 41.
    RMS Implementation Utilizes aleading Security Information and Event Management (SIEM) platform paired with big data analytics platforms to collect and analyze data from the customer environment. SECURITY ANALYTICS
  • 42.
    RMS Implementation Employs scanningand agent technologies to understand the customer’s environment and uses this data to tailor our Customer Security Operations Center response to threats and attacks in the environment. VULNERABILITY MANAGEMENT
  • 43.
    RMS Implementation Rackspace willcollect standard operating system logs and work with you to identify additional data that may collected. All log data is retained for one year with additional retention available. LOG MANAGEMENT
  • 44.
    Compliance Assistance Implementation Assigns securityconfiguration profiles to hosts based on accepted standards such as those from the Center for Internet Security (CIS), as well as community best practices. Rackspace detects and logs deviations from these profiles in real-time to allow for comprehensive documentation and reduced vulnerability windows. CONFIGURATION HARDENING AND MONITORING
  • 45.
    Compliance Assistance Implementation Provides anunderstanding of what threats are applicable to an environment including what Common Vulnerabilities and Exposures (CVE) are present. PATCH MONITORING
  • 46.
    Compliance Assistance Implementation Monitors anddocuments user host access, authentication level and login times to enable customers to demonstrate compliance with access controls. USER MONITORING
  • 47.
    Compliance Assistance Implementation Detects, reports,and documents changes to files on a host based on the customer’s security and compliance requirements. FILE INTEGRITY MANAGEMENT

Editor's Notes

  • #5 4
  • #7 Just a quick look at who we are as a company.
  • #8 We currently serve businesses in 120 countries around the world.
  • #9 We provide Fanatical Support for the World’s Leading Clouds We support these technology stacks: OpenStack, AWS, Microsoft and VMware. Fanatical Support combines our expertise and our results-obsessed 24/7/365 customer service. In the past few months, we’ve been very busy.
  • #10 Here’s a good summary view that shows the expertise we have and the choice we provide. Whatever your workload, we offer a choice of technology stacks and platforms all backed by Fanatical Support. Together that means you get the best fit and the best service. And under it all is our focus on security.
  • #22 RSA attack.
  • #31 Each day, there seems to be news about a security threat or data breach that is larger or more sensational than the day before. These stories outline real exposure that threatens your customers’ environment, business & personal reputation, and “bottom line”. • The threats are dynamic and ever-present. These threats often occur without warning, can be directed at any part of your business, and come from anywhere in the world. • Damage from malicious parties can range from the theft of confidential & sensitive data to a complete shutdown of your business. The result is not only lost revenue and escalated costs from recovery but only potential liability costs and compliance-related fines.
  • #32 Each day, there seems to be news about a security threat or data breach that is larger or more sensational than the day before. These stories outline real exposure that threatens your customers’ environment, business & personal reputation, and “bottom line”. • The threats are dynamic and ever-present. These threats often occur without warning, can be directed at any part of your business, and come from anywhere in the world. • Damage from malicious parties can range from the theft of confidential & sensitive data to a complete shutdown of your business. The result is not only lost revenue and escalated costs from recovery but only potential liability costs and compliance-related fines.
  • #35 According to Gartner growth in enterprise demand for Managed Security Service Providers (MSSPs) is driven primarily by four factors: Security staffing and budget constraints (separated into two categories above) –Successfully defending against security threats require specialized expertise and technology. Meeting the need internally is resource intensive and leveraging outside resources is often prohibitively expensive. In addition, security professionals with the necessary expertise are in high-demand and difficult to find and retain. Adoption of security technologies and analytic tools to prevent, identify and respond to advanced attacks – As the threats are dynamic and ever-changing, the tools and methods to address threats must evolve at least as quickly. Increased adoption of cloud-based IT services – Traditional security measures implemented in the Enterprise are typically not sufficient for cloud-based environments. Evolving compliance reporting requirements – Industry and regulatory mandates vary and provide a level of complexity that organizations may struggle to address over and above security concerns.
  • #36 MANAGED SECURITY from Rackspace is a security service offering designed to protect customers from advanced cyber threats, such as Advanced Persistent Threats (a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time, usually for the primary goal of data theft). This service is backed by a Rackspace 24x7x365 Security Operations Center staffed with security professionals who use tools tailored to the customer, threat profile and environment, leveraging big data analytics to detect unseen threats (zero days) through behavioral and anomaly detection. The value of MANAGED SECURITY can be broken down into four categories: Detect & Respond to Threats – Leverage experienced Rackspace security experts monitor your environment for potential threats from a 24x7x365 security operations center. Rackspace professional response and expert analysis is tailored to your need, from strategic planning for best practice cloud security or tactical day-to-day security monitoring and threat analysis. In addition, MANAGED SECURITY provides a holistic view of security in context of customer’s entire Rackspace hosted environment. Leverage Security Experts – Add security expertise to your IT capabilities to help solidify your security posture. Use MANAGED SECURITY as a “force multiplier” to extend the resources of your existing Security team Employ Best Practices & Advanced Solutions - Leverage leading technology solutions and advanced threat intelligence. Rackspace works with select partners who are security market leaders and innovators, allowing you to take advantage of security best practices enhanced with the collective expertise of Rackspace and its partners. Lower TCO - Provides significantly lower Total Cost of Ownership (TCO) over internally developed security operations centers and comparable managed security service offerings, allowing you to leverage Security expertise that is in high-demand, costly, and difficult to find & retain.
  • #40 MANAGED SECURITY from Rackspace is a security service offering designed to protect customers from advanced cyber threats, such as Advanced Persistent Threats (a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time, usually for the primary goal of data theft). This service is backed by a Rackspace 24x7x365 Security Operations Center staffed with security professionals who use tools tailored to the customer, threat profile and environment, leveraging big data analytics to detect unseen threats (zero days) through behavioral and anomaly detection. The value of MANAGED SECURITY can be broken down into four categories: Detect & Respond to Threats – Leverage experienced Rackspace security experts monitor your environment for potential threats from a 24x7x365 security operations center. Rackspace professional response and expert analysis is tailored to your need, from strategic planning for best practice cloud security or tactical day-to-day security monitoring and threat analysis. In addition, MANAGED SECURITY provides a holistic view of security in context of customer’s entire Rackspace hosted environment. Leverage Security Experts – Add security expertise to your IT capabilities to help solidify your security posture. Use MANAGED SECURITY as a “force multiplier” to extend the resources of your existing Security team Employ Best Practices & Advanced Solutions - Leverage leading technology solutions and advanced threat intelligence. Rackspace works with select partners who are security market leaders and innovators, allowing you to take advantage of security best practices enhanced with the collective expertise of Rackspace and its partners. Lower TCO - Provides significantly lower Total Cost of Ownership (TCO) over internally developed security operations centers and comparable managed security service offerings, allowing you to leverage Security expertise that is in high-demand, costly, and difficult to find & retain.
  • #41 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #42 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #43 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #44 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #45 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #46 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #47 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.
  • #48 Rackspace Security professionals, based in the 24x7x365 Customer Security Operations Center (CSOC), leverage these market-leading security tools from trusted partners as part of the Managed Security offering.