Is your deployment in pants-down mode?

Slides:



Advertisements
Similar presentations
Your Data Any Place, Any Time Manageability. SQL Server 2008 Manageability Challenges Challenges face database administrators today : Managing complex.
Advertisements

System Center 2012 R2 Overview
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.
Microsoft Operations Management Suite
DevOps and Private Cloud Automation 23 April 2015 Hal Clark.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
DNN LOVES JENKINS FOR CONTINUOUS INTEGRATION
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Buying factors – HP.
UI and Data Entry UI and Data Entry Front-End Business Logic Mid-Tier Data Store Back-End.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
©2009 Check Point Software Technologies Ltd. All rights reserved. [Confidential]—For Check Point users and approved third parties SmartWorkflow Change.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
A way to develop software that emphasizes communication, collaboration, and integration between development and IT operations teams.
Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.
- Company Confidential - Corporate Overview March 2015.
Banjot Chanana Sr Director of Product Docker for the Enterprise with Containers as a Service.
1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Defense Orchestrator Effective security policy management made simple.
Check Point vSEC STORY [Protected] Non-confidential content.
11/19/2017 9:41 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Service Assurance in the Age of Virtualization
Hybrid Management and Security
MICROSOFT AZURE ISV PROFILE: BMC SOFTWARE
Stop Cyber Threats With Adaptive Micro-Segmentation
Insights & Analytics Technical data deck.
HP BSA Essentials Community Overview
Partner Toolbox Cloud Infrastructure & Management
Modern management for the cloud world
How To Deliver Apps Faster And Secure Them The Microsoft Way
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Hybrid Management and Security
Microsoft Operations Management Suite Insight and Analytics
A UNIFIED ECOSYSTEM FOR MARKET DATA VISUALIZATION
AIS Service Catalog Introduction.
Cloud Ops Master Class:
Eliminate Service Outages with Microsoft Azure and ServiceNow
Best Practices for Securing Hybrid Clouds
Secure DevOps for Government in MOC
Insights & Analytics Technical data deck.
Virtualization & Security real solutions
Application Lifecycle Management – Best Practices for SharePoint and Office App development November 2015.
Microsoft Azure Helps Guarantee Hyper-V Performance and System Center Workloads “Our Hyper-V integration went GA in We have continually improved.
Securing Cloud-Native Applications Jason Schmitt CEO
Protect | Transform | Innovate

Healthcare Cloud Security Stack for Microsoft Azure
Protect | Transform | Innovate
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Ed oms team OMS: Log Analytics Ed oms team.
New Relic Digital Intelligence Platform 1 Operational Efficiency with Full Stack Visibility Monitor the real-time impact of your IT ecosystem.
Simplified Development Toolkit
Automating Security in the Cloud
Cloud Security from an Orchestration Perspective: Shifting Left
Healthcare Cloud Security Stack for Microsoft Azure
Healthcare Cloud Security Stack for Microsoft Azure
Healthcare Cloud Security Stack for Microsoft Azure
JOINED AT THE HIP: DEVSECOPS AND CLOUD-BASED ASSETS
NSX Data Center for Security
4/6/2019 9:47 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/3/2019 8:56 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
DEVOPS & THE FUTURE OF TESTING
Healthcare Cloud Security Stack for Microsoft Azure
Healthcare Cloud Security Stack for Microsoft Azure
Sonnet Insurance Company
Jason Sones VNO North America – Nuage Networks from Nokia Sherif Awad
Michael Stephenson Microsoft MVP - Azure
OPIsrael And The Value Of Next Generation SOCs
Presentation transcript:

Is your deployment in pants-down mode? Jason Rouault, CTO Cloudvisory

Pants Down Mode?

© 2018 Cloudvisory - Confidential The Problem: Incomplete Security Governance in Hybrid Multi-Cloud Environments Risks & Challenges in Public/Private Cloud Providers and Legacy Infrastructure Cloud environments are “black boxes”. How can I gain visibility and improve my security posture? Cloud-native security controls are often misconfigured. How can I detect, alert and remediate configuration errors? Cloud and legacy workloads are left too “opened”. How can I consistently enforce least privilege security and decrease the attack surface? Attacks in both cloud and legacy environments are often undetected until it is too late. How can I detect/alert, block and quarantine these attacks? Cloud self-service brings agility to the business, but introduces new risks. How can devops, security, audit, risk and compliance teams maintain control without slowing-down the digital transformation? Visibility Do you have a visual representation today of your entire cloud infrastructure (Providers, workloads, security groups, data flows, etc.)? Things get complex quickly when dealing with multiple environments (dev, test, prod, regions) and multiple providers (data center, OpenStack AWS, Azure…) Black Box for security teams. If an application were down because of improper policy, do you have a way to visualize and identify in real-time? Key is maintaining the agility and flexibility that a self service cloud provides, but also providing the necessary security controls Multiple environments (test, dev, production) Multiple providers (datacenter, AWS, Azure, GCE, and OpenStack) Control Security controls can be complex to the uninitiated, and then can be easy to get wrong Since security controls are applied per VM, it can be quite a daunting task to manage them for large deployments Ideally security policies would get dynamically applied their workloads, rather than the current staticly. Who deploys cloud security controls (Native UI or Scripts) today? DevOps, Security? And how is this enforced Compliance If policies are accidently or maliciously altered, impacting risk or applications, could you detect and how long would it take to repair? If malware compromised a virtual instance today how long would it take to identify the issue and remediate back to compliant state? “Lift and Shift” of legacy security tools to the Cloud will NOT improve Security Visibility, Compliance and Enforcement © 2018 Cloudvisory - Confidential

Start with a Secure Configuration OpenStack Security Checklist https://docs.openstack.org/security-guide/checklist.html © 2018 Cloudvisory - Confidential

Automated OpenStack Security Checks Continuous checks and reporting are needed Compliance Check Automation © 2018 Cloudvisory - Confidential

Compliance is not a one time event Demonstrate Compliance over time Historical Perspective © 2018 Cloudvisory - Confidential

Tailored Views into Compliance Example OpenStack Security Checklist © 2018 Cloudvisory - Confidential

Tailored Views into Compliance Example CIS Kubernetes Benchmark © 2018 Cloudvisory - Confidential

© 2018 Cloudvisory - Confidential Ad-hoc Audit Queries Single Pane of Glass to Manage Risk: Audit, Check and Enforce Compliance Policies © 2018 Cloudvisory - Confidential

Create Guardrails for your self service users Custom Compliance Checks Auto Notification Auto Remediation Full Audit Trails © 2018 Cloudvisory - Confidential

Visualize Your Hybrid, Multi-Cloud Environment Automate cloud-native micro-segmentation © 2018 Cloudvisory - Confidential

Least-Privilege Enforcement Cloudvisory Security Platform (CSP) © 2018 Cloudvisory - Confidential Hybrid, Multi-Cloud Security Governance Lifecycle Management Actionable Audit Auto-Discovery of workloads, network flows, meta-data and cloud-native firewall rules Ad-hoc auditing and reporting Diagnosis of network security issues Discovery of least privilege rules needed for micro-segmentation Compliance Assurance Continuous monitoring to detect and alert on cloud-native & operating systems firewalls misconfigurations Continuous monitoring to detect and alert on lateral moving attacks Custom, Network & CIS Compliance check monitoring, alerting & reporting Least-Privilege Enforcement Hybrid multi-cloud micro-segmentation policy orchestration & enforcement Push button and automatic compliance policy remediation © 2018 Cloudvisory - Confidential

© 2018 Cloudvisory - Confidential The Journey: Hybrid Multi-Cloud Security Governance Non-Intrusive Cloud Security Audit, Compliance & Enforcement © 2018 Cloudvisory - Confidential

Cloudvisory Security Platform Current Release Hybrid Cloud Security Governance Audit, Compliance & Enforcement © 2018 Cloudvisory - Confidential

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.