Enviar búsqueda
Cargar
Automating Security for the Cloud - Make it Easy, Make it Safe
•
Descargar como PPTX, PDF
•
0 recomendaciones
•
832 vistas
CloudPassage
Seguir
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 46
Descargar ahora
Recomendados
Delivering Secure OpenStack IaaS for SaaS Products
Delivering Secure OpenStack IaaS for SaaS Products
CloudPassage
Delivering Secure OpenStack IaaS for SaaS Products - OpenStack 2012.pptx
Delivering Secure OpenStack IaaS for SaaS Products - OpenStack 2012.pptx
OpenStack Foundation
BayThreat Why The Cloud Changes Everything
BayThreat Why The Cloud Changes Everything
CloudPassage
PCI and the Cloud
PCI and the Cloud
CloudPassage
Cloud Application Platforms – Reality & Promise
Cloud Application Platforms – Reality & Promise
Intel Corporation
9 dani künzli citrix cloud solution 2
9 dani künzli citrix cloud solution 2
Digicomp Academy AG
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Eucalyptus Systems, Inc.
Building a Hybrid Cloud
Building a Hybrid Cloud
SVForum Cloud SIG
Recomendados
Delivering Secure OpenStack IaaS for SaaS Products
Delivering Secure OpenStack IaaS for SaaS Products
CloudPassage
Delivering Secure OpenStack IaaS for SaaS Products - OpenStack 2012.pptx
Delivering Secure OpenStack IaaS for SaaS Products - OpenStack 2012.pptx
OpenStack Foundation
BayThreat Why The Cloud Changes Everything
BayThreat Why The Cloud Changes Everything
CloudPassage
PCI and the Cloud
PCI and the Cloud
CloudPassage
Cloud Application Platforms – Reality & Promise
Cloud Application Platforms – Reality & Promise
Intel Corporation
9 dani künzli citrix cloud solution 2
9 dani künzli citrix cloud solution 2
Digicomp Academy AG
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Eucalyptus Systems, Inc.
Building a Hybrid Cloud
Building a Hybrid Cloud
SVForum Cloud SIG
17h30 aws enterprise_app_jvaria
17h30 aws enterprise_app_jvaria
Luiz Gustavo Santos
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
eurocloud
Cloud Foundry Open Tour Keynote
Cloud Foundry Open Tour Keynote
RamnivasLaddad
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private Cloud
Kristian Nese
Enterprise Private Cloud Computing
Enterprise Private Cloud Computing
Cisco Canada
CCitDG Presenation
CCitDG Presenation
Databarracks
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Databarracks
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011
Kim Jensen
Aras PLM Software Leveraging the Cloud
Aras PLM Software Leveraging the Cloud
Aras
Rackforce the cloud
Rackforce the cloud
sdeconf
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystem
htdvul
Cloud computing NIC 2012
Cloud computing NIC 2012
Kristian Nese
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012
Amazon Web Services
Softchoice Webinar Series: VMware vSphere 5.1 Changes
Softchoice Webinar Series: VMware vSphere 5.1 Changes
Softchoice Corporation
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
Amazon Web Services Japan
CLD306 pptx en web
CLD306 pptx en web
Lionbridge International NASDAQ:LIOX
Ga cloud scaling 3 30-2012
Ga cloud scaling 3 30-2012
Andy Parsons
Christian ferber cloud platform_cloudportal
Christian ferber cloud platform_cloudportal
Digicomp Academy AG
KVH Customer Case Study - Aplix Corporatin
KVH Customer Case Study - Aplix Corporatin
KVH Co. Ltd.
Back that *aa s up – bridging multiple clouds for bursting and redundancy
Back that *aa s up – bridging multiple clouds for bursting and redundancy
RightScale
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
CloudPassage
BSides SF - Automating Security for the Cloud
BSides SF - Automating Security for the Cloud
CloudPassage
Más contenido relacionado
La actualidad más candente
17h30 aws enterprise_app_jvaria
17h30 aws enterprise_app_jvaria
Luiz Gustavo Santos
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
eurocloud
Cloud Foundry Open Tour Keynote
Cloud Foundry Open Tour Keynote
RamnivasLaddad
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private Cloud
Kristian Nese
Enterprise Private Cloud Computing
Enterprise Private Cloud Computing
Cisco Canada
CCitDG Presenation
CCitDG Presenation
Databarracks
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Databarracks
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011
Kim Jensen
Aras PLM Software Leveraging the Cloud
Aras PLM Software Leveraging the Cloud
Aras
Rackforce the cloud
Rackforce the cloud
sdeconf
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystem
htdvul
Cloud computing NIC 2012
Cloud computing NIC 2012
Kristian Nese
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012
Amazon Web Services
Softchoice Webinar Series: VMware vSphere 5.1 Changes
Softchoice Webinar Series: VMware vSphere 5.1 Changes
Softchoice Corporation
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
Amazon Web Services Japan
CLD306 pptx en web
CLD306 pptx en web
Lionbridge International NASDAQ:LIOX
Ga cloud scaling 3 30-2012
Ga cloud scaling 3 30-2012
Andy Parsons
Christian ferber cloud platform_cloudportal
Christian ferber cloud platform_cloudportal
Digicomp Academy AG
KVH Customer Case Study - Aplix Corporatin
KVH Customer Case Study - Aplix Corporatin
KVH Co. Ltd.
Back that *aa s up – bridging multiple clouds for bursting and redundancy
Back that *aa s up – bridging multiple clouds for bursting and redundancy
RightScale
La actualidad más candente
(20)
17h30 aws enterprise_app_jvaria
17h30 aws enterprise_app_jvaria
Mon1420 build clouds-oliviermaes-citrix
Mon1420 build clouds-oliviermaes-citrix
Cloud Foundry Open Tour Keynote
Cloud Foundry Open Tour Keynote
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private Cloud
Enterprise Private Cloud Computing
Enterprise Private Cloud Computing
CCitDG Presenation
CCitDG Presenation
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Databarracks using multi-provider hybrid clouds for freedom of choice and f...
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011
Aras PLM Software Leveraging the Cloud
Aras PLM Software Leveraging the Cloud
Rackforce the cloud
Rackforce the cloud
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystem
Cloud computing NIC 2012
Cloud computing NIC 2012
Microsoft Best Practices - AWS India Summit 2012
Microsoft Best Practices - AWS India Summit 2012
Softchoice Webinar Series: VMware vSphere 5.1 Changes
Softchoice Webinar Series: VMware vSphere 5.1 Changes
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
20210127 今日から始めるイベントドリブンアーキテクチャ AWS Expert Online #13
CLD306 pptx en web
CLD306 pptx en web
Ga cloud scaling 3 30-2012
Ga cloud scaling 3 30-2012
Christian ferber cloud platform_cloudportal
Christian ferber cloud platform_cloudportal
KVH Customer Case Study - Aplix Corporatin
KVH Customer Case Study - Aplix Corporatin
Back that *aa s up – bridging multiple clouds for bursting and redundancy
Back that *aa s up – bridging multiple clouds for bursting and redundancy
Destacado
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
CloudPassage
BSides SF - Automating Security for the Cloud
BSides SF - Automating Security for the Cloud
CloudPassage
Halo Installfest Slides
Halo Installfest Slides
CloudPassage
Automating secure server baselines with Chef
Automating secure server baselines with Chef
Chef Software, Inc.
What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud Security
CloudPassage
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure Effect
CloudPassage
Integrating Security into DevOps
Integrating Security into DevOps
CloudPassage
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS business
CloudPassage
CloudPassage Careers
CloudPassage Careers
CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassage
CloudPassage
SecDevOps: The New Black of IT
SecDevOps: The New Black of IT
CloudPassage
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
CloudPassage
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
CloudPassage
Securing the Cloud
Securing the Cloud
GGV Capital
Destacado
(14)
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
BSides SF - Automating Security for the Cloud
BSides SF - Automating Security for the Cloud
Halo Installfest Slides
Halo Installfest Slides
Automating secure server baselines with Chef
Automating secure server baselines with Chef
What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud Security
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure Effect
Integrating Security into DevOps
Integrating Security into DevOps
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS business
CloudPassage Careers
CloudPassage Careers
Meeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassage
SecDevOps: The New Black of IT
SecDevOps: The New Black of IT
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Securing the Cloud
Securing the Cloud
Similar a Automating Security for the Cloud - Make it Easy, Make it Safe
Securing Your Cloud Servers with Halo NetSec
Securing Your Cloud Servers with Halo NetSec
CloudPassage
CloudPassage Overview
CloudPassage Overview
CloudPassage
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Eucalyptus Systems, Inc.
Discover Clever Cloud
Discover Clever Cloud
Quentin Adam
Cloud Escrow van Escrow Alliance
Cloud Escrow van Escrow Alliance
EscrowDirect.eu
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_Public
Dropbox
Security in a Cloudy Architecture
Security in a Cloudy Architecture
Bob Rhubart
Portability In The Cloud
Portability In The Cloud
Bharath Ram Srinivasan
Oracle Cloud Computing Strategy (EMO)
Oracle Cloud Computing Strategy (EMO)
rachgregs
Kaavo Introduction 08012011
Kaavo Introduction 08012011
sams2618
C bu07 cloud_offering_decoder
C bu07 cloud_offering_decoder
Megan Irvine
Cloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
Spring Data for JJUG for Cross Conference Fall
Spring Data for JJUG for Cross Conference Fall
Toshihiko Ikeda
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Amazon Web Services
AWS Partner Presentation-Symantec-AWS Cloud Storage for the Enterprise 2012
AWS Partner Presentation-Symantec-AWS Cloud Storage for the Enterprise 2012
Amazon Web Services
彭—Elastic architecture in cloud foundry and deploy with openstack
彭—Elastic architecture in cloud foundry and deploy with openstack
OpenCity Community
Clever Cloud PITCH on DWS
Clever Cloud PITCH on DWS
Quentin Adam
2012 10 cloud security architecture
2012 10 cloud security architecture
Vladimir Jirasek
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
dirkbeth
Getting Started Developing with Platform as a Service
Getting Started Developing with Platform as a Service
CloudBees
Similar a Automating Security for the Cloud - Make it Easy, Make it Safe
(20)
Securing Your Cloud Servers with Halo NetSec
Securing Your Cloud Servers with Halo NetSec
CloudPassage Overview
CloudPassage Overview
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Discover Clever Cloud
Discover Clever Cloud
Cloud Escrow van Escrow Alliance
Cloud Escrow van Escrow Alliance
eFolder AppAssure Cloud Briefing_Public
eFolder AppAssure Cloud Briefing_Public
Security in a Cloudy Architecture
Security in a Cloudy Architecture
Portability In The Cloud
Portability In The Cloud
Oracle Cloud Computing Strategy (EMO)
Oracle Cloud Computing Strategy (EMO)
Kaavo Introduction 08012011
Kaavo Introduction 08012011
C bu07 cloud_offering_decoder
C bu07 cloud_offering_decoder
Cloud security and security architecture
Cloud security and security architecture
Spring Data for JJUG for Cross Conference Fall
Spring Data for JJUG for Cross Conference Fall
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
AWS Partner Presentation-Symantec-AWS Cloud Storage for the Enterprise 2012
AWS Partner Presentation-Symantec-AWS Cloud Storage for the Enterprise 2012
彭—Elastic architecture in cloud foundry and deploy with openstack
彭—Elastic architecture in cloud foundry and deploy with openstack
Clever Cloud PITCH on DWS
Clever Cloud PITCH on DWS
2012 10 cloud security architecture
2012 10 cloud security architecture
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
Getting Started Developing with Platform as a Service
Getting Started Developing with Platform as a Service
Más de CloudPassage
Webinar compiled powerpoint
Webinar compiled powerpoint
CloudPassage
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
CloudPassage
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the Cloud
CloudPassage
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOps
CloudPassage
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud
CloudPassage
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated Approach
CloudPassage
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
CloudPassage
Más de CloudPassage
(7)
Webinar compiled powerpoint
Webinar compiled powerpoint
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the Cloud
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOps
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated Approach
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
Último
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
LoriGlavin3
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Pim van der Noll
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
Raghuram Pandurangan
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Alkin Tezuysal
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
UiPathCommunity
A Framework for Development in the AI Age
A Framework for Development in the AI Age
Cprime
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Kari Kakkonen
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
HarshalMandlekar2
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
AliaaTarek5
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
Último
(20)
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
A Framework for Development in the AI Age
A Framework for Development in the AI Age
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Automating Security for the Cloud - Make it Easy, Make it Safe
1.
Automating Security for
the Cloud Make it easy, make it safe. Rand Wacker rand@cloudpassage.com @randwacker We’re Hiring! © 2012 CloudPassage Inc.
2.
whoami
Slides available soon on Rand Wacker community.cloudpassage.com @randwacker rand@cloudpassage.com Security Cloud UC Berkeley ✘ ✘ Oracle ✘ Amazon ✘ IronPort/ScanSafe ✘ ✘ Cisco ✘ CloudPassage ✘ ✘ © 2012 CloudPassage Inc.
3.
DevOps and Security
Big Data Analysts © 2012 CloudPassage Inc.
4.
Shared Responsibility Model
Responsibility EC2 Shared Responsibility Model Data Customer “…the customer should assume responsibility and management of, but not App Code limited to, the guest operating system.. and associated application software...” App Framework “…it is possible for customers to enhance Operating System security and/or meet more stringent compliance requirements with the addition of Virtual Machine Responsibility host based firewalls, host based Hypervisor intrusion detection/prevention, Provider encryption and key management.” Compute & Storage Amazon Web Services: Overview of Security Shared Network Processes Physical Facilities © 2012 CloudPassage Inc.
5.
Survey: Cloud Security
Practices Question: How do you secure your cloud servers today? Open source or custom-developed tools Commercial Tool We're not securing our cloud servers My provider does it for me Amazon Security Group Source: CloudPassage CloudSec Community Survey © 2012 CloudPassage Inc.
6.
© 2012 CloudPassage
Inc.
7.
Cloud Security Challenges
Metered Usage www-7 www-8 www-9 www-10 www-4 www-5 www-6 Cloud Provider B Temporary & Dynamic Deployments Cloud Provider A www-1 www-2 www-3 Multiple Cloud Environments Private Datacenter © 2012 CloudPassage Inc.
8.
The Alfred E
Newman Guide to Easy Cloud Security © 2012 CloudPassage Inc.
9.
Firewalling in the
Cloud: Beyond Simple Security Groups © 2012 CloudPassage Inc.
10.
11.
Traditional DC Protection
Auth DB DB DB Server core core Firewal l Load App Load App Balancer Server Balancer Server dmz dmz Firewal l © 2012 CloudPassage Inc.
12.
Moving to the
Cloud Auth DB DB DB Server core core Firewal l Load App Load App Balancer Server Balancer Server dmz dmz Firewal l © 2012 CloudPassage Inc.
13.
Moving to the
Cloud Auth DB DB DB Server core core Firewal l Load App Load App Balancer Server Balancer Server dmz dmz Firewal l public cloud © 2012 CloudPassage Inc.
14.
Cloud Servers at
Risk Load Balancer App App Server Server DB Master public cloud © 2012 CloudPassage Inc.
15.
Firewalling in the
Cloud Load Balancer FW Halo App App Server Server FW FW Halo Halo DB Master FW Halo public cloud © 2012 CloudPassage Inc.
16.
Firewalling in the
Cloud Load Load Balancer Balancer FW FW Halo Halo App App App Server Server Server FW FW FW Halo Halo Halo DB DB Master Slave FW FW Halo Halo public cloud © 2012 CloudPassage Inc.
17.
Firewalling in the
Cloud Load Load Balancer Balancer FW FW Halo Halo App App App Server Server App Server FW FW Server FW IP Halo Halo Halo DB DB Master Slave FW FW Halo Halo public cloud © 2012 CloudPassage Inc.
18.
Firewalling in the
Cloud Load Load Balancer Balancer FW FW Halo Halo App App Server Server App FW FW Server IP Halo Halo DB DB Master Slave FW FW Halo Halo public cloud © 2012 CloudPassage Inc.
19.
Multi-Cloud Firewalling
App App DB DB App App Server Server Server Server FW FW FW FW FW FW Halo Halo Halo Halo Halo Halo US West Cloud US East Cloud Firewall DB DB Halo Halo Private Datacenter © 2012 CloudPassage Inc.
20.
Multi-Cloud Firewalling
App App DB DB App App Server Server Server Server FW FW FW FW FW FW Halo Halo Halo Halo Halo Halo US West Cloud US East Cloud Firewall DB DB Halo Halo Private Datacenter © 2012 CloudPassage Inc.
21.
Lessons to Learn
Whatever firewall options you have, use them Make sure your firewall rules are updated quickly Plan for the future, because you will be multi- cloud © 2012 CloudPassage Inc.
22.
Controlling Access to
Your Cloud Servers: Solving the Contractor Problem © 2012 CloudPassage Inc.
23.
Meet Jed the
Web Designer Jed is highly mobile Jed still uses FTP You hired Jed for design skills, not technical acumen How do you avoid Jed’s FTP access becoming a gaping hole in your server? © 2012 CloudPassage Inc.
24.
WRONG WAY: Open
Access Web ftp Server © 2012 CloudPassage Inc.
25.
WRONG WAY: Open
Access © 2012 CloudPassage Inc.
26.
Manual Options -
PITA MANUALLY turn FTP server on and off when Jed needs access? MANUALLY activate and deactivate account for Jed when he needs access? MANUALLY change firewall rules when Jed needs access? MANUALLY make Jed’s transfer for him? © 2012 CloudPassage Inc.
27.
Halo Multi-Factor Cloud
Auth Prevent brute force attacks on SSH and web applications YubiKey-generated one-time password No batteries or moving parts © 2012 CloudPassage Inc.
28.
Using Multi-Factor Auth
Web Server FW Halo © 2012 CloudPassage Inc.
29.
Using Multi-Factor Auth
DB Server FW Halo CloudPassa ge Halo https Halo Grid © 2012 CloudPassage Inc.
30.
Using Multi-Factor Auth
DB Server FW Halo CloudPassa ge Halo https Halo Grid © 2012 CloudPassage Inc.
31.
Using Multi-Factor Auth
DB Server FW Halo © 2012 CloudPassage Inc.
32.
REMEMBER: Delete Jed!!!
DB Server FW Halo De-provision Jed Remove GhostPorts Access, User Local Server Accounts Portal CloudPassa ge Halo https https RESTful Halo Grid API Gateway © 2012 CloudPassage Inc.
33.
Lessons to Learn
You may behave securely, but does everyone who works for you? Security that complicates daily tasks will be circumvented Make sure to clean up after others © 2012 CloudPassage Inc.
34.
Automation will set
you free, America… (Apologies to Alton Brown) © 2012 CloudPassage Inc.
35.
Automatable Security Tasks •
Scan for recent vulnerabilities of installed software packages. • Verify firewall rules match policy. • Alert administrators of missing server. • Get a report of every server that a user *does not* have an account on. • Get a report of every server that a user has an account on. • Get alerted if a new cloud server gets created. • Monitor for unauthorized/unexpected changes to application code files. • Make sure that init.d startup scripts can't be tampered with by non-root users. • Find server accounts that don’t have passwords (it happens). • Get a report of every server that a user *does not* have an account on. Many, many more at community.cloudpassage.com © 2012 CloudPassage Inc.
36.
The Secure, Automated
Cloud © 2012 CloudPassage Inc.
37.
Wrapping Up © 2012
CloudPassage Inc.
38.
Moral of the
Story • Security of your cloud servers is your responsibility • Security risks in the cloud are real (just check your logs) • Security automation isn’t just a best practice, it makes your life easier © 2012 CloudPassage Inc.
39.
How To Secure
Cloud Servers Servers in hybrid and public clouds must be self- defending with highly automated controls like… Dynamic firewall & Server compromise & access control intrusion alerting Configuration and Server forensics and package security security analytics Server account Integration & automation visibility & control capabilities © 2012 CloudPassage Inc.
40.
Try Halo FREE
- 5 Minute Setup Register for Halo at cloudpassage.com/register Install Halo daemons on cloud servers Configure security policies in Halo web portal © 2012 CloudPassage Inc.
41.
In Closing
• CloudPassage Installfest March 28th! – Helpful cloud security advice! Pizza! Beer! – Free tickets: cloudpassage.eventbrite.com • Ask Questions! – Lots More Info: community.cloudpassage.com – Small Bits of Info: @cloudpassage • We’re hiring! We’re Expert in Security and/or Cloud? Hiring! DevOps, Rails, UX, Freemium Marketing – Email: jobs@cloudpassage.com © 2012 CloudPassage Inc.
42.
Thank You!
Rand Wacker rand@cloudpassage.com @randwacker © 2012 CloudPassage Inc.
43.
What does CloudPassage
do? Security for virtual servers running in public and private clouds Dynamic firewall Server & cloud event management alerting Configuration and Security & compliance vulnerability scanning auditing Server access and Server integrity & privilege management intrusion alerting Cloud adoption without fear Faster and easier compliance Repel attacks on your servers Free Basic version, 5 minutes setup © 2012 CloudPassage Inc.
44.
CloudPassage Halo
Architecture © 2012 CloudPassage Inc.
45.
How It Works
Halo • Halo Daemon Daemon www-1 – Ultra light-weight software – Installed on server image Halo – Automatically provisioned www-1 • Halo Grid – Elastic compute grid – Hosted by CloudPassage – Does the heavy lifting for the Halo Daemons Halo Grid © 2012 CloudPassage Inc.
46.
www-1
Alerts, Reports www-1 www-2 and Trending www-3 www-4 Halo Halo Halo Halo User Portal CloudPassage https Halo Policies, https Commands, RESTful Reports Compute API Gateway Grid © 2012 CloudPassage Inc.
Notas del editor
SAASFast and easyThe only cloud security platform built for the cloud
Descargar ahora