Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Webcast Series #1: Continuous Security and Compliance Monitoring for Global IT Assets

3.281 visualizaciones

Publicado el

Learn to effectively navigate the risks, new regulations, and new technologies on your journey to a secure and compliant digital transformation with this Qualys webcast series.

In this webcast, Chris Carlson, Vice President of Product Management at Qualys, discussed how enterprises can achieve immediate visibility across on-premises, endpoint, and cloud IT environments with Qualys Cloud Platform and its powerful, natively integrated security and compliance applications.

You will learn how Qualys Cloud Platform allows you to:
• Have all of your data analyzed in real time
• Respond to threats immediately
• See the results in one place, in just seconds
• Protect your digital transformation efforts

Watch the on-demand recording: https://goo.gl/gC7jZR

Publicado en: Tecnología
  • Sé el primero en comentar

Webcast Series #1: Continuous Security and Compliance Monitoring for Global IT Assets

  1. 1. Continuous Security and Compliance Monitoring for Global IT Assets January 18, 2018 Chris Carlson VP, Product Management Qualys, Inc.
  2. 2. WannaCry: Observations of Qualys Threat Data Inadequate Patching timing: high severity vulnerabilities are taking 100+ days to patch/configure/correct Exploits and attacks patterns are speeding up and taking < 30 days on average (WannaCry was distributed in 26 days) 2
  3. 3. WannaCry (MS17-010) and VM Scanning Auth Scanning / Agent EternalBlue released New Auth Scanning / New Agent Deployment WannaCry Released Organizations doing continuous VM assessment with agent / authenticated scanning and aggressively patching were much less impacted by WannaCry 3
  4. 4. The core IT service areas must be improved Asset Identification, Monitoring all enterprise assets Alert Speed, Triage Accuracy, Enabling effective response Effective Vulnerability Remediation for real risks targeting individual environments (emergency) vs. commodity risks Asset & Configuration Management / Build Compliance Network Architecture and Segmentation gaps – on-premise, cloud and remote-users Observations of Qualys Threat Data 4
  5. 5. How? 5
  6. 6. Transition from Point-in-Time Assessments to Continuous Security and Compliance Monitoring 6
  7. 7. Why? What factors are driving this? • Rapidly reducing time from Vulnerability to Attack • Attacks shifting to organized crime and ransomware • Board-level / C-suite visibility and impact to security events • Digital Transformation is creating an IT Transformation Are you prepared? 7
  8. 8. Digital Transformation is Driving IT Transformation for Organizations Private Clouds Enterprise On Premise Remote End Users Internet Public Clouds 8
  9. 9. … But creates new Challenges for Security Private Clouds Enterprise On Premise Remote End Users Can’t scan remote users Don’t know how many assets you have Don’t know when those assets are running Credential issues / Authentication failures Monthly / weekly scanning too slow 9
  10. 10. End-to-end Security Architecture Automated Continuous Monitoring & Response Discovery On-Prem Cloud Mobile Devices OT/ICS IoT CMDB Inventory Prevention Security Hygiene Vulnerability Assessment Threat Prioritization Patch Management Configuration Assessment Detection Endpoint Activity Cloud Infra Monitoring Network Activity Response Security Orchestration Incident Response Quarantine NAC 10
  11. 11. Qualys Sensors Scalable, self-updating & centrally managed Physical Legacy data centers Corporate infrastructure Continuous security and compliance scanning Virtual Private cloud infrastructure Virtualized Infrastructure Continuous security and compliance scanning Cloud/Container Commercial IaaS & PaaS clouds Pre-certified in market place Fully automated with API orchestration Continuous security and compliance scanning Cloud Agents Light weight, multi- platform On premise, elastic cloud & endpoints Real-time data collection Continuous evaluation on platform for security and compliance Passive Passively sniff on network Real-time device discovery & identification Identification of APT network traffic Extract malware files from network for analysis API Integration with Threat Intel feeds CMDB Integration Log connectors 11
  12. 12. Qualys Cloud Agent Lightweight Software Agent (collects metadata only) On-Premise Servers, Public Cloud, Remote Endpoints Windows, Linux, Mac, AIX Delivers Multiple Security Functions in one Agent 12
  13. 13. Qualys Suite of Applications Central Management / API Efficient Network Usage (Delta Processing average) Qualys Platform Cloud Agent 50 - 350 KB / day Lightweight Metadata Acquisition Resources 1% CPU (tunable) 3 MB applicationWindows, Linux, Mac, AIX 13
  14. 14. Cloud Agent Extends Network Scanning No scan windows needed Find vulnerabilities faster Detect a fixed vulnerability faster No firewall changes or network impact Best for assets that can’t be scanned Unable to get credentials / authentication failures Remote / roaming user assets Remote systems that can’t be scanned Cloud / Elastic deployments Servers sensitive to port scans 14
  15. 15. Try and Manage Apps on one Cloud Agent End the fight with IT to deploy security agents!
  16. 16. DEMO 16
  17. 17. Selected Cloud Agent Deployments Ecommerce Company 1,200,000 scope (1M cloud + 150k users) Financial Services 270,000 Windows (8K/wk) Financial Services 25,000 user machines Ecommerce 65,000 ~ 95,000 AWS Oil Field Services 4,000 remote servers Rx30 Pharmacy Management 4,500 servers/users/cloud ACI Worldwide Payment Systems 1,500 servers/users 17
  18. 18. Global Pharmaceutical Company (Case Study) Challenges • No vulnerability visibility of user endpoint machines • Authenticated Scanning Failures on server machines • Windows – 20% Failure rates • Linux – 60% Failure rates • Weekly scanning created gaps in reporting • New IT initiative for AWS and Azure development difficult to scan • Deployed 75,000 Cloud Agents on user endpoints for continuous visibility both on and off the network • Deployed 20,000 Cloud Agents for on-premise servers to overcome their authentication failures • Cloud Agent finds new and fixed vulnerabilities faster than scanning • Building the Cloud Agent into gold cloud images Solutions Outcome Customer Global Pharmaceutical Company Industry Pharmaceutical Biopharmaceutical Life Sciences Qualys Applications 18
  19. 19. 1+ trillion Security Events 3+ billion IP Scans/Audits a Year 99.9996% Six Sigma Scanning Accuracy 250+ billion Data Points Indexed on Elasticsearch Clusters Single Pane of Glass Via dynamic and customizable dashboards and centrally managed, self-updating, integrated Cloud Apps 19
  20. 20. Thank You qualys.com/trial ccarlson@qualys.com 20

×