SlideShare une entreprise Scribd logo

Csa Summit 2017 - Un viaje seguro hacia la nube

CSA Argentina
CSA Argentina

This document discusses securing workloads in the cloud. It recommends a 4 step approach: 1) control the cloud perimeter with advanced threat prevention, 2) securely segment workloads inside the cloud, 3) manage consistent security policies across hybrid environments, and 4) automate security to match the dynamic nature of the cloud. The document promotes Check Point's vSEC product family for providing adaptive security that learns and scales with applications in private and public clouds.

Technologie
1  sur  25
Télécharger pour lire hors ligne
1©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. Lucas S. García | Security Engineer Ar Py Uy garcial@checkpoint.com UN VIAJE SEGURO HACIA LA NUBE
2©2017 Check Point Software Technologies Ltd. WELCOME TO THE CLOUD
3©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent FROM DATA CENTER TO CLOUD DATA CENTER ​WHAT USED TO TAKE WEEKS ​TAKES MINUTES WITH CLOUD CLOUD
4©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent THE CLOUD IS HERE SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION (Gartner) ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017 (IDC) GROWTH 40% OF IT BUDGETS WILL BE CLOUD- BASED BY 2018 (Forbes)
5©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent WHY CLOUD? ​AGILITY ​Fast to react ​ELASTICITY ​ ​Fasttogrow
6©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD FUNDAMENTALS Cloud is a shared environment Cloud is a connected environment Cloud is a dynamic environment Therefore, cloud is vulnerable and exposed…
7©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD SECURITY MUST BE ADAPTIVE Legacy Security Cloud Security Adding new application Add rule is a SHOWSTOPPER Adaptive policy is an ENABLER Security inside the cloud Network change is COMPLEX SDN integration is AUTOMATIC Application growth Replacing appliances is EXPENSIVE Auto-Scale is EFFORTLESS
8©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent 4 STEPS TO SECURE YOUR CLOUD BUCKLE UP
9©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #1: CONTROL THE CLOUD PERIMETER •Use advanced threat prevention at the cloud perimeter •Securely connect your cloud with your on-premise environment ​CLOUD ​ON-PREMISE
10©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #2: SECURE THE CLOUD FROM THE INSIDE •Micro-segment your cloud to control inside communication •Prevent lateral threats movement between applications App App App App
11©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS • Deploy unified security management for your hybrid cloud (On-Premise and Cloud) • Ensure policy consistency • Reduce operation cost ​CLOUD ​ON-PREMISE
12©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #4: AUTOMATE YOUR SECURITY Security should be as elastic and dynamic as your cloud • Auto-provisioned • Auto-scaled • Adaptive to changes
13©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 13©2017 Check Point Software Technologies Ltd.
14©2017 Check Point Software Technologies Ltd. CHECK POINT CLOUD SECURITY PRINCIPLES Utmost protection Adaptive Security Hybrid Infrastracture
15©2017 Check Point Software Technologies Ltd. THE vSEC FAMILY [Protected] Non-confidentialcontent ACI Consistent security policy and control across ALL Private and Public Clouds
16©2017 Check Point Software Technologies Ltd. vSEC ADVANCED PROTECTION Access Rule vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor
17©2017 Check Point Software Technologies Ltd. CISCO ACI [Protected] Non-confidentialcontent SECURITY INSIDE YOUR CLOUD Securing the datacenter from the inside is now simple with SDN Micro segment the datacenter with advanced protection between applications App App App App
18©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent ADAPTIVE SECURITY vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve. •Security that learns about application changes •Auto-scaled virtual security •Pay-as-you-grow for private and public cloud Telefonica: “vSEC adaptive security is a game changer.”
19©2017 Check Point Software Technologies Ltd. Check Point Access Policy Rule From To Application Action 3 Finance_App1 (vCenter Object) Database_Group (NSX SecGroup) MSSQL Allow 4 HR_App2 (Open StackObject) Finance_Group (ACI EndPoint Group) CRM Allow 5 User_ID SAP_App (AWS Object) SAP Allow ADAPTIVE SECURITY Reduce Firewall Tickets by 60%
20©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent SUCCESS More than 1,000 customers purchased vSEC in 2016 20©2017 Check Point Software Technologies Ltd.
21©2017 Check Point Software Technologies Ltd. XERO is a global online accounting firm servicing over 1M accounts in AWS vSEC secures all their accounts in AWS Allegiant makes leisure travel affordable vSEC secures their new NSX-based Private Cloud HAPPY CUSTOMERS [Protected] Non-confidentialcontent 21©2017 Check Point Software Technologies Ltd.
22©2017 Check Point Software Technologies Ltd. THE CYBER SECURITY ARCHITECTURE OF THE FUTURE THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT PREVENTION. Introducing
23©2017 Check Point Software Technologies Ltd. ONE SECURITY PLATFORM PREEMPTIVE THREAT PREVENTION CONSOLIDATED SYSTEM MOBILE CLOUD THREAT PREVENTION
24©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 24©2017 Check Point Software Technologies Ltd. Utmost Protection, Adaptive Security , Hybrid Infrastructure
25©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. THANK YOU Itai Greenberg | Head of Cloud Security BU

Recommandé

Csa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environmentsCsa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environments
CSA Argentina
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
CSA Argentina
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays
 
F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation Toolchain
MarketingArrowECS_CZ
 
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Dynatrace
 
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Priyanka Aash
 
DevOps Underground - DevOps Higher Maturity Levels
DevOps Underground - DevOps Higher Maturity LevelsDevOps Underground - DevOps Higher Maturity Levels
DevOps Underground - DevOps Higher Maturity Levels
kloia
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
DevOps.com
 

Recommandé

Csa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environmentsCsa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environments
CSA Argentina
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
CSA Argentina
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays
 
F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation Toolchain
MarketingArrowECS_CZ
 
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Smarter Monitoring for Highly Distributed Cloud Foundry Application Environme...
Dynatrace
 
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Priyanka Aash
 
DevOps Underground - DevOps Higher Maturity Levels
DevOps Underground - DevOps Higher Maturity LevelsDevOps Underground - DevOps Higher Maturity Levels
DevOps Underground - DevOps Higher Maturity Levels
kloia
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
DevOps.com
 
vSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
vSEC: bezpečnostní platforma pro privátní a veřejné cloudové službyvSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
vSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
MarketingArrowECS_CZ
 
Serverless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defendersServerless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defenders
James Wickett
 
Connecting Your SIEM Tool with Akamai Security Events
Connecting Your SIEM Tool with Akamai Security EventsConnecting Your SIEM Tool with Akamai Security Events
Connecting Your SIEM Tool with Akamai Security Events
Akamai Developers & Admins
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...
Lucy Huh Kerner
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security Solutions
NGINX, Inc.
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
DevOps.com
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server Databases
Red Gate Software
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIs
AaronLieberman5
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
DevOps.com
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
AaronLieberman5
 
Dynatrace: The untouchables - the Dynatrace offering here and now
Dynatrace: The untouchables - the Dynatrace offering here and nowDynatrace: The untouchables - the Dynatrace offering here and now
Dynatrace: The untouchables - the Dynatrace offering here and now
Dynatrace
 
What's New With PureSec | April 2019
What's New With PureSec | April 2019What's New With PureSec | April 2019
What's New With PureSec | April 2019
PureSec
 
Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017
James Wickett
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
DevSecOps with Confidence
DevSecOps with ConfidenceDevSecOps with Confidence
DevSecOps with Confidence
VMware Tanzu
 
Building and Adopting a Cloud-Native Security Program
Building and Adopting a Cloud-Native Security ProgramBuilding and Adopting a Cloud-Native Security Program
Building and Adopting a Cloud-Native Security Program
Priyanka Aash
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
VMware Tanzu
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
Netskope
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Anton Chuvakin
 
Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
Digital Transformation EXPO Event Series
 
Securing Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSECSecuring Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSEC
Check Point Software Technologies
 

Contenu connexe

Tendances

Serverless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defendersServerless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defenders
James Wickett
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...
Lucy Huh Kerner
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIs
AaronLieberman5
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
DevOps.com
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
AaronLieberman5
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 

Tendances (20)

vSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
vSEC: bezpečnostní platforma pro privátní a veřejné cloudové službyvSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
vSEC: bezpečnostní platforma pro privátní a veřejné cloudové služby
 
Serverless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defendersServerless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defenders
 
Connecting Your SIEM Tool with Akamai Security Events
Connecting Your SIEM Tool with Akamai Security EventsConnecting Your SIEM Tool with Akamai Security Events
Connecting Your SIEM Tool with Akamai Security Events
 
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security Solutions
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server Databases
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIs
 
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
 
Dynatrace: The untouchables - the Dynatrace offering here and now
Dynatrace: The untouchables - the Dynatrace offering here and nowDynatrace: The untouchables - the Dynatrace offering here and now
Dynatrace: The untouchables - the Dynatrace offering here and now
 
What's New With PureSec | April 2019
What's New With PureSec | April 2019What's New With PureSec | April 2019
What's New With PureSec | April 2019
 
Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
DevSecOps with Confidence
DevSecOps with ConfidenceDevSecOps with Confidence
DevSecOps with Confidence
 
Building and Adopting a Cloud-Native Security Program
Building and Adopting a Cloud-Native Security ProgramBuilding and Adopting a Cloud-Native Security Program
Building and Adopting a Cloud-Native Security Program
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
 

Similaire à Csa Summit 2017 - Un viaje seguro hacia la nube

Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
Bitglass
 
End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check Point
Harry Gunns
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
Mark Nunnikhoven
 
The good, the bad & the ugly of migrating hundreds of legacy applications to ...
The good, the bad & the ugly of migrating hundreds of legacy applications to ...The good, the bad & the ugly of migrating hundreds of legacy applications to ...
The good, the bad & the ugly of migrating hundreds of legacy applications to ...
QAware GmbH
 

Similaire à Csa Summit 2017 - Un viaje seguro hacia la nube (20)

Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
Head in the Clouds? Let’s get serious about how to benefit from Cloud platfor...
 
Securing Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSECSecuring Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSEC
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check Point
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнеса
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge Security
 
Smau Padova 2018 - Cisco
Smau Padova 2018 - CiscoSmau Padova 2018 - Cisco
Smau Padova 2018 - Cisco
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
 
Digitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředíDigitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředí
 
CheckPoint Software
CheckPoint SoftwareCheckPoint Software
CheckPoint Software
 
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
 
Pat Gelsinger - Welcome
Pat Gelsinger - WelcomePat Gelsinger - Welcome
Pat Gelsinger - Welcome
 
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...The good, the bad, and the ugly of migrating hundreds of legacy applications ...
The good, the bad, and the ugly of migrating hundreds of legacy applications ...
 
The good, the bad & the ugly of migrating hundreds of legacy applications to ...
The good, the bad & the ugly of migrating hundreds of legacy applications to ...The good, the bad & the ugly of migrating hundreds of legacy applications to ...
The good, the bad & the ugly of migrating hundreds of legacy applications to ...
 

Plus de CSA Argentina

Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
CSA Argentina
 
Csa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummiesCsa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummies
CSA Argentina
 
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Argentina
 

Plus de CSA Argentina (20)

7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v27o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
 
Cloud native y donde esta el piloto
Cloud native y donde esta el pilotoCloud native y donde esta el piloto
Cloud native y donde esta el piloto
 
Iam dev secops the infinity loop saga
Iam dev secops the infinity loop sagaIam dev secops the infinity loop saga
Iam dev secops the infinity loop saga
 
Presentacion DevSecOps Argentina
Presentacion DevSecOps ArgentinaPresentacion DevSecOps Argentina
Presentacion DevSecOps Argentina
 
Revista CSA LATAM FORUM 2019
Revista CSA LATAM FORUM 2019Revista CSA LATAM FORUM 2019
Revista CSA LATAM FORUM 2019
 
Cloud security adoption sophos
Cloud security adoption sophosCloud security adoption sophos
Cloud security adoption sophos
 
CSA LATAM FORUM - NETSKOPE
CSA LATAM FORUM - NETSKOPECSA LATAM FORUM - NETSKOPE
CSA LATAM FORUM - NETSKOPE
 
Hardening usuarios smartfense
Hardening usuarios smartfenseHardening usuarios smartfense
Hardening usuarios smartfense
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantec
 
Automated security analysis of aws clouds v1.0
Automated security analysis of aws clouds v1.0Automated security analysis of aws clouds v1.0
Automated security analysis of aws clouds v1.0
 
2018 cyberark evento cloud
2018 cyberark evento cloud2018 cyberark evento cloud
2018 cyberark evento cloud
 
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
 
Csa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummiesCsa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummies
 
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
 
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTEUNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
 
SECURITY AS A WAR - Infosecurity 2015
SECURITY AS A WAR - Infosecurity 2015SECURITY AS A WAR - Infosecurity 2015
SECURITY AS A WAR - Infosecurity 2015
 
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del ciso
 
Csa summit presentacion crozono
Csa summit presentacion crozonoCsa summit presentacion crozono
Csa summit presentacion crozono
 
Csa summit cloud security. tendencias de mercado
Csa summit cloud security. tendencias de mercadoCsa summit cloud security. tendencias de mercado
Csa summit cloud security. tendencias de mercado
 

Dernier

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Csa Summit 2017 - Un viaje seguro hacia la nube

  • 1. 1©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. Lucas S. García | Security Engineer Ar Py Uy garcial@checkpoint.com UN VIAJE SEGURO HACIA LA NUBE
  • 2. 2©2017 Check Point Software Technologies Ltd. WELCOME TO THE CLOUD
  • 3. 3©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent FROM DATA CENTER TO CLOUD DATA CENTER ​WHAT USED TO TAKE WEEKS ​TAKES MINUTES WITH CLOUD CLOUD
  • 4. 4©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent THE CLOUD IS HERE SECURITY SECURITY IS THE MAIN INHIBITOR FOR CLOUD ADOPTION (Gartner) ADOPTION 80% OF ENTERPRISES ARE COMMITTED TO CLOUD STRATEGY BY 2017 (IDC) GROWTH 40% OF IT BUDGETS WILL BE CLOUD- BASED BY 2018 (Forbes)
  • 5. 5©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent WHY CLOUD? ​AGILITY ​Fast to react ​ELASTICITY ​ ​Fasttogrow
  • 6. 6©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD FUNDAMENTALS Cloud is a shared environment Cloud is a connected environment Cloud is a dynamic environment Therefore, cloud is vulnerable and exposed…
  • 7. 7©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent CLOUD SECURITY MUST BE ADAPTIVE Legacy Security Cloud Security Adding new application Add rule is a SHOWSTOPPER Adaptive policy is an ENABLER Security inside the cloud Network change is COMPLEX SDN integration is AUTOMATIC Application growth Replacing appliances is EXPENSIVE Auto-Scale is EFFORTLESS
  • 8. 8©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent 4 STEPS TO SECURE YOUR CLOUD BUCKLE UP
  • 9. 9©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #1: CONTROL THE CLOUD PERIMETER •Use advanced threat prevention at the cloud perimeter •Securely connect your cloud with your on-premise environment ​CLOUD ​ON-PREMISE
  • 10. 10©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #2: SECURE THE CLOUD FROM THE INSIDE •Micro-segment your cloud to control inside communication •Prevent lateral threats movement between applications App App App App
  • 11. 11©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #3: MANAGE CONSISTENT SECURITY FOR HYBRID ENVIRONMENTS • Deploy unified security management for your hybrid cloud (On-Premise and Cloud) • Ensure policy consistency • Reduce operation cost ​CLOUD ​ON-PREMISE
  • 12. 12©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent STEP #4: AUTOMATE YOUR SECURITY Security should be as elastic and dynamic as your cloud • Auto-provisioned • Auto-scaled • Adaptive to changes
  • 13. 13©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 13©2017 Check Point Software Technologies Ltd.
  • 14. 14©2017 Check Point Software Technologies Ltd. CHECK POINT CLOUD SECURITY PRINCIPLES Utmost protection Adaptive Security Hybrid Infrastracture
  • 15. 15©2017 Check Point Software Technologies Ltd. THE vSEC FAMILY [Protected] Non-confidentialcontent ACI Consistent security policy and control across ALL Private and Public Clouds
  • 16. 16©2017 Check Point Software Technologies Ltd. vSEC ADVANCED PROTECTION Access Rule vSEC PROTECTS YOUR DATA AND APPLICATIONS WITH THE INDUSTRY’S BEST THREATS CATCH-RATE Next Generation Firewall Application and Data Security Advanced Threat Prevention Forensic Analysis Cloud Vendor
  • 17. 17©2017 Check Point Software Technologies Ltd. CISCO ACI [Protected] Non-confidentialcontent SECURITY INSIDE YOUR CLOUD Securing the datacenter from the inside is now simple with SDN Micro segment the datacenter with advanced protection between applications App App App App
  • 18. 18©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent ADAPTIVE SECURITY vSEC Adaptive Security instantly protects new applications and keeps them secure as they evolve. •Security that learns about application changes •Auto-scaled virtual security •Pay-as-you-grow for private and public cloud Telefonica: “vSEC adaptive security is a game changer.”
  • 19. 19©2017 Check Point Software Technologies Ltd. Check Point Access Policy Rule From To Application Action 3 Finance_App1 (vCenter Object) Database_Group (NSX SecGroup) MSSQL Allow 4 HR_App2 (Open StackObject) Finance_Group (ACI EndPoint Group) CRM Allow 5 User_ID SAP_App (AWS Object) SAP Allow ADAPTIVE SECURITY Reduce Firewall Tickets by 60%
  • 20. 20©2017 Check Point Software Technologies Ltd. [Protected] Non-confidentialcontent SUCCESS More than 1,000 customers purchased vSEC in 2016 20©2017 Check Point Software Technologies Ltd.
  • 21. 21©2017 Check Point Software Technologies Ltd. XERO is a global online accounting firm servicing over 1M accounts in AWS vSEC secures all their accounts in AWS Allegiant makes leisure travel affordable vSEC secures their new NSX-based Private Cloud HAPPY CUSTOMERS [Protected] Non-confidentialcontent 21©2017 Check Point Software Technologies Ltd.
  • 22. 22©2017 Check Point Software Technologies Ltd. THE CYBER SECURITY ARCHITECTURE OF THE FUTURE THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT PREVENTION. Introducing
  • 23. 23©2017 Check Point Software Technologies Ltd. ONE SECURITY PLATFORM PREEMPTIVE THREAT PREVENTION CONSOLIDATED SYSTEM MOBILE CLOUD THREAT PREVENTION
  • 24. 24©2017 Check Point Software Technologies Ltd. TRAVEL TO THE CLOUD IN FIRST CLASS [Protected] Non-confidentialcontent 24©2017 Check Point Software Technologies Ltd. Utmost Protection, Adaptive Security , Hybrid Infrastructure
  • 25. 25©2017 Check Point Software Technologies Ltd.©2017 Check Point Software Technologies Ltd. THANK YOU Itai Greenberg | Head of Cloud Security BU