IBM Security, profile picture
Uploaded byIBM Security
PDF, PPTX3,096 views

Securing Your Cloud Applications

The document discusses IBM's cloud security solutions and their transformative impact on enterprise security practices. It outlines the security features of IBM's infrastructure and platform services, addressing key client imperatives such as threat detection, governance, and data protection. The content also highlights case studies, tools, and practices for managing access and vulnerabilities in cloud environments.

Embed presentation

Download as PDF, PPTX
© 2015 IBM Corporation Securing Your Cloud Applications Nataraj (Raj) Nagaratnam CTO for Security Solutions, IBM Security Sreekanth Iyer Executive IT Architect, IBM Security Jeffrey Hoy Cloud Security Architect, IBM Security
Agenda • Security for Infrastructure Services (IBM SoftLayer) • Security for Platform Services (IBM Bluemix) 1 IaaS PaaS
Cloud is rapidly transforming the enterprise External StakeholdersTraditional Enterprise IT Public CloudPrivate Cloud PaaS Development services SaaS Business applications IaaS Infrastructure services 100+ IBM Offerings HR, CRM, SCM Data archive App development 100+ IBM Offerings Online website
Cloud presents the opportunity to radically transform security practices Dynamic Cloud Security Standardized, automated, agile, and elastic Traditional Security Manual, static, and reactive Cloud security is not only achievable, it is an opportunity to drive the business, improve defenses and reduce risk
Clients focus on three imperatives for improving security Detect threats with visibility across clouds Govern the usage of cloud Protect workloads and data in the cloud How can I understand who is accessing the cloud from anywhere, at anytime? How can I fix vulnerabilities and defend against attacks before they’re exploited? How can I obtain a comprehensive view of cloud and traditional environments? “I can take advantage of centralized cloud logging and auditing interfaces to hunt for attacks.” “Going to the cloud gives me a single choke point for all user access ‒ it provides much more control.” “Cloud gives me security APIs and preconfigured policies to help protect my data and workloads”
IBM Dynamic Cloud Security Optimize Security Operations Manage Access Protect Data Gain Visibility SaaSPaaSIaaS Structured Approach to Cloud Security Assess and Govern Focus for this Session
JKE Overview 6 JK Enterprises (JKE) • A multinational financial services company that offers wide range of wide range of financial and insurance products and services • Operates world-wide, with major offices in AP, EMEA and US • Employs approximately 5,500 staff • Financial details include: • A combined premium income of over $2.5 billion • Investment assets of approximately $16.8 billion • Customers include: • End customers: over 2 million insured customers • Brokers: over 200 registered brokers • Has partnerships with a large number of partners, mainly in the area of brokering and financial advice • Provides internet customers and brokers with online access to applications.
Securing Cloud – JKE Scenario 7 Focus for this Session
Security for Infrastructure Services IaaS
Security comes “in” (inherent in) and “on” (accessible from) IaaS provider Identity Protection Insight Accessible “on” a IaaS Cloud Provider – Bring your own security  Privileged admin management  Access management of web workloads  Network protection ‒ Firewalls, IPS, proxy  Host security, vulnerability scanning  Encryption and key management  Monitoring customer hybrid infrastructure and workloads.  Log, Audit, and compliance reporting  Vulnerability management Inherent “in” a IaaS Cloud Provider – Security provided in SoftLayer  Admin user management  Isolation of VMs, and dedicated instances  Security monitoring of cloud infrastructure  Role and entitlement management  Network firewalls, VPNs; DoS protection  Platform intelligence  Federation of admin users from enterprises  Encryption of data at rest and secure key store  API access to cloud service logs IaaS
Security “in” (inherent in) IBM SoftLayer SoftLayer Security Features & Options  Physical DC Security  Logical Segregation  GeoTrust SSL Certificates  Two-Factor Authentication for Portal Administrators  McAfee Host Protection  DC Site Affinity Option IBM MSS - Fully Managed Cloud Security Services  Hosted Web Defense (DDoS+WAF)  Hosted Application Security Management Services  Hosted Security Event and Log Management  Hosted Vulnerability Management  Managed FW, IDPS and UTM  Managed Email and Web Security Comprehensive security for IT assets deployed in SoftLayer VALUE IBM SoftLayer and IBM Managed Security Services (MSS) provide comprehensive cloud security solutions and capabilities for cloud customers – IaaS
Scenario Overview 11 Enterprise Application Dev/Test/Prod Infrastructure Public CloudPrivate Cloud IaaS JK Enterprises (JKE) Description 1 JKE provisions infrastructure resources and moves to Cloud 2 JKE deploys their business application on Cloud
Privileged User Management 12 IaaS JK Enterprises (JKE) 1 JKE Cloud Administrator logs into SoftLayer 2 JKE Cloud Administrator provisions and sets up the required resources on Cloud 3 Weak management of password and administrator activities can compromise cloud systems 4 JKE implements Privileged User Management to monitor and audit cloud Admin activities 5 Privileged Identity Manager captures and tracks all actions by admin JKE Cloud Administrator IBM Security Privileged Identity Management Dev/Test/ Prod Infrastructure Manage Access
Automated Provisioning of ISAM Virtual Appliance 13 IaaS JK Enterprises (JKE) 1 JKE likes to add web application protection for their application on cloud 2 JKE deploys ISAM Virtual Appliance on SoftLayer (Automated Provisioning and Configuration of ISAM Appliance on SoftLayer) 3 JKE can manage access and protect applications from attacks. Employees IBM Security Access Manager Virtual Appliance Enterprise Application Agents / Partners/ Customers Manage Access
Log Management & Security Intelligence 14 IaaS JK Enterprises (JKE) 1 JKE Security Administrator wants visibility into their cloud infrastructure on SoftLayer 2 JKE Security Administrator uses IBM Security QRadar SIEM 3 QRadar collects all the events from security appliances, infrastructure and applications 4 QRadar detects anamolies, security threats and generates reports for audit and compliance. JKE Security Administrator IBM Security QRadar SIEM Enterprise Application Dev/Test/Prod Infrastructure IBM Security Access Manager Virtual Appliance IBM Security Privileged Identity Management Employees Agents / Partners/ Customers Gain Visibility
IBM Security capabilities (“On”) SoftLayer that enhances security of customer workloads 15 IaaS Enterprise Cloud Administrators Consolidated logs and events Portal and APIs Application users Enterprise security monitoring IBM Virtual SOC services Manage Access Protect Data Gain Visibility
Security for Platform Services PaaS
Security comes “in” (inherent in) and “on” (accessible from) Provider Identity Protection Insight Accessible from a PaaS Cloud Provider ‒ Design your own security  APIs for authentication/SSO of end users, for services/apps  APIs to perform context aware access  Security testing of App, service and APIs  Key management APIs  APIs for fraud detection  IP reputation/threat intelligence APIs  APIs for customer app log and audit  Application security and real time monitoring  Application vulnerability management Inherent “in” a PaaS Cloud Provider ‒ Security is “baked in” platform  Developers registration and SSO  Group management; Entitlements to apps, services  Federation of developers/platform users  Data protection and compliance  Application container  Fabric and services isolation and protection  Customer specific log and audit trail APIs  Active security monitoring of provider (not individual customer services) Hosted on PaaS
Bluemix Platform Security Overview 18
“on” Bluemix Security
Single Sign On • Add user authentication to your apps with policy-based configuration • Zero coding approach • Integrate with existing enterprise directory with SAML • Option to chose from identity sources like Facebook, LinkedIn, and Google • Option to create and use your own cloud directory Key Features Social Identities Enterprise ID Manage Access
AppScan Dynamic Analyzer • Discover vulnerabilities before putting cloud apps into production • Minimal configuration and developer training / preparation • Scans authenticated and unauthenticated pages and identifies security issues • Identifies a large variety of vulnerabilities, from OWASP Top 10, SANS Top 25 and more • Produces a detailed security report - actionable information with remediation instructions Key Features Protect Data
AppScan Mobile Analyzer • Based on Glass Box principles • Identifies security issues in Android applications • Produces a detailed security report • Includes remediation steps • Developer targeted information. Key Features Protect Data
Secure data warehousing and analytics Data Encryption Data Access Control Activity Monitoring dashDB • Automatic encryption for data at rest using Advanced Encryption Standard (AES) • Encryption for data in transit - SSL is automatically configured when dashDB database is provisioned • dashDB database is continuously monitored through IBM InfoSphere Guardium • Database access control – define who has access to what objects in the database Key Features Protect Data
Security Intelligence for the hybrid cloud Gain Visibility Cloud Applications Loggregator • Facility to drain logs over syslog, syslog-tls or https through user provided service • Includes all the events related to the app including staging and deployment • Capability to distinguish the logs from different instances of the application • Device Support Module (DSM) in QRadar for parsing CloudFoundry and application events Key Features Cloud Applications User Provided Service
SSO Access to Bluemix Application 25 PaaS JK Enterprises (JKE) 1 JKE Employees want to access business app deployed on Cloud by JKE Partner 2 JKE uses Identity as a SSO Service on Bluemix 3 Employees access the Bluemix application seamlessly using their enterprise/intranet ID (SAML Federation using Enterprise Bridge) Employees HealthCare Application Single Sign On (SSO) on IBM Bluemix Partner Manage Access
Social Access to Cloud Application 26 App Development Social Application Public CloudPrivate Cloud PaaS Agents / Partners/ Customers App Developers Single Sign On (SSO) on IBM Bluemix 1 Marketing team wants to develop a new Cloud Systems of Engagement App 2 Uses IBM SSO Service Offering on Bluemix for SSO 3 Customers can access the Bluemix app using their social IDs 4 IDs of Contractors / Agents hired for the Marketing Campaign managed on Cloud Directory Marketing Department Manage Access
Cloud Application Security & Protection 27 App Development Internet Application Public CloudPrivate Cloud PaaS App Developers IBM AppScan Dynamic Analyzer on Bluemix 1 App Developer wants to ensure the application is secure and there are no vulnerabilities 2 App Developer uses IBM Appscan Dynamic Analysis Service on Bluemix 3 App Developer gets a report on the App vulnerabilities and threats and recommendations on how to fix them (JKE Subsidiary) Protect Data
Securing Mobile Application 28 Mobile Application Public CloudPrivate Cloud PaaS App Developers IBM AppScan Mobile Analyzer on Bluemix 1 App Developer wants to ensure the mobile application is secure and has no vulnerabilities 2 App Developer uses IBM Appscan Mobile Analyzer Service on Bluemix 3 App Developer uploads the mobile application file (.apk) 4 App Developer gets a report on the Mobile App vulnerabilities, threats and recommendations Protect Data
Database Service Security & Protection 29 Public CloudPrivate Cloud PaaS App Developers InfoSphere Guardium 1 JKE use managed dataware housing and analytics services from the cloud (DashDB) 1 App Developer wants to ensure the access to the data is monitored 2 JKE gets reports on sensitive data access on the cloud JK Enterprises (JKE) Protect Data
Security Intelligence for Bluemix Apps 30 App Development Internet Application Public CloudPrivate Cloud PaaS JK Enterprises (JKE) JKE Security Administrator IBM Security QRadar SIEM 1 JKE Security Administrator wants visibility into their application on the cloud 2 JKE Security Administrator uses IBM Security QRadar SIEM 3 QRadar collects all the events related to the Bluemix Application 4 QRadar detects anomalies, security threats and generates reports for audit and compliance. Gain Visibility
Open Standards & IBM Cloud Security
32 Protect DataManage Access Gain Visibility Kerberos RSA AESTriple-DES X.509 Certificates SHA Hashing KMIP Key Management ISO 27018 Data Protection for Cloud Services PCI-DSS Controls for Card Data ISO 24760 ID Management Architecture ISO 17789 Cloud Computing Reference Architecture CSCC o Security for Cloud Computing: 10 Steps to Ensure Success Version 2.0 o Practical guide to Cloud SLAs o Practical Guide to Cloud Computing Version 2.0 o Cloud Security Standards: What to Expect & Negotiate ISO 29101 Privacy Architecture Framework ISO 27017 Information Security Controls for Cloud Services ISO 19794 Biometric Interchange Formats ISO 19086 Cloud SLAs CADF Cloud Audit Data Federation Cloud Security Standards* * Indicative list only Encryption
Cloud Computing Reference Architecture (CCRA) - Providing Prescriptive Guidance to secure Client Cloud Adoption Patterns Capabilities provided to consumers for using a provider’s applications Integrated service management, automation, provisioning, self service Pre-built, pre-integrated IT infrastructures tuned to application-specific needs Advanced platform for creating, managing, and monetizing cloud services Cloud Enabled Data Center Cloud Platform Services Cloud Service Provider Business Solutions on Cloud Big Data / Analytics workload on cloud Social / Mobile workloads on Cloud Federal/Government Workloads on Cloud Big Data / Analytics Mobile G Cloud
IBM Dynamic Cloud Security Portfolio  Cloud Security Intelligence NEW! Cloud Identity Services NEW!  Cloud Sign On Service NEW!  Cloud Access Manager NEW!  Cloud Privileged Identity Manager NEW!  Cloud Data Activity Monitoring NEW!  Cloud Mobile Application Analyzer NEW!  Cloud Web Application Analyzer NEW! Optimize Security Operations Deliver a consolidated view of your security operations – at unprecedented speed and agility Protect Data Identify vulnerabilities and help prevent attacks targeting sensitive data Gain Visibility Monitor the cloud for security breaches and compliance violations  Intelligent Threat Protection Cloud NEW!  Cloud Security Managed Services NEW!  Security Intelligence and Operations Consulting Services NEW! SaaSPaaSIaaS Manage Access Safeguard people, applications, and devices connecting to the cloud
Learn more about IBM Security Visit our website IBM Security Website Watch our videos IBM Security YouTube Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity IBM Security Intelligence. Integration. Expertise.
Notices and Disclaimers Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGE ARISING FROM THE USE OF THIS INFORMATION, INCLUDING BUT NOT LIMITED TO, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF PROFIT OR LOSS OF OPPORTUNITY. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM's future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law.
Notices and Disclaimers (con’t) Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. • IBM, the IBM logo, ibm.com, Bluemix, Blueworks Live, CICS, Clearcase, DOORS®, Enterprise Document Management System™, Global Business Services ®, Global Technology Services ®, Information on Demand, ILOG, Maximo®, MQIntegrator®, MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®, PureData®, PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, SoDA, SPSS, StoredIQ, Tivoli®, Trusteer®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml.
Thank You Your Feedback is Important! Access the InterConnect 2015 Conference CONNECT Attendee Portal to complete your session surveys from your smartphone, laptop or conference kiosk.

More Related Content

PDF
The Year the Internet Fell Apart
byIBM Security
 
PPTX
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
byIBM Security
 
PDF
Qradar Business Case
byEnterprise Technology Management (ETM)
 
PPT
Smart security solutions for SMBs
byJyothi Satyanathan
 
PPTX
IBM Security Portfolio - 2015
byIBM Thailand Co Ltd
 
PPTX
7 Ways to Stay 7 Years Ahead of the Threat
byIBM Security
 
PDF
IBM Security - 2015 - Client References Guide
byFrancisco González Jiménez
 
PDF
Qradar ibm partner_enablement_220212_final
byArrow ECS UK
 
The Year the Internet Fell Apart
byIBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
byIBM Security
 
Qradar Business Case
byEnterprise Technology Management (ETM)
 
Smart security solutions for SMBs
byJyothi Satyanathan
 
IBM Security Portfolio - 2015
byIBM Thailand Co Ltd
 
7 Ways to Stay 7 Years Ahead of the Threat
byIBM Security
 
IBM Security - 2015 - Client References Guide
byFrancisco González Jiménez
 
Qradar ibm partner_enablement_220212_final
byArrow ECS UK
 

What's hot

PDF
IBM Security Immune System
byJuan Pablo Coelho
 
PPT
Extend Your Market Reach with IBM Security QRadar for MSPs
byIBM Security
 
PDF
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
byAndris Soroka
 
PDF
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
byIBM Security
 
PDF
IBM Security Software Solutions - Powerpoint
byThierry Matusiak
 
PDF
Ibm security products portfolio
byPatrick Bouillaud
 
PPTX
IBM QRadar UBA
byIBM Security
 
PDF
The Cloud Crossover
byArmor
 
PDF
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
byIBM Security
 
PDF
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
byPlatformSecurityManagement
 
PDF
IBM Security Software Solutions
byThierry Matusiak
 
PDF
Cybersecurity frameworks globally and saudi arabia
byFaysal Ghauri
 
PPTX
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
byIBM Security
 
PPTX
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
byMichael Noel
 
PPTX
NIST Cybersecurity Framework (CSF) on the Public Cloud
byCloudHesive
 
PDF
From SIEM to SA: The Path Forward
byEMC
 
PDF
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
PPTX
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
bySirius
 
PDF
How to Choose the Right Security Information and Event Management (SIEM) Solu...
byIBM Security
 
PDF
Cloud Security Demystified
byMichael Torres
 
IBM Security Immune System
byJuan Pablo Coelho
 
Extend Your Market Reach with IBM Security QRadar for MSPs
byIBM Security
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
byAndris Soroka
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
byIBM Security
 
IBM Security Software Solutions - Powerpoint
byThierry Matusiak
 
Ibm security products portfolio
byPatrick Bouillaud
 
IBM QRadar UBA
byIBM Security
 
The Cloud Crossover
byArmor
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
byIBM Security
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
byPlatformSecurityManagement
 
IBM Security Software Solutions
byThierry Matusiak
 
Cybersecurity frameworks globally and saudi arabia
byFaysal Ghauri
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
byIBM Security
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
byMichael Noel
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
byCloudHesive
 
From SIEM to SA: The Path Forward
byEMC
 
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
bySirius
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
byIBM Security
 
Cloud Security Demystified
byMichael Torres
 

Viewers also liked

PPTX
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
byIBM Security
 
PDF
IBM Security Identity & Access Manager
byIBM Sverige
 
PDF
Discover - Mapping Your Hybrid Cloud Journey
byLaurenWendler
 
PPT
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
byIBM Security
 
PPTX
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
byForgeRock
 
PDF
IBM Security Identity and Access Management - Portfolio
byIBM Sverige
 
PDF
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
byCA API Management
 
PPTX
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
byForgeRock
 
PPTX
Networks, Networks Everywhere, And Not A Packet To Drink
byReadWrite
 
PDF
IBM Security SaaS IaaS and PaaS
byCamilo Fandiño Gómez
 
PDF
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 
PDF
Mastering Digital Channels with APIs
byCA API Management
 
PDF
The Architecture of an API Platform
byJohannes Ridderstedt
 
PDF
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
byCA API Management
 
PDF
Are ESBs Relevant in the Age of Microservices?
byApigee | Google Cloud
 
PDF
100 Beautiful Slides from Cannes Lions 2010
byJesse - @jessedee
 
PDF
Api architectures for the modern enterprise
byCA API Management
 
PPTX
Architecture for the API-enterprise
byApigee | Google Cloud
 
PPT
The Gartner IAM Program Maturity Model
bySarah Moore
 
PDF
Open Source Identity Integration with OpenSSO
byelliando dias
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
byIBM Security
 
IBM Security Identity & Access Manager
byIBM Sverige
 
Discover - Mapping Your Hybrid Cloud Journey
byLaurenWendler
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
byIBM Security
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
byForgeRock
 
IBM Security Identity and Access Management - Portfolio
byIBM Sverige
 
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
byCA API Management
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
byForgeRock
 
Networks, Networks Everywhere, And Not A Packet To Drink
byReadWrite
 
IBM Security SaaS IaaS and PaaS
byCamilo Fandiño Gómez
 
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 
Mastering Digital Channels with APIs
byCA API Management
 
The Architecture of an API Platform
byJohannes Ridderstedt
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
byCA API Management
 
Are ESBs Relevant in the Age of Microservices?
byApigee | Google Cloud
 
100 Beautiful Slides from Cannes Lions 2010
byJesse - @jessedee
 
Api architectures for the modern enterprise
byCA API Management
 
Architecture for the API-enterprise
byApigee | Google Cloud
 
The Gartner IAM Program Maturity Model
bySarah Moore
 
Open Source Identity Integration with OpenSSO
byelliando dias
 

Similar to Securing Your Cloud Applications

PDF
Presentation cloud security the grand challenge
byxKinAnx
 
PDF
Cloud Security: What you need to know about IBM SmartCloud Security
byIBM Security
 
PDF
How Does IBM Deliver Cloud Security Paper
byIBM
 
PDF
Rochester Security Event
bycalebbarlow
 
PPT
MDM is not Enough - Parmelee
byProlifics
 
PDF
Information Risk and Protection
byxband
 
PPTX
IBM Relay 2015: Securing the Future
byIBM
 
PPTX
Secure Your Cloud Migration - Secureworld 2019 Charlotte
byMike Brannon
 
PDF
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
byGlenn Ambler
 
PDF
Ibm mobile first protect (maas360)
bygule mariam
 
PDF
Ibm app security assessment_ds
byArun Gopinath
 
PPTX
Are We There Yet? The Path Towards Securing the Mobile Enterprise
byIBM Security
 
PDF
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
byIBM Security
 
PDF
Enabling Secure Use of Cloud Applications
bySonia Baratas Alves
 
PDF
Security Building Blocks of the IBM Cloud Computing Reference Architecture
byStefaan Van daele
 
PDF
Security as an Immune System
byTim Rolston
 
PPT
Ibm security overview 2012 jan-18 sellers deck
byArrow ECS UK
 
PPTX
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
PPTX
5 reasons your iam solution will fail
byIBM Security
 
PPSX
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 
Presentation cloud security the grand challenge
byxKinAnx
 
Cloud Security: What you need to know about IBM SmartCloud Security
byIBM Security
 
How Does IBM Deliver Cloud Security Paper
byIBM
 
Rochester Security Event
bycalebbarlow
 
MDM is not Enough - Parmelee
byProlifics
 
Information Risk and Protection
byxband
 
IBM Relay 2015: Securing the Future
byIBM
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
byMike Brannon
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
byGlenn Ambler
 
Ibm mobile first protect (maas360)
bygule mariam
 
Ibm app security assessment_ds
byArun Gopinath
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
byIBM Security
 
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
byIBM Security
 
Enabling Secure Use of Cloud Applications
bySonia Baratas Alves
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
byStefaan Van daele
 
Security as an Immune System
byTim Rolston
 
Ibm security overview 2012 jan-18 sellers deck
byArrow ECS UK
 
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
5 reasons your iam solution will fail
byIBM Security
 
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 

More from IBM Security

PPTX
Automation: Embracing the Future of SecOps
byIBM Security
 
PDF
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
PDF
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
PPTX
Integrated Response with v32 of IBM Resilient
byIBM Security
 
PDF
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
PDF
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
PDF
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
PDF
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
PPTX
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
PPTX
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
PPTX
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
PPTX
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
PDF
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
PPTX
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
PDF
Mobile Vision 2020
byIBM Security
 
PDF
Retail Mobility, Productivity and Security
byIBM Security
 
PDF
Close the Loop on Incident Response
byIBM Security
 
PDF
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 
PPTX
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
byIBM Security
 
PPTX
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 
Automation: Embracing the Future of SecOps
byIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
Integrated Response with v32 of IBM Resilient
byIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
Mobile Vision 2020
byIBM Security
 
Retail Mobility, Productivity and Security
byIBM Security
 
Close the Loop on Incident Response
byIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
byIBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 

Recently uploaded

PDF
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PDF
Mobile Onboarding UX 11 Best Practices for Retention (2026).pdf
byDesign Studio UI UX
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PDF
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
PDF
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
PDF
Requestly or Postman: What’s the Right API Tool for Your Team?
byhenrycavill30521
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PPTX
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
02_Extended Warehouse Management Functions and Features.pptx
byUdayakumar218983
 
PDF
A "Kill Switch" (Emergency Off Switch) for AI?
byScott M. Graffius
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Presentation on Four Stroke Engine of Ic engine
bySonam Sherpa
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Mobile Onboarding UX 11 Best Practices for Retention (2026).pdf
byDesign Studio UI UX
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
Requestly or Postman: What’s the Right API Tool for Your Team?
byhenrycavill30521
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
02_Extended Warehouse Management Functions and Features.pptx
byUdayakumar218983
 
A "Kill Switch" (Emergency Off Switch) for AI?
byScott M. Graffius
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Presentation on Four Stroke Engine of Ic engine
bySonam Sherpa
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 

Securing Your Cloud Applications

  • 1.
    © 2015 IBMCorporation Securing Your Cloud Applications Nataraj (Raj) Nagaratnam CTO for Security Solutions, IBM Security Sreekanth Iyer Executive IT Architect, IBM Security Jeffrey Hoy Cloud Security Architect, IBM Security
  • 2.
    Agenda • Security forInfrastructure Services (IBM SoftLayer) • Security for Platform Services (IBM Bluemix) 1 IaaS PaaS
  • 3.
    Cloud is rapidlytransforming the enterprise External StakeholdersTraditional Enterprise IT Public CloudPrivate Cloud PaaS Development services SaaS Business applications IaaS Infrastructure services 100+ IBM Offerings HR, CRM, SCM Data archive App development 100+ IBM Offerings Online website
  • 4.
    Cloud presents theopportunity to radically transform security practices Dynamic Cloud Security Standardized, automated, agile, and elastic Traditional Security Manual, static, and reactive Cloud security is not only achievable, it is an opportunity to drive the business, improve defenses and reduce risk
  • 5.
    Clients focus onthree imperatives for improving security Detect threats with visibility across clouds Govern the usage of cloud Protect workloads and data in the cloud How can I understand who is accessing the cloud from anywhere, at anytime? How can I fix vulnerabilities and defend against attacks before they’re exploited? How can I obtain a comprehensive view of cloud and traditional environments? “I can take advantage of centralized cloud logging and auditing interfaces to hunt for attacks.” “Going to the cloud gives me a single choke point for all user access ‒ it provides much more control.” “Cloud gives me security APIs and preconfigured policies to help protect my data and workloads”
  • 6.
    IBM Dynamic CloudSecurity Optimize Security Operations Manage Access Protect Data Gain Visibility SaaSPaaSIaaS Structured Approach to Cloud Security Assess and Govern Focus for this Session
  • 7.
    JKE Overview 6 JK Enterprises(JKE) • A multinational financial services company that offers wide range of wide range of financial and insurance products and services • Operates world-wide, with major offices in AP, EMEA and US • Employs approximately 5,500 staff • Financial details include: • A combined premium income of over $2.5 billion • Investment assets of approximately $16.8 billion • Customers include: • End customers: over 2 million insured customers • Brokers: over 200 registered brokers • Has partnerships with a large number of partners, mainly in the area of brokering and financial advice • Provides internet customers and brokers with online access to applications.
  • 8.
    Securing Cloud –JKE Scenario 7 Focus for this Session
  • 9.
  • 10.
    Security comes “in”(inherent in) and “on” (accessible from) IaaS provider Identity Protection Insight Accessible “on” a IaaS Cloud Provider – Bring your own security  Privileged admin management  Access management of web workloads  Network protection ‒ Firewalls, IPS, proxy  Host security, vulnerability scanning  Encryption and key management  Monitoring customer hybrid infrastructure and workloads.  Log, Audit, and compliance reporting  Vulnerability management Inherent “in” a IaaS Cloud Provider – Security provided in SoftLayer  Admin user management  Isolation of VMs, and dedicated instances  Security monitoring of cloud infrastructure  Role and entitlement management  Network firewalls, VPNs; DoS protection  Platform intelligence  Federation of admin users from enterprises  Encryption of data at rest and secure key store  API access to cloud service logs IaaS
  • 11.
    Security “in” (inherentin) IBM SoftLayer SoftLayer Security Features & Options  Physical DC Security  Logical Segregation  GeoTrust SSL Certificates  Two-Factor Authentication for Portal Administrators  McAfee Host Protection  DC Site Affinity Option IBM MSS - Fully Managed Cloud Security Services  Hosted Web Defense (DDoS+WAF)  Hosted Application Security Management Services  Hosted Security Event and Log Management  Hosted Vulnerability Management  Managed FW, IDPS and UTM  Managed Email and Web Security Comprehensive security for IT assets deployed in SoftLayer VALUE IBM SoftLayer and IBM Managed Security Services (MSS) provide comprehensive cloud security solutions and capabilities for cloud customers – IaaS
  • 12.
    Scenario Overview 11 Enterprise Application Dev/Test/Prod Infrastructure Public CloudPrivateCloud IaaS JK Enterprises (JKE) Description 1 JKE provisions infrastructure resources and moves to Cloud 2 JKE deploys their business application on Cloud
  • 13.
    Privileged User Management 12 IaaS JKEnterprises (JKE) 1 JKE Cloud Administrator logs into SoftLayer 2 JKE Cloud Administrator provisions and sets up the required resources on Cloud 3 Weak management of password and administrator activities can compromise cloud systems 4 JKE implements Privileged User Management to monitor and audit cloud Admin activities 5 Privileged Identity Manager captures and tracks all actions by admin JKE Cloud Administrator IBM Security Privileged Identity Management Dev/Test/ Prod Infrastructure Manage Access
  • 14.
    Automated Provisioning ofISAM Virtual Appliance 13 IaaS JK Enterprises (JKE) 1 JKE likes to add web application protection for their application on cloud 2 JKE deploys ISAM Virtual Appliance on SoftLayer (Automated Provisioning and Configuration of ISAM Appliance on SoftLayer) 3 JKE can manage access and protect applications from attacks. Employees IBM Security Access Manager Virtual Appliance Enterprise Application Agents / Partners/ Customers Manage Access
  • 15.
    Log Management &Security Intelligence 14 IaaS JK Enterprises (JKE) 1 JKE Security Administrator wants visibility into their cloud infrastructure on SoftLayer 2 JKE Security Administrator uses IBM Security QRadar SIEM 3 QRadar collects all the events from security appliances, infrastructure and applications 4 QRadar detects anamolies, security threats and generates reports for audit and compliance. JKE Security Administrator IBM Security QRadar SIEM Enterprise Application Dev/Test/Prod Infrastructure IBM Security Access Manager Virtual Appliance IBM Security Privileged Identity Management Employees Agents / Partners/ Customers Gain Visibility
  • 16.
    IBM Security capabilities(“On”) SoftLayer that enhances security of customer workloads 15 IaaS Enterprise Cloud Administrators Consolidated logs and events Portal and APIs Application users Enterprise security monitoring IBM Virtual SOC services Manage Access Protect Data Gain Visibility
  • 17.
    Security for PlatformServices PaaS
  • 18.
    Security comes “in”(inherent in) and “on” (accessible from) Provider Identity Protection Insight Accessible from a PaaS Cloud Provider ‒ Design your own security  APIs for authentication/SSO of end users, for services/apps  APIs to perform context aware access  Security testing of App, service and APIs  Key management APIs  APIs for fraud detection  IP reputation/threat intelligence APIs  APIs for customer app log and audit  Application security and real time monitoring  Application vulnerability management Inherent “in” a PaaS Cloud Provider ‒ Security is “baked in” platform  Developers registration and SSO  Group management; Entitlements to apps, services  Federation of developers/platform users  Data protection and compliance  Application container  Fabric and services isolation and protection  Customer specific log and audit trail APIs  Active security monitoring of provider (not individual customer services) Hosted on PaaS
  • 19.
  • 20.
  • 21.
    Single Sign On •Add user authentication to your apps with policy-based configuration • Zero coding approach • Integrate with existing enterprise directory with SAML • Option to chose from identity sources like Facebook, LinkedIn, and Google • Option to create and use your own cloud directory Key Features Social Identities Enterprise ID Manage Access
  • 22.
    AppScan Dynamic Analyzer •Discover vulnerabilities before putting cloud apps into production • Minimal configuration and developer training / preparation • Scans authenticated and unauthenticated pages and identifies security issues • Identifies a large variety of vulnerabilities, from OWASP Top 10, SANS Top 25 and more • Produces a detailed security report - actionable information with remediation instructions Key Features Protect Data
  • 23.
    AppScan Mobile Analyzer •Based on Glass Box principles • Identifies security issues in Android applications • Produces a detailed security report • Includes remediation steps • Developer targeted information. Key Features Protect Data
  • 24.
    Secure data warehousingand analytics Data Encryption Data Access Control Activity Monitoring dashDB • Automatic encryption for data at rest using Advanced Encryption Standard (AES) • Encryption for data in transit - SSL is automatically configured when dashDB database is provisioned • dashDB database is continuously monitored through IBM InfoSphere Guardium • Database access control – define who has access to what objects in the database Key Features Protect Data
  • 25.
    Security Intelligence forthe hybrid cloud Gain Visibility Cloud Applications Loggregator • Facility to drain logs over syslog, syslog-tls or https through user provided service • Includes all the events related to the app including staging and deployment • Capability to distinguish the logs from different instances of the application • Device Support Module (DSM) in QRadar for parsing CloudFoundry and application events Key Features Cloud Applications User Provided Service
  • 26.
    SSO Access toBluemix Application 25 PaaS JK Enterprises (JKE) 1 JKE Employees want to access business app deployed on Cloud by JKE Partner 2 JKE uses Identity as a SSO Service on Bluemix 3 Employees access the Bluemix application seamlessly using their enterprise/intranet ID (SAML Federation using Enterprise Bridge) Employees HealthCare Application Single Sign On (SSO) on IBM Bluemix Partner Manage Access
  • 27.
    Social Access toCloud Application 26 App Development Social Application Public CloudPrivate Cloud PaaS Agents / Partners/ Customers App Developers Single Sign On (SSO) on IBM Bluemix 1 Marketing team wants to develop a new Cloud Systems of Engagement App 2 Uses IBM SSO Service Offering on Bluemix for SSO 3 Customers can access the Bluemix app using their social IDs 4 IDs of Contractors / Agents hired for the Marketing Campaign managed on Cloud Directory Marketing Department Manage Access
  • 28.
    Cloud Application Security& Protection 27 App Development Internet Application Public CloudPrivate Cloud PaaS App Developers IBM AppScan Dynamic Analyzer on Bluemix 1 App Developer wants to ensure the application is secure and there are no vulnerabilities 2 App Developer uses IBM Appscan Dynamic Analysis Service on Bluemix 3 App Developer gets a report on the App vulnerabilities and threats and recommendations on how to fix them (JKE Subsidiary) Protect Data
  • 29.
    Securing Mobile Application 28 Mobile Application PublicCloudPrivate Cloud PaaS App Developers IBM AppScan Mobile Analyzer on Bluemix 1 App Developer wants to ensure the mobile application is secure and has no vulnerabilities 2 App Developer uses IBM Appscan Mobile Analyzer Service on Bluemix 3 App Developer uploads the mobile application file (.apk) 4 App Developer gets a report on the Mobile App vulnerabilities, threats and recommendations Protect Data
  • 30.
    Database Service Security& Protection 29 Public CloudPrivate Cloud PaaS App Developers InfoSphere Guardium 1 JKE use managed dataware housing and analytics services from the cloud (DashDB) 1 App Developer wants to ensure the access to the data is monitored 2 JKE gets reports on sensitive data access on the cloud JK Enterprises (JKE) Protect Data
  • 31.
    Security Intelligence forBluemix Apps 30 App Development Internet Application Public CloudPrivate Cloud PaaS JK Enterprises (JKE) JKE Security Administrator IBM Security QRadar SIEM 1 JKE Security Administrator wants visibility into their application on the cloud 2 JKE Security Administrator uses IBM Security QRadar SIEM 3 QRadar collects all the events related to the Bluemix Application 4 QRadar detects anomalies, security threats and generates reports for audit and compliance. Gain Visibility
  • 32.
  • 33.
    32 Protect DataManage AccessGain Visibility Kerberos RSA AESTriple-DES X.509 Certificates SHA Hashing KMIP Key Management ISO 27018 Data Protection for Cloud Services PCI-DSS Controls for Card Data ISO 24760 ID Management Architecture ISO 17789 Cloud Computing Reference Architecture CSCC o Security for Cloud Computing: 10 Steps to Ensure Success Version 2.0 o Practical guide to Cloud SLAs o Practical Guide to Cloud Computing Version 2.0 o Cloud Security Standards: What to Expect & Negotiate ISO 29101 Privacy Architecture Framework ISO 27017 Information Security Controls for Cloud Services ISO 19794 Biometric Interchange Formats ISO 19086 Cloud SLAs CADF Cloud Audit Data Federation Cloud Security Standards* * Indicative list only Encryption
  • 34.
    Cloud Computing ReferenceArchitecture (CCRA) - Providing Prescriptive Guidance to secure Client Cloud Adoption Patterns Capabilities provided to consumers for using a provider’s applications Integrated service management, automation, provisioning, self service Pre-built, pre-integrated IT infrastructures tuned to application-specific needs Advanced platform for creating, managing, and monetizing cloud services Cloud Enabled Data Center Cloud Platform Services Cloud Service Provider Business Solutions on Cloud Big Data / Analytics workload on cloud Social / Mobile workloads on Cloud Federal/Government Workloads on Cloud Big Data / Analytics Mobile G Cloud
  • 35.
    IBM Dynamic CloudSecurity Portfolio  Cloud Security Intelligence NEW! Cloud Identity Services NEW!  Cloud Sign On Service NEW!  Cloud Access Manager NEW!  Cloud Privileged Identity Manager NEW!  Cloud Data Activity Monitoring NEW!  Cloud Mobile Application Analyzer NEW!  Cloud Web Application Analyzer NEW! Optimize Security Operations Deliver a consolidated view of your security operations – at unprecedented speed and agility Protect Data Identify vulnerabilities and help prevent attacks targeting sensitive data Gain Visibility Monitor the cloud for security breaches and compliance violations  Intelligent Threat Protection Cloud NEW!  Cloud Security Managed Services NEW!  Security Intelligence and Operations Consulting Services NEW! SaaSPaaSIaaS Manage Access Safeguard people, applications, and devices connecting to the cloud
  • 36.
    Learn more aboutIBM Security Visit our website IBM Security Website Watch our videos IBM Security YouTube Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity IBM Security Intelligence. Integration. Expertise.
  • 37.
    Notices and Disclaimers Copyright© 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGE ARISING FROM THE USE OF THIS INFORMATION, INCLUDING BUT NOT LIMITED TO, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF PROFIT OR LOSS OF OPPORTUNITY. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM's future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law.
  • 38.
    Notices and Disclaimers(con’t) Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. • IBM, the IBM logo, ibm.com, Bluemix, Blueworks Live, CICS, Clearcase, DOORS®, Enterprise Document Management System™, Global Business Services ®, Global Technology Services ®, Information on Demand, ILOG, Maximo®, MQIntegrator®, MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®, PureData®, PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, SoDA, SPSS, StoredIQ, Tivoli®, Trusteer®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml.
  • 39.
    Thank You Your Feedbackis Important! Access the InterConnect 2015 Conference CONNECT Attendee Portal to complete your session surveys from your smartphone, laptop or conference kiosk.