SlideShare una empresa de Scribd logo

Cloud Security - A Visibility Challenge

Raffael Marty
Raffael Marty

Cloud security really boils down to a visibility challenge. I am showing why companies are moving to the cloud and what the security implications are. The security challenges boil down to a visibility, which in turn is a big data challenge. Loggly, a logging as a service provider, addresses this visibility challenge by providing a big data, cloud logging platform. The presentation outlines some visualization use-cases that can be built on top of the Loggly platform to support visibility into cloud operations.

TecnologíaEmpresariales
1 de 30
Descargar para leer sin conexión
Cloud Security A Visibility Challenge Raffael Marty - @zrlram UNAM 2010, Mexico City Wednesday, December 1, 2010
Raffael Marty • Founder @ • Chief Security Strategist and Product Manager @ Splunk • Manager Solutions @ ArcSight • Intrusion Detection Research @ IBM Research • IT Security Consultant @ PriceWaterhouse Coopers Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 Logging as a Service 2 © by Raffael Marty Wednesday, December 1, 2010
Agenda •Data Centers •Visibility and Big Data •The Cloud •Logging as a Service •A New Risk Landscape Logging as a Service 3 © by Raffael Marty Wednesday, December 1, 2010
Data Centers 4 Wednesday, December 1, 2010
11.8 million servers in data centers “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 5 Wednesday, December 1, 2010
Servers are used at only 15% of their capacity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 6 Wednesday, December 1, 2010
800 billion dollars spent yearly on purchasing and maintaining enterprise software 80% of enterprise software expenditure is on installation and maintenance of software “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 7 Wednesday, December 1, 2010
Data centers consume up to 100 times more per square foot than a typical office building Data centers consume 1.5% of the USA’s electricity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 8 Wednesday, December 1, 2010
From 2001 to 2006: • Number of servers doubled • Average power consumption per server quadrupled “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 9 Wednesday, December 1, 2010
Green technologies can reduce energy costs by 50% “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 10 Wednesday, December 1, 2010
The Cloud 11 Wednesday, December 1, 2010
The Public Cloud IaaS - Infrastructure PaaS - Platform SaaS - Software Enterprise Infrastructure Services LaaS - Logging XaaS - DNS / RDBMS /... Raffael Marty - @zrlram 12 Wednesday, December 1, 2010
Cloud “Features” • Almost infinite resources - on demand • Pay as you go • Elasticity - dynamic load allocation • Quality of service guarantees (SLAs) • Outsource non-core capabilities / responsibilities • Forces operations to streamline and automate • Availability of infrastructure services (load balancing, database, logging, etc.) • Enables higher availability - Provision in multiple data centers / multiple instances Raffael Marty - @zrlram 13 Wednesday, December 1, 2010
Why Companies Move to the Cloud “If you move your data centre to a cloud provider, it will cost a tenth of the cost.” – Brian Gammage, Gartner Fellow “Using cloud infrastructures saves 18% to 29% before considering that you no longer need to buy for peak capacity” - George Reese, founder Valtira and enStratus “Web service providers offer APIs that enable developers to exploit functionality over the Internet, rather than delivering full-blown applications.” - Infoworld Raffael Marty - @zrlram 14 Wednesday, December 1, 2010
Why Companies Move to the Cloud • Ecological considerations drive economical decisions • Increased Efficiency due to better use of resources • More predictable cost • IT staff can be freed up for other initiatives • Design with redundancy and failure tolerance needed • Automation is necessary, but is a good thing • Easy integration of services for non-core capabilities (RDBMS, Load balancing, etc.) Raffael Marty - @zrlram 15 Wednesday, December 1, 2010
Changes in Security • The Good - Cloud homogeneity makes security auditing/testing simpler - Clouds enable automated security management - Redundancy / Disaster Recovery - Distributed denial of service (DDoS) protection • The Bad? - Loss of physical control - No more network-based Intrusion Detection - No data leak prevention (DLP) - Little network routing mechanisms Raffael Marty - @zrlram 16 Wednesday, December 1, 2010
What Has Changed • Data Storage and Access - Isolation management / data multi-tenancy - Data retention issues - Data dispersal and international privacy laws ‣ EU Data Protection Directive and U.S. Safe Harbor program ‣ Exposure of data to foreign governments and data subpoenas • Processing Infrastructure - Application multi-tenancy - Reliance on hypervisors - Process isolation / Application sandboxes Raffael Marty - @zrlram 17 Wednesday, December 1, 2010
Your New Risk Landscape 18 Wednesday, December 1, 2010
Risk = (Threat, Vulnerability) • Shared resources • Hypervisor escaping • Using external services • Stored credentials Proprietary implementations can’t be examined - • Web ubiquity - Availability of services - Confidentiality of services • Malicious insiders • Data storage • Trusting vendor’s security model - Obtaining support for investigations - Inability to respond to audit findings Raffael Marty - @zrlram 19 Wednesday, December 1, 2010
Visibility and Big Data 20 Wednesday, December 1, 2010
Visibility Raffael Marty - @zrlram 21 Wednesday, December 1, 2010
Visibility • Monitoring - Performance - Availability - Ephemeral Infrastructure IaaS - Similar to before • Security PaaS - Lack of Infrastructure - New Threats SaaS - Blind? - New Vulnerabilities - Different Risk Distribution Raffael Marty - @zrlram 22 Wednesday, December 1, 2010
Application Visibility • If you can’t control the infrastructure, control your applications • Application logging - need guidelines - better tools - education of developers / students? • Challenges - how to centrally collect all the data - how to mine the data - how to use/understand the data See: Raffael Marty, “Cloud Application Logging for Forensics”, SAC 2011, Taipei. Raffael Marty - @zrlram 23 Wednesday, December 1, 2010
Big Data • NoSQL • Distributed data stores • Distributed queues • Map reduce • ETL (Extract, Transform, Load) • ... Raffael Marty - @zrlram 24 Wednesday, December 1, 2010
LaaS - Logging as a Service • Log collection Benefits • all data in one place • No installation • Great scalability • Log storage and management • Easy configuration • 7x24 availability • No maintenance • Pay as you go • index, storage, archive • Extremely fast log search across all your data • data source agnostic (no parsers) • innovative Web shell • API log access • oAuth authentication • always on Logging as a Service 25 © by Raffael Marty Wednesday, December 1, 2010
“Logging Bus” Machines Mashups mobile-166 My syslog Users • Logs published to bus • Consumers read from bus Bus Individuals Mashups • Situational awareness Clouds Small businesses • Security forensics Data centers • Security monitoring Logging as a Service 26 © by Raffael Marty Wednesday, December 1, 2010
Situational Awareness • Treemap • Protovis.JS • Size: Amount • Brightness: Variance • Color: Sensor • Shows: Scans - bright spots • Thanks to Chris Horsley Logging as a Service 27 © by Raffael Marty Wednesday, December 1, 2010
Forensics mobile-166 My syslog Logging as a Service 28 © by Raffael Marty Wednesday, December 1, 2010
Security Visualization www.secviz.org Logging as a Service 29 © by Raffael Marty Wednesday, December 1, 2010
about.me/raffy loggly.com/signup 30 Wednesday, December 1, 2010

Recomendados

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsRaffael Marty
 
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxMarco Garcia
 
Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Adam Doyle
 
Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Adam Doyle
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
 
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Insight Technology, Inc.
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical ApproachJeremy Brown
 
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...DataWorks Summit
 

Recomendados

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsRaffael Marty
 
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxMarco Garcia
 
Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Adam Doyle
 
Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Adam Doyle
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
 
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Insight Technology, Inc.
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical ApproachJeremy Brown
 
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...DataWorks Summit
 
IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIvo Andreev
 
Architecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataRichard McDougall
 
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...Cloudera, Inc.
 
The Destiny of Data
The Destiny of DataThe Destiny of Data
The Destiny of DataHortonworks
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wirelessLINAGORA
 
Big Data Application Architectures - IoT
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoTDataWorks Summit/Hadoop Summit
 
Hortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataScott Clinton
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache AccumuloSqrrl
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredRochester Security Summit
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013IntelAPAC
 
Reference architecture for Internet of Things
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of ThingsSujee Maniyam
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIDataWorks Summit
 
Hadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteMark van Rijmenam
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101DataCentred
 
Logging at scale: doing more with less
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with lessAndré Fucs de Miranda
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure HTS Hosting
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosCloudera, Inc.
 
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsightNaoki (Neo) SATO
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedCloudera, Inc.
 
Visualization: Transforming How We View Security
Visualization: Transforming How We View SecurityVisualization: Transforming How We View Security
Visualization: Transforming How We View Securitydigitallibrary
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention ApproachesCipherCloud
 

Más contenido relacionado

La actualidad más candente

IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIvo Andreev
 
Architecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataRichard McDougall
 
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...Cloudera, Inc.
 
The Destiny of Data
The Destiny of DataThe Destiny of Data
The Destiny of DataHortonworks
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wirelessLINAGORA
 
Hortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataScott Clinton
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache AccumuloSqrrl
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013IntelAPAC
 
Reference architecture for Internet of Things
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of ThingsSujee Maniyam
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIDataWorks Summit
 
Hadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteMark van Rijmenam
 
Logging at scale: doing more with less
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with lessAndré Fucs de Miranda
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure HTS Hosting
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosCloudera, Inc.
 
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsightNaoki (Neo) SATO
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedCloudera, Inc.
 

La actualidad más candente (20)

IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
 
Architecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big Data
 
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
 
The Destiny of Data
The Destiny of DataThe Destiny of Data
The Destiny of Data
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wireless
 
Big Data Application Architectures - IoT
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoT
 
Hortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your data
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache Accumulo
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013
 
Reference architecture for Internet of Things
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of Things
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AI
 
Hadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes Keynote
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
 
Logging at scale: doing more with less
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with less
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for Telcos
 
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and Governed
 

Destacado

Visualization: Transforming How We View Security
Visualization: Transforming How We View SecurityVisualization: Transforming How We View Security
Visualization: Transforming How We View Securitydigitallibrary
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention ApproachesCipherCloud
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Amazon Web Services
 
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...Carlos Tomas
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)Amazon Web Services
 
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...VMware Tanzu
 
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...Amazon Web Services
 
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...DevOps Enterprise Summit
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensBitglass
 

Destacado (10)

Visualization: Transforming How We View Security
Visualization: Transforming How We View SecurityVisualization: Transforming How We View Security
Visualization: Transforming How We View Security
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
 
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
 
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
 
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
 
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
 
Cloud Management with vRealize Operations
Cloud Management with vRealize OperationsCloud Management with vRealize Operations
Cloud Management with vRealize Operations
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 

Similar a Cloud Security - A Visibility Challenge

Cloudy with a chance of downtime
Cloudy with a chance of downtimeCloudy with a chance of downtime
Cloudy with a chance of downtimeAFCOM
 
Cloud - Security - Big Data
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big DataRaffael Marty
 
Iia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V FinalIia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V FinalDanny Miller
 
Cloud Security: Trust and Transformation
Cloud Security: Trust and TransformationCloud Security: Trust and Transformation
Cloud Security: Trust and TransformationPeter Coffee
 
Easing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDSEasing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDSRick Warren
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud Legal Project
 
Top 10 Data Center Success Criteria
Top 10 Data Center Success CriteriaTop 10 Data Center Success Criteria
Top 10 Data Center Success CriteriaInternap
 
PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent Jonny Daenen
 
Turn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWSTurn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWSAmazon Web Services
 
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ SystemsLogical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ SystemsDenodo
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010graywilliams
 
Big Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & VirtualizationBig Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & Virtualizationtervela
 
Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017Chris Evans
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsAngelo Corsaro
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRBMichael Zimmer
 
Redrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierRedrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierJoe Hage
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IAngelo Corsaro
 
Service goes accessible_2013_sh
Service goes accessible_2013_shService goes accessible_2013_sh
Service goes accessible_2013_shTomppa Järvinen
 

Similar a Cloud Security - A Visibility Challenge (20)

Cloudy with a chance of downtime
Cloudy with a chance of downtimeCloudy with a chance of downtime
Cloudy with a chance of downtime
 
Cloud - Security - Big Data
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big Data
 
Iia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V FinalIia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V Final
 
Cloud Security: Trust and Transformation
Cloud Security: Trust and TransformationCloud Security: Trust and Transformation
Cloud Security: Trust and Transformation
 
Easing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDSEasing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDS
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risks
 
Top 10 Data Center Success Criteria
Top 10 Data Center Success CriteriaTop 10 Data Center Success Criteria
Top 10 Data Center Success Criteria
 
PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent
 
The Sun Cloud
The Sun CloudThe Sun Cloud
The Sun Cloud
 
Turn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWSTurn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWS
 
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ SystemsLogical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
 
Announcing RTI Connext
Announcing RTI ConnextAnnouncing RTI Connext
Announcing RTI Connext
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
Big Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & VirtualizationBig Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & Virtualization
 
Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time Systems
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRB
 
Redrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierRedrawing the Cyber Defense Frontier
Redrawing the Cyber Defense Frontier
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part I
 
Service goes accessible_2013_sh
Service goes accessible_2013_shService goes accessible_2013_sh
Service goes accessible_2013_sh
 

Más de Raffael Marty

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's AdvantageRaffael Marty
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Raffael Marty
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIRaffael Marty
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousRaffael Marty
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousRaffael Marty
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationRaffael Marty
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedRaffael Marty
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at ScaleRaffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationRaffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationRaffael Marty
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big DataRaffael Marty
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data VisualizationRaffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityRaffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for SecurityRaffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 

Más de Raffael Marty (20)

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data Visualization
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 

Último

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Cloud Security - A Visibility Challenge

  • 1. Cloud Security A Visibility Challenge Raffael Marty - @zrlram UNAM 2010, Mexico City Wednesday, December 1, 2010
  • 2. Raffael Marty • Founder @ • Chief Security Strategist and Product Manager @ Splunk • Manager Solutions @ ArcSight • Intrusion Detection Research @ IBM Research • IT Security Consultant @ PriceWaterhouse Coopers Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 Logging as a Service 2 © by Raffael Marty Wednesday, December 1, 2010
  • 3. Agenda •Data Centers •Visibility and Big Data •The Cloud •Logging as a Service •A New Risk Landscape Logging as a Service 3 © by Raffael Marty Wednesday, December 1, 2010
  • 4. Data Centers 4 Wednesday, December 1, 2010
  • 5. 11.8 million servers in data centers “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 5 Wednesday, December 1, 2010
  • 6. Servers are used at only 15% of their capacity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 6 Wednesday, December 1, 2010
  • 7. 800 billion dollars spent yearly on purchasing and maintaining enterprise software 80% of enterprise software expenditure is on installation and maintenance of software “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 7 Wednesday, December 1, 2010
  • 8. Data centers consume up to 100 times more per square foot than a typical office building Data centers consume 1.5% of the USA’s electricity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 8 Wednesday, December 1, 2010
  • 9. From 2001 to 2006: • Number of servers doubled • Average power consumption per server quadrupled “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 9 Wednesday, December 1, 2010
  • 10. Green technologies can reduce energy costs by 50% “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 10 Wednesday, December 1, 2010
  • 11. The Cloud 11 Wednesday, December 1, 2010
  • 12. The Public Cloud IaaS - Infrastructure PaaS - Platform SaaS - Software Enterprise Infrastructure Services LaaS - Logging XaaS - DNS / RDBMS /... Raffael Marty - @zrlram 12 Wednesday, December 1, 2010
  • 13. Cloud “Features” • Almost infinite resources - on demand • Pay as you go • Elasticity - dynamic load allocation • Quality of service guarantees (SLAs) • Outsource non-core capabilities / responsibilities • Forces operations to streamline and automate • Availability of infrastructure services (load balancing, database, logging, etc.) • Enables higher availability - Provision in multiple data centers / multiple instances Raffael Marty - @zrlram 13 Wednesday, December 1, 2010
  • 14. Why Companies Move to the Cloud “If you move your data centre to a cloud provider, it will cost a tenth of the cost.” – Brian Gammage, Gartner Fellow “Using cloud infrastructures saves 18% to 29% before considering that you no longer need to buy for peak capacity” - George Reese, founder Valtira and enStratus “Web service providers offer APIs that enable developers to exploit functionality over the Internet, rather than delivering full-blown applications.” - Infoworld Raffael Marty - @zrlram 14 Wednesday, December 1, 2010
  • 15. Why Companies Move to the Cloud • Ecological considerations drive economical decisions • Increased Efficiency due to better use of resources • More predictable cost • IT staff can be freed up for other initiatives • Design with redundancy and failure tolerance needed • Automation is necessary, but is a good thing • Easy integration of services for non-core capabilities (RDBMS, Load balancing, etc.) Raffael Marty - @zrlram 15 Wednesday, December 1, 2010
  • 16. Changes in Security • The Good - Cloud homogeneity makes security auditing/testing simpler - Clouds enable automated security management - Redundancy / Disaster Recovery - Distributed denial of service (DDoS) protection • The Bad? - Loss of physical control - No more network-based Intrusion Detection - No data leak prevention (DLP) - Little network routing mechanisms Raffael Marty - @zrlram 16 Wednesday, December 1, 2010
  • 17. What Has Changed • Data Storage and Access - Isolation management / data multi-tenancy - Data retention issues - Data dispersal and international privacy laws ‣ EU Data Protection Directive and U.S. Safe Harbor program ‣ Exposure of data to foreign governments and data subpoenas • Processing Infrastructure - Application multi-tenancy - Reliance on hypervisors - Process isolation / Application sandboxes Raffael Marty - @zrlram 17 Wednesday, December 1, 2010
  • 18. Your New Risk Landscape 18 Wednesday, December 1, 2010
  • 19. Risk = (Threat, Vulnerability) • Shared resources • Hypervisor escaping • Using external services • Stored credentials Proprietary implementations can’t be examined - • Web ubiquity - Availability of services - Confidentiality of services • Malicious insiders • Data storage • Trusting vendor’s security model - Obtaining support for investigations - Inability to respond to audit findings Raffael Marty - @zrlram 19 Wednesday, December 1, 2010
  • 20. Visibility and Big Data 20 Wednesday, December 1, 2010
  • 21. Visibility Raffael Marty - @zrlram 21 Wednesday, December 1, 2010
  • 22. Visibility • Monitoring - Performance - Availability - Ephemeral Infrastructure IaaS - Similar to before • Security PaaS - Lack of Infrastructure - New Threats SaaS - Blind? - New Vulnerabilities - Different Risk Distribution Raffael Marty - @zrlram 22 Wednesday, December 1, 2010
  • 23. Application Visibility • If you can’t control the infrastructure, control your applications • Application logging - need guidelines - better tools - education of developers / students? • Challenges - how to centrally collect all the data - how to mine the data - how to use/understand the data See: Raffael Marty, “Cloud Application Logging for Forensics”, SAC 2011, Taipei. Raffael Marty - @zrlram 23 Wednesday, December 1, 2010
  • 24. Big Data • NoSQL • Distributed data stores • Distributed queues • Map reduce • ETL (Extract, Transform, Load) • ... Raffael Marty - @zrlram 24 Wednesday, December 1, 2010
  • 25. LaaS - Logging as a Service • Log collection Benefits • all data in one place • No installation • Great scalability • Log storage and management • Easy configuration • 7x24 availability • No maintenance • Pay as you go • index, storage, archive • Extremely fast log search across all your data • data source agnostic (no parsers) • innovative Web shell • API log access • oAuth authentication • always on Logging as a Service 25 © by Raffael Marty Wednesday, December 1, 2010
  • 26. “Logging Bus” Machines Mashups mobile-166 My syslog Users • Logs published to bus • Consumers read from bus Bus Individuals Mashups • Situational awareness Clouds Small businesses • Security forensics Data centers • Security monitoring Logging as a Service 26 © by Raffael Marty Wednesday, December 1, 2010
  • 27. Situational Awareness • Treemap • Protovis.JS • Size: Amount • Brightness: Variance • Color: Sensor • Shows: Scans - bright spots • Thanks to Chris Horsley Logging as a Service 27 © by Raffael Marty Wednesday, December 1, 2010
  • 28. Forensics mobile-166 My syslog Logging as a Service 28 © by Raffael Marty Wednesday, December 1, 2010
  • 29. Security Visualization www.secviz.org Logging as a Service 29 © by Raffael Marty Wednesday, December 1, 2010
  • 30. about.me/raffy loggly.com/signup 30 Wednesday, December 1, 2010