SlideShare une entreprise Scribd logo
1  sur  20
Télécharger pour lire hors ligne
CloudExpo Europe – London, January 2013




The Practitioners Guide to
Cloud Security

London, January 2013


Zohar Alon
@zoharalon
Co-Founder & CEO


                                Dome9 – Secure Your Cloud™
Me, and my company




 Zohar Alon – Co-Founder & CEO
 Creator of Check Point’s Provider-1 & SP product lines
 Over 20 years of security & IT experience.




                                                                       Cloud Server Security Management
                                                            Automate and centralize security across an unlimited
                                                          number of cloud, dedicated, and virtual private servers

                                       Dome9 – Secure Your Cloud™
What’s this?


Dome9 – Secure Your Cloud™
1 day and 86,000
            attempts later…



Dome9 – Secure Your Cloud™
There are more than 30 million
Cloud, VPS & Dedicated Servers
Most of these servers are vulnerable to attack
  – Admins leave ports open to connect to their servers
  – Hackers use these same open ports to gain access
Most of these servers’ security is unmanageable
  – Sprawled across multiple private & public clouds
  – Operating systems are a virtual buffet
Most of the ‘available’ security doesn’t work
  – Service providers lack expertise & focus to build it
  – Security vendors have business models that don’t fit
    and/or technology that doesn’t migrate and scale


                        Dome9 – Secure Your Cloud™
Who’s responsible for security?




                Dome9 – Secure Your Cloud™
The Practitioners Guide

      Part 1 – Responsibility
• Most don’t know who’s                                  Who’s Responsible?
  responsible for cloud security
   – 42% say they wouldn’t know
     if their cloud was hacked                       33%                               31%
   – 39% think their provider
     would tell them
• Security is everybody’s                                                36%
  responsibility
   – accept and share it!
• Security is your responsibility
   – Deal with it!                                  Customer                Provider             Both
                                                         Ponemon Cloud Security Research Study
                            Dome9 – Secure Your Cloud™
The Practitioners Guide

   Part 2 – Authentication
• If Anyone can login
  consider Multi-Factor
  authentication to
  harden access
• Simple mobile app
  integration, w/ QR
  code support & SMS
  backup
                   Dome9 – Secure Your Cloud™
Dome9 – Secure Your Cloud™
Dome9 – Secure Your Cloud™
The Practitioners Guide

                 Part 3 - WAF
• WAF: Web Application Firewall
   – Protects Web services, sites and applications
   – Monitor the requests to the web layer
   – Brute-force Login, Span Bots, SQL injections, etc.
• Easy to enable – No Install!
   – Provides added security layer w/o overhead
• Every Web App Will Use one
   – CloudFlare, Incapsula or Akamai
   – Bonus I – site is faster
   – Bonus II – DDOS mitigation capabilities
                        Dome9 – Secure Your Cloud™
The Practitioners Guide

              Part 4 – Log
• You saw how many insights we get from the
  logs. You need to store and analyze them.
• We use several vendors for this – each for a
  different use-case:
  – Splunk & SplunkStorm
  – SumoLogic
  – Loggly
  – LogEntries
                  Dome9 – Secure Your Cloud™
The Practitioners Guide

            Part 5 – Firewall
• Take Control on your security policies
   – You do much more when it comes to the office firewall
• Close All (admin) Ports – Open Dynamically
   – Open them only for whom, and for as long as is needed.
• Don’t rely on static scopes
   – Too much management overhead and risk.
• Aggregate & Centralize firewall management
   – Across regions, providers and applications
• At Dome9, we eat our own dog food
   – On Amazon, Verison’s Terrermark and Rackspace
                       Dome9 – Secure Your Cloud™
What happened here?




              Dome9 – Secure Your Cloud™
Dome9: How it Works
Automated Cloud Server Security

  Manage OS firewall (via
   Agent) and virtual firewall
   (via API) across all cloud
   servers

  Enable on-demand, time-
   based secure access leases
   per server, source & time
     Automatically close server
      access when lease expires

  Stop attackers from
   targeting open admin ports
   via brute force attacks and
   exploits
                          Dome9 – Secure Your Cloud™
Dome9 Central
Simplified Security Management




                                                    Time-Based Controls




                                                    1-Click Secure Access




                                                  Multi-Cloud Management




                     Dome9 – Secure Your Cloud™
Wrap Up

① Take Responsibility

② Harden Authentication

③ Use a Web Application Firewall

④ Log, Log, Log, Log, Log… and Analyze

⑤ Lockdown and Automate the Server Firewalls…
  with Dome9! 
                  Dome9 – Secure Your Cloud™
Q&A
Dome9 – Secure Your Cloud™
Thank You!

Zohar Alon, Zohar@dome9.com
       www.dome9.com
      Dome9 – Secure Your Cloud™
References and Links
• Firewall Management Service:
    – http://www.dome9.com/
    – https://secure.dome9.com/account/register?code=ecommerce
• MyDigipass 2 Factor Authentication Service:
    – https://www.mydigipass.com/
• Log Management Services:
    – Splunk Storm Service - https://www.splunkstorm.com/
    – Loggly - http://loggly.com/
    – LogEntries - https://logentries.com/
• WAF Services:
    – CloudFlare - https://www.cloudflare.com/
    – Incapsula - http://www.incapsula.com/
• Cloud Security Study:
http://www.dome9.com/wp-content/uploads/2011/11/Ponemon-Cloud-Security-Study.pdf

                                Dome9 – Secure Your Cloud™

Contenu connexe

En vedette

Attacks Based on Security Configurations
Attacks Based on Security ConfigurationsAttacks Based on Security Configurations
Attacks Based on Security ConfigurationsOnapsis Inc.
 
Checklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementChecklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementCloud Credential Council
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesAmazon Web Services
 
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...Puppet
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
 
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015Evident.io
 
5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses 5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses FireEye, Inc.
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点FireEye, Inc.
 
SecDevOps: The New Black of IT
SecDevOps: The New Black of ITSecDevOps: The New Black of IT
SecDevOps: The New Black of ITCloudPassage
 
what is cloud security(Basics)
what is cloud security(Basics)what is cloud security(Basics)
what is cloud security(Basics)Santhosh Kumar
 
Ten Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard OfTen Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard OfAdrian Sanabria
 
Meeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassageMeeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassageCloudPassage
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey  SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
 

En vedette (15)

Attacks Based on Security Configurations
Attacks Based on Security ConfigurationsAttacks Based on Security Configurations
Attacks Based on Security Configurations
 
Checklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementChecklist for Competent Cloud Security Management
Checklist for Competent Cloud Security Management
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
 
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...
PuppetConf 2016: Security Roadmap: How We Are Helping You When Everything is ...
 
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...
 
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
PCI Compliance on AWS - Evident.io @ AWS Pop-up Loft 2/26/2015
 
5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses 5 Reasons Cyber Attackers Target Small and Medium Businesses
5 Reasons Cyber Attackers Target Small and Medium Businesses
 
M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点M-Trends 2015 セキュリティ最前線からの視点
M-Trends 2015 セキュリティ最前線からの視点
 
SecDevOps: The New Black of IT
SecDevOps: The New Black of ITSecDevOps: The New Black of IT
SecDevOps: The New Black of IT
 
what is cloud security(Basics)
what is cloud security(Basics)what is cloud security(Basics)
what is cloud security(Basics)
 
Ten Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard OfTen Security Product Categories You've Probably Never Heard Of
Ten Security Product Categories You've Probably Never Heard Of
 
Meeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassageMeeting PCI DSS Requirements with AWS and CloudPassage
Meeting PCI DSS Requirements with AWS and CloudPassage
 
Dns2
Dns2Dns2
Dns2
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey  SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey
 
Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101
 

Plus de Newvewm

Entrepreneur un slideshow v6
Entrepreneur un slideshow v6Entrepreneur un slideshow v6
Entrepreneur un slideshow v6Newvewm
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud OutageNewvewm
 
Newvem's Utilization Heat Map
Newvem's Utilization Heat MapNewvem's Utilization Heat Map
Newvem's Utilization Heat MapNewvewm
 
Hitting Your Cloud’s Usage Sweet Spot
Hitting Your Cloud’s Usage Sweet SpotHitting Your Cloud’s Usage Sweet Spot
Hitting Your Cloud’s Usage Sweet SpotNewvewm
 
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud Adoption
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud AdoptionCloudpreneurs - McKinsey Reveals Fast Growth of Cloud Adoption
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud AdoptionNewvewm
 
Onavo aws summit 2012
Onavo   aws summit 2012Onavo   aws summit 2012
Onavo aws summit 2012Newvewm
 
ClickSoftware AWS Customer Case
ClickSoftware AWS Customer CaseClickSoftware AWS Customer Case
ClickSoftware AWS Customer CaseNewvewm
 
SaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleSaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleNewvewm
 
Hadoop & MapReduce
Hadoop & MapReduceHadoop & MapReduce
Hadoop & MapReduceNewvewm
 
Monitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureMonitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureNewvewm
 
OneHourTranslation - AWS Cloud Case Study
OneHourTranslation - AWS Cloud Case StudyOneHourTranslation - AWS Cloud Case Study
OneHourTranslation - AWS Cloud Case StudyNewvewm
 
Secure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorSecure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorNewvewm
 

Plus de Newvewm (12)

Entrepreneur un slideshow v6
Entrepreneur un slideshow v6Entrepreneur un slideshow v6
Entrepreneur un slideshow v6
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud Outage
 
Newvem's Utilization Heat Map
Newvem's Utilization Heat MapNewvem's Utilization Heat Map
Newvem's Utilization Heat Map
 
Hitting Your Cloud’s Usage Sweet Spot
Hitting Your Cloud’s Usage Sweet SpotHitting Your Cloud’s Usage Sweet Spot
Hitting Your Cloud’s Usage Sweet Spot
 
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud Adoption
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud AdoptionCloudpreneurs - McKinsey Reveals Fast Growth of Cloud Adoption
Cloudpreneurs - McKinsey Reveals Fast Growth of Cloud Adoption
 
Onavo aws summit 2012
Onavo   aws summit 2012Onavo   aws summit 2012
Onavo aws summit 2012
 
ClickSoftware AWS Customer Case
ClickSoftware AWS Customer CaseClickSoftware AWS Customer Case
ClickSoftware AWS Customer Case
 
SaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleSaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security Example
 
Hadoop & MapReduce
Hadoop & MapReduceHadoop & MapReduce
Hadoop & MapReduce
 
Monitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureMonitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud Infrastructure
 
OneHourTranslation - AWS Cloud Case Study
OneHourTranslation - AWS Cloud Case StudyOneHourTranslation - AWS Cloud Case Study
OneHourTranslation - AWS Cloud Case Study
 
Secure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorSecure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by Porticor
 

The Practitioners Guide to Cloud Security - Cloud Expo Europe 2013

  • 1. CloudExpo Europe – London, January 2013 The Practitioners Guide to Cloud Security London, January 2013 Zohar Alon @zoharalon Co-Founder & CEO Dome9 – Secure Your Cloud™
  • 2. Me, and my company Zohar Alon – Co-Founder & CEO Creator of Check Point’s Provider-1 & SP product lines Over 20 years of security & IT experience. Cloud Server Security Management Automate and centralize security across an unlimited number of cloud, dedicated, and virtual private servers Dome9 – Secure Your Cloud™
  • 3. What’s this? Dome9 – Secure Your Cloud™
  • 4. 1 day and 86,000 attempts later… Dome9 – Secure Your Cloud™
  • 5. There are more than 30 million Cloud, VPS & Dedicated Servers Most of these servers are vulnerable to attack – Admins leave ports open to connect to their servers – Hackers use these same open ports to gain access Most of these servers’ security is unmanageable – Sprawled across multiple private & public clouds – Operating systems are a virtual buffet Most of the ‘available’ security doesn’t work – Service providers lack expertise & focus to build it – Security vendors have business models that don’t fit and/or technology that doesn’t migrate and scale Dome9 – Secure Your Cloud™
  • 6. Who’s responsible for security? Dome9 – Secure Your Cloud™
  • 7. The Practitioners Guide Part 1 – Responsibility • Most don’t know who’s Who’s Responsible? responsible for cloud security – 42% say they wouldn’t know if their cloud was hacked 33% 31% – 39% think their provider would tell them • Security is everybody’s 36% responsibility – accept and share it! • Security is your responsibility – Deal with it! Customer Provider Both Ponemon Cloud Security Research Study Dome9 – Secure Your Cloud™
  • 8. The Practitioners Guide Part 2 – Authentication • If Anyone can login consider Multi-Factor authentication to harden access • Simple mobile app integration, w/ QR code support & SMS backup Dome9 – Secure Your Cloud™
  • 9. Dome9 – Secure Your Cloud™
  • 10. Dome9 – Secure Your Cloud™
  • 11. The Practitioners Guide Part 3 - WAF • WAF: Web Application Firewall – Protects Web services, sites and applications – Monitor the requests to the web layer – Brute-force Login, Span Bots, SQL injections, etc. • Easy to enable – No Install! – Provides added security layer w/o overhead • Every Web App Will Use one – CloudFlare, Incapsula or Akamai – Bonus I – site is faster – Bonus II – DDOS mitigation capabilities Dome9 – Secure Your Cloud™
  • 12. The Practitioners Guide Part 4 – Log • You saw how many insights we get from the logs. You need to store and analyze them. • We use several vendors for this – each for a different use-case: – Splunk & SplunkStorm – SumoLogic – Loggly – LogEntries Dome9 – Secure Your Cloud™
  • 13. The Practitioners Guide Part 5 – Firewall • Take Control on your security policies – You do much more when it comes to the office firewall • Close All (admin) Ports – Open Dynamically – Open them only for whom, and for as long as is needed. • Don’t rely on static scopes – Too much management overhead and risk. • Aggregate & Centralize firewall management – Across regions, providers and applications • At Dome9, we eat our own dog food – On Amazon, Verison’s Terrermark and Rackspace Dome9 – Secure Your Cloud™
  • 14. What happened here? Dome9 – Secure Your Cloud™
  • 15. Dome9: How it Works Automated Cloud Server Security  Manage OS firewall (via Agent) and virtual firewall (via API) across all cloud servers  Enable on-demand, time- based secure access leases per server, source & time  Automatically close server access when lease expires  Stop attackers from targeting open admin ports via brute force attacks and exploits Dome9 – Secure Your Cloud™
  • 16. Dome9 Central Simplified Security Management Time-Based Controls 1-Click Secure Access Multi-Cloud Management Dome9 – Secure Your Cloud™
  • 17. Wrap Up ① Take Responsibility ② Harden Authentication ③ Use a Web Application Firewall ④ Log, Log, Log, Log, Log… and Analyze ⑤ Lockdown and Automate the Server Firewalls… with Dome9!  Dome9 – Secure Your Cloud™
  • 18. Q&A Dome9 – Secure Your Cloud™
  • 19. Thank You! Zohar Alon, Zohar@dome9.com www.dome9.com Dome9 – Secure Your Cloud™
  • 20. References and Links • Firewall Management Service: – http://www.dome9.com/ – https://secure.dome9.com/account/register?code=ecommerce • MyDigipass 2 Factor Authentication Service: – https://www.mydigipass.com/ • Log Management Services: – Splunk Storm Service - https://www.splunkstorm.com/ – Loggly - http://loggly.com/ – LogEntries - https://logentries.com/ • WAF Services: – CloudFlare - https://www.cloudflare.com/ – Incapsula - http://www.incapsula.com/ • Cloud Security Study: http://www.dome9.com/wp-content/uploads/2011/11/Ponemon-Cloud-Security-Study.pdf Dome9 – Secure Your Cloud™