SlideShare a Scribd company logo

Nimbo/Alert Logic - Azure in the Cloud

โ€ขDownload as PPT, PDFโ€ข
โ€ข
Alert Logic
Alert Logic

Johnathan Norman Nimbo/AL/Azure Event in a Box 01/27

Internet
1 of 21
Alert Logic โ€“ Azure Cloud Security Johnathan Norman Cloud Solutions Architect jnorman@alertlogic.com
Agenda โ€ข Key Findings: Cloud Security Report, Spring 2014 - Alert Logic Customer Data - Honeypot Research โ€ข Common Azure Security & Compliance Issues โ€ข Alert Logic for Azure - Log Manager - Threat Manager - Web Security Manager
Cloud Adoption is Gaining Momentum โ€ข Major Public cloud vendors predicted to eclipse $10B in revenue by 2015 โ€ข Oracle Cloud bookings increased by 35% in 2013 โ€ข Gartner predicts 60% of banking institutions to migrate to the cloud โ€ข Healthcare is expected to adopt cloud computing at a 21% year over year rate through 2017 โ€ข VDI (Desktop as a Service) market reached $13.4 billion in 2013
Over 2,800 Organizations Worldwide Trust Alert Logic Millions of devices secured 3.7 Petabytes of log data under management 8.5 Million security events correlated per day 40,000 incidents identified and reviewed per month
Threats in the Cloud are Increasing With Adoption โ€ข Increase in attack frequency โ€ข Traditional on-premises threats are now moving to the cloud โ€ข Majority of cloud incidents were related to web application attacks, brute force attacks, and vulnerability scans โ€ข Brute force attacks and vulnerability scans are now occurring at near-equivalent rates in both cloud and on-premises environments โ€ข Malware/Botnet is increasing year over year
Global Honeypot Network Why Honeypots? โ€ขHoneypots give us a unique data set โ€ขSimulates vulnerable systems without the risk of real data loss โ€ขGives the ability to collect intelligence from malicious attackers โ€ขAllows for collection of various different attacks based on system โ€ขHelps identify what industry specific targets are out there
Honeypot Findings https://www.alertlogic.com/wp-content/uploads/2014/08/alertlogic-HoneypotFindings2014-infographic.pdf
Common Azure Compliance & Security Issues Secure your code Know your scope Instance Isolation Shared Responsibility Storage Key Management 1 2 3 4 5 6 7
1- Secure Your Code โ€“ Implement SDL
1- Secure Your Code โ€“ Sharing is badโ€ฆ
2- Know Your Scope Web Traffic Web Role Web Role Azure Website Azure Website Azure Storage Azure Storage Traffic Manager
2 โ€“ Know your scope
3 โ€“ Instance Isolation worker rolesweb roles service endpoint service endpoint Virtual NetworkVirtual Network Web Traffic
4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2. Path = http://blah.storage.azure.com/public/xyz/foo.jpg 3. UploadToPath(Path);
4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2.) Return SAS (write/expires 5 min) and Path 3.) Authenticate & Upload
5 - Security in the Cloud is a Shared Responsibility Customer Responsibilit y Foundation Services Hosts โ€ข Logical network segmentation โ€ข Perimeter security services โ€ข External DDoS, spoofing, and scanning prevented โ€ข Hardened hypervisor โ€ข System image library โ€ข Root access for customer โ€ข Access management โ€ข Patch management โ€ข Configuration hardening โ€ข Security monitoring โ€ข Log analysis Apps โ€ข Secure coding and best practices โ€ข Software and virtual patching โ€ข Configuration management โ€ข Access management โ€ข Application level attack monitoring โ€ข Network threat detection โ€ข Security monitoring Networks Cloud Service Provider Responsibilit y Compute Storage DB Network http://azure.microsoft.com/en-us/support/trust-center/compliance/
Alert Logic โ€“Security Solutions
Security and Compliance is Challenging Skilled security resources are in high demand and hard to find Moving to cloud and hybrid IT environments brings different threats and complexities Maintaining continuous security and compliance is expensive
Applications Systems Networks Building a Security and Compliance Solution IDS Vulnerability Scanning Web Application Firewall Log Management Threat Intelligence Feeds SIEM Staff capable of: โ€ขProvisioning โ€ขMonitoring โ€ขConfiguration and tuning โ€ขResearching incidents, emerging threats, and defining remediation steps Big Data Analytics Products Automated Correlation and Analytics People & Process
Alert Logic Solutions Alert Logic Threat Managerโ„ข Alert Logic Web Security Managerโ„ข Alert Logic Log Managerโ„ข Alert Logic Unified Web User Interface Intrusion Detection & Vulnerability Scanning Log Management & Compliance Reporting Active Protection for Web Applications
Thank you.

Recommended

D do s_white_paper
D do s_white_paperD do s_white_paper
D do s_white_paper
Francisco Terrones Ramos
ย 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft Azure
K.Mohamed Faizal
ย 
Azure security
Azure securityAzure security
Azure security
Lalit Rawat
ย 
Cloud security
Cloud securityCloud security
Cloud security
Franรงois Boucher
ย 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
ย 
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaCloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Edureka!
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
ย 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
Bryan Starbuck
ย 

Recommended

D do s_white_paper
D do s_white_paperD do s_white_paper
D do s_white_paper
Francisco Terrones Ramos
ย 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft Azure
K.Mohamed Faizal
ย 
Azure security
Azure securityAzure security
Azure security
Lalit Rawat
ย 
Cloud security
Cloud securityCloud security
Cloud security
Franรงois Boucher
ย 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
ย 
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaCloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Edureka!
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
ย 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
Bryan Starbuck
ย 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
Tudor Damian
ย 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
Joseph Holbrook, Chief Learning Officer (CLO)
ย 
Seven Seas Technology
Seven Seas TechnologySeven Seas Technology
Seven Seas Technology
Unnikrishnan P
ย 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
ย 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
white paper
ย 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
ย 
Cloud Security
Cloud Security Cloud Security
Cloud Security
Giovanni Mazzeo
ย 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
David J Rosenthal
ย 
AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9
Amazon Web Services
ย 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Amazon Web Services
ย 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - Vocus
Amazon Web Services
ย 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And Data
Aidan Finn
ย 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
Amazon Web Services
ย 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
Amazon Web Services
ย 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
ย 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The Cloud
Mark Nunnikhoven
ย 
AWS Security
AWS Security AWS Security
AWS Security
Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
ย 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
RightScale
ย 
Integration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesIntegration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices Architectures
Apcera
ย 
AWS User Group - Security & Compliance
AWS User Group - Security & ComplianceAWS User Group - Security & Compliance
AWS User Group - Security & Compliance
Satish Kumar Natarajan
ย 
Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity Pro
John Horn
ย 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
Michele Leroux Bustamante
ย 

More Related Content

What's hot

Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
white paper
ย 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Amazon Web Services
ย 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
Amazon Web Services
ย 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
ย 

What's hot (20)

2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
ย 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
ย 
Seven Seas Technology
Seven Seas TechnologySeven Seas Technology
Seven Seas Technology
ย 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
ย 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
ย 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
ย 
Cloud Security
Cloud Security Cloud Security
Cloud Security
ย 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
ย 
AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9
ย 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
ย 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - Vocus
ย 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And Data
ย 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
ย 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
ย 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
ย 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The Cloud
ย 
AWS Security
AWS Security AWS Security
AWS Security
ย 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
ย 
Integration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesIntegration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices Architectures
ย 
AWS User Group - Security & Compliance
AWS User Group - Security & ComplianceAWS User Group - Security & Compliance
AWS User Group - Security & Compliance
ย 

Viewers also liked

Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity Pro
John Horn
ย 
Windows Azure Virtual Networks
Windows Azure Virtual NetworksWindows Azure Virtual Networks
Windows Azure Virtual Networks
ร–nder DeฤŸer
ย 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013
sqlserver.co.il
ย 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure Solution
Michele Leroux Bustamante
ย 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Ilyas F โ˜โ˜โ˜
ย 

Viewers also liked (11)

Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity Pro
ย 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
ย 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azure
ย 
Azure vnet connectivity solutions
Azure vnet connectivity solutionsAzure vnet connectivity solutions
Azure vnet connectivity solutions
ย 
Windows Azure Virtual Networks
Windows Azure Virtual NetworksWindows Azure Virtual Networks
Windows Azure Virtual Networks
ย 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013
ย 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure Solution
ย 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security Infographic
ย 
Azure Express Route
Azure Express RouteAzure Express Route
Azure Express Route
ย 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
ย 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
ย 

Similar to Nimbo/Alert Logic - Azure in the Cloud

Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...
Adewole Shitta-bey
ย 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
Amazon Web Services
ย 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Norm Barber
ย 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
Ajay Rathi
ย 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
ย 

Similar to Nimbo/Alert Logic - Azure in the Cloud (20)

Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...
ย 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
ย 
Presd1 10
Presd1 10Presd1 10
Presd1 10
ย 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
ย 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
ย 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
ย 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use Cases
ย 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
ย 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
ย 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
ย 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
ย 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
ย 
How secured and safe is Cloud?
How secured and safe is Cloud?How secured and safe is Cloud?
How secured and safe is Cloud?
ย 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
ย 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
ย 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
ย 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
ย 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
ย 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
ย 

More from Alert Logic

More from Alert Logic (20)

Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
ย 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
ย 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
ย 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
ย 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
ย 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
ย 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
ย 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
ย 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
ย 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
ย 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
ย 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
ย 
Security Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterSecurity Spotlight: Rent-A-Center
Security Spotlight: Rent-A-Center
ย 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
ย 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
ย 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
ย 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
ย 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
ย 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
ย 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
ย 

Recently uploaded

Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
ย 
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Delhi Call girls
ย 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
ย 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
ย 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
ย 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
ย 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Escorts Call Girls
ย 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
SUHANI PANDEY
ย 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
SUHANI PANDEY
ย 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
ย 
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
ย 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
gwenoracqe6
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
soniya singh
ย 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
ย 
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
ย 

Recently uploaded (20)

Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
ย 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
ย 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
ย 
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
Hireโ† Young Call Girls in Tilak nagar (Delhi) โ˜Ž๏ธ 9205541914 โ˜Ž๏ธ Independent Esc...
ย 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
ย 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
ย 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
ย 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
ย 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
ย 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
ย 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
ย 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
ย 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
ย 
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund โŸŸ 6297143586 โŸŸ Call Me For Genuine Sex Servi...
ย 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
ย 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
ย 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
ย 
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp ๐Ÿ“ž 8448380779 โœ…Call Girls In Mamura Sector 66 ( Noida)
ย 

Nimbo/Alert Logic - Azure in the Cloud

  • 1. Alert Logic โ€“ Azure Cloud Security Johnathan Norman Cloud Solutions Architect jnorman@alertlogic.com
  • 2. Agenda โ€ข Key Findings: Cloud Security Report, Spring 2014 - Alert Logic Customer Data - Honeypot Research โ€ข Common Azure Security & Compliance Issues โ€ข Alert Logic for Azure - Log Manager - Threat Manager - Web Security Manager
  • 3. Cloud Adoption is Gaining Momentum โ€ข Major Public cloud vendors predicted to eclipse $10B in revenue by 2015 โ€ข Oracle Cloud bookings increased by 35% in 2013 โ€ข Gartner predicts 60% of banking institutions to migrate to the cloud โ€ข Healthcare is expected to adopt cloud computing at a 21% year over year rate through 2017 โ€ข VDI (Desktop as a Service) market reached $13.4 billion in 2013
  • 4. Over 2,800 Organizations Worldwide Trust Alert Logic Millions of devices secured 3.7 Petabytes of log data under management 8.5 Million security events correlated per day 40,000 incidents identified and reviewed per month
  • 5. Threats in the Cloud are Increasing With Adoption โ€ข Increase in attack frequency โ€ข Traditional on-premises threats are now moving to the cloud โ€ข Majority of cloud incidents were related to web application attacks, brute force attacks, and vulnerability scans โ€ข Brute force attacks and vulnerability scans are now occurring at near-equivalent rates in both cloud and on-premises environments โ€ข Malware/Botnet is increasing year over year
  • 6. Global Honeypot Network Why Honeypots? โ€ขHoneypots give us a unique data set โ€ขSimulates vulnerable systems without the risk of real data loss โ€ขGives the ability to collect intelligence from malicious attackers โ€ขAllows for collection of various different attacks based on system โ€ขHelps identify what industry specific targets are out there
  • 8. Common Azure Compliance & Security Issues Secure your code Know your scope Instance Isolation Shared Responsibility Storage Key Management 1 2 3 4 5 6 7
  • 9. 1- Secure Your Code โ€“ Implement SDL
  • 10. 1- Secure Your Code โ€“ Sharing is badโ€ฆ
  • 11. 2- Know Your Scope Web Traffic Web Role Web Role Azure Website Azure Website Azure Storage Azure Storage Traffic Manager
  • 12. 2 โ€“ Know your scope
  • 13. 3 โ€“ Instance Isolation worker rolesweb roles service endpoint service endpoint Virtual NetworkVirtual Network Web Traffic
  • 14. 4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2. Path = http://blah.storage.azure.com/public/xyz/foo.jpg 3. UploadToPath(Path);
  • 15. 4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2.) Return SAS (write/expires 5 min) and Path 3.) Authenticate & Upload
  • 16. 5 - Security in the Cloud is a Shared Responsibility Customer Responsibilit y Foundation Services Hosts โ€ข Logical network segmentation โ€ข Perimeter security services โ€ข External DDoS, spoofing, and scanning prevented โ€ข Hardened hypervisor โ€ข System image library โ€ข Root access for customer โ€ข Access management โ€ข Patch management โ€ข Configuration hardening โ€ข Security monitoring โ€ข Log analysis Apps โ€ข Secure coding and best practices โ€ข Software and virtual patching โ€ข Configuration management โ€ข Access management โ€ข Application level attack monitoring โ€ข Network threat detection โ€ข Security monitoring Networks Cloud Service Provider Responsibilit y Compute Storage DB Network http://azure.microsoft.com/en-us/support/trust-center/compliance/
  • 18. Security and Compliance is Challenging Skilled security resources are in high demand and hard to find Moving to cloud and hybrid IT environments brings different threats and complexities Maintaining continuous security and compliance is expensive
  • 19. Applications Systems Networks Building a Security and Compliance Solution IDS Vulnerability Scanning Web Application Firewall Log Management Threat Intelligence Feeds SIEM Staff capable of: โ€ขProvisioning โ€ขMonitoring โ€ขConfiguration and tuning โ€ขResearching incidents, emerging threats, and defining remediation steps Big Data Analytics Products Automated Correlation and Analytics People & Process
  • 20. Alert Logic Solutions Alert Logic Threat Managerโ„ข Alert Logic Web Security Managerโ„ข Alert Logic Log Managerโ„ข Alert Logic Unified Web User Interface Intrusion Detection & Vulnerability Scanning Log Management & Compliance Reporting Active Protection for Web Applications

Editor's Notes

  1. Highest volume of attacks occurred in Europe Attacks against Microsoft DS accounted for over 51% of the overall attack vectors Database services have been a consistent target Underscores the importance of a defense in depth strategy for the need to secure your cloud infrastructure