System Hardening … Made Easy Security Configuration Management Michael Betti, Sr. SE, Tripwire.

Slides:

Advertisements

Similar presentations

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

Advertisements

BENEFITS OF SUCCESSFUL IT MODERNIZATION

Bill McClanahan – Principal Business Consultant LPS Integration.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

Brian Markham Director, DIT Compliance and Risk Services May 1, 2014

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Network security policy: best practices

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Entré NetMonitor Proactive IT monitoring, Management and support Think DIFFERENT about IT.

Security and Privacy Services Cloud computing point of view October 2012.

Unify and Simplify: Security Management

HIPAA COMPLIANCE WITH DELL

Know the Difference™ Disaster Recovery Verification Solution Martin Perlin Marketing Director, Evolven THERE WHEN NEEDED MOST? Verify consistency and integrity.

EEye Digital Security    On the Frontline of the Threat Landscape: Simple configuration goes a long way.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Netwrix product briefing n4.0 Unified Auditing for Critical IT Systems.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

Slide 1 CFEngine. Slide 2 Confidential Quotes “ ” CFEngine offers a highly scalable approach with a pull-based, distributed architecture. “ ” CFEngine.

Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

IT Priorities Minimize CAPEX Maximize employee productivity Grow the business Add new compute resources real- time to support growth Meet compliance requirements.

Security fundamentals Topic 2 Establishing and maintaining baseline security.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

Dr. Hussein Al-Bahadili Faculty of Information Technology Petra University Week #5 1/10 Securing E-Transaction - SIEM.

Business Technology Optimization: The New CIO Agenda Kenneth R Klein Chief Operating Officer Mercury Interactive.

Changing IT Managing Networks in a New Reality Alex Bakman Founder and CEO Ecora Software.

Kevin Watson and Ammar Ammar IT Asset Visibility.

DATS Portfolio. PARTNERS & Solutions END TO END DATA CENTER SOLUTIONS Building a robust, resilient IT infrastructure. Lenovo System x combines unbeatable.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Managed IT Solutions More Reliable Networks Are Our Business

Your Partner for Superior Cybersecurity

BruinTech Vendor Meet & Greet December 3, 2015

IDS Intrusion Detection Systems

Automating Security Frameworks

Compliance with hardening standards

Putting It All Together

Putting It All Together

Leverage What’s Out There

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Software Requirements

CMGT 245 Possible Is Everything/snaptutorial.com

CMGT 245 Education for Service-- snaptutorial.com.

CMGT 245 Teaching Effectively-- snaptutorial.com.

I have many checklists: how do I get started with cyber security?

NETWORK SECURITY LAB Lab 9. IDS and IPS.

Making Information Security Manageable with GRC

Making Information Security Actionable with GRC

AWS Boulder - Denver Meetup – January 2017

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

Automating Security in the Cloud

Moving from “Bolt-on” to “Build-in” Security Controls

Managing IT Risk in a digital Transformation AGE

GRC - A Strategic Approach

Microsoft Data Insights Summit

Presentation transcript:

System Hardening … Made Easy Security Configuration Management Michael Betti, Sr. SE, Tripwire

IT SECURITY & COMPLIANCE AUTOMATION What Is It? System Hardening is the act of reducing the attack surface in information systems and minimizing their vulnerabilities in accordance with: Recognized Best Practices Vendor Hardening Guidelines Custom Security Polices Industry Standards or Benchmarks Security Configuration Management is an automated, security-focused set of capabilities that makes system hardening: Repeatable and enterprise-scalable Continuous, with real-time or periodic capabilities as needed Flexible, and aligned with business needs, workflows and exceptions Self-correcting and self-remediating 2

IT SECURITY & COMPLIANCE AUTOMATION 3 “The management and control of configurations for an information system with the goal of enabling security and managing risk ” NIST says SCM is:

IT SECURITY & COMPLIANCE AUTOMATION SCM: Tripwire Definition The ability to create, edit and manage IT security hardening policies in a way that fits real-world business processes and continually balances risk and productivity 4

IT SECURITY & COMPLIANCE AUTOMATION On Many Short-term Buying Lists 5 © 451 Group 2013

IT SECURITY & COMPLIANCE AUTOMATION 6 Gartner says SCM is the #1 priority in creating a server protection strategy 1

IT SECURITY & COMPLIANCE AUTOMATION 7 Securosis says configuration hardening is the 2 nd most effective data security control 2

IT SECURITY & COMPLIANCE AUTOMATION 8 SANS says SCM is the 3rd most important security control you can implement 3 (& 10)

IT SECURITY & COMPLIANCE AUTOMATION GCHQ’s New Cyber Security Guidance GCHQ released new “10 Steps to Cyber Security” in Fall 2012 Focused on executive and board responsibility Names Secure Configurations as one of the most critical steps to achieving an objective measure of cybersecurity 9

IT SECURITY & COMPLIANCE AUTOMATION What’s the Reality When It Comes to SCM? It’s Hard To Do: 10

IT SECURITY & COMPLIANCE AUTOMATION Configuration Drift Is A Constant Enemy “Configuration drift is a natural condition in every data center environment due to the sheer number of ongoing hardware and software changes.” – Continuity Software blog “In less than a week, all the configuration controls, permissions and entitlements that IT spends time testing are useless.” – ITPCG blog 11

IT SECURITY & COMPLIANCE AUTOMATION What Can You Do? 12 Monitors and assess critical configurations in: File systems Databases like MS-SQL, Oracle, IBM DB2 and Sybase Directory services and network devices When?: Immediate detection of changes to critical, defense-dependant configurations Efficient, change-triggered configuration assessment Shorten time of system risk Demonstrating Compliance: Document any waivers Document when tests went from failing to passing Alerted to tests going from passing to failng – within minutes or at least hours

IT SECURITY & COMPLIANCE AUTOMATION Time Secure & Compliant State Security Posture Continuous Monitoring 13 Continually assess and remediate insecure configurations, insuring always-hardened, always-ready information systems and network devices

Tripwire Americas: TRIPWIRE Tripwire EMEA: +44 (0) Tripwire Japan: Tripwire Singapore: Tripwire Australia-New Zealand: +61 (0) System Hardening Made Easy, By Tripwire