SlideShare une entreprise Scribd logo

Unified Protection for Multi-Cloud Infrastructure

MarketingArrowECS_CZ
MarketingArrowECS_CZ

Prezentace z konference Virtualization Forum 2019 Praha, 3.10.2019 Sál B

Technologie
1  sur  42
Télécharger pour lire hors ligne
Unified Protection for Multi-Cloud Infrastructure Tamas Barna CISSP, CISM, CCSP, Security+ Enterprise Technology Specialist, EMEA Cloud Infrastructure Security
2 Today’s Enterprise Landscape Transformations Applications and Infrastructures Cloud IaaS/PaaS Offices | Remote Sites Private Cloud On-Prem / Hosted SaaS Providers Business Acceleration
3 Hybrid Cloud: Data Centers and Service Transformation Physical Server Public Cloud Container and PaaS Monolithic Fixed Virtual Server Private Cloud Serverless Loosely Coupled
4 Hybrid Cloud: Resulting Challenges Physical Server Public Cloud Container and PaaS Monolithic Fixed Virtual Server Private Cloud Serverless Complexity, Speed & Shared Responsibilities Loosely CoupledComplete Visibility, Protection & Provisioning Shadow IT, Efficient Management & Compliance
5 Understanding Shared Responsibility Application Platform, Identity and Access Management Customer Data Provider Global Infrastructure (Regions, Availability Zones, Edge Locations) Storage Operating System, Network and Firewall Configuration Client side Data Encryption, Data Integrity Authentication Server-side Encryption (File System and/or data) Network Traffic Protection (Encryption/Integrity/Identity) Compute NetworkingDatabase Customer (Responsible for security ‘in’ the cloud) IaaS Provider (Responsible for security ‘of’ the cloud) PaaS Provider SaaS Provider
6 IaaS Fastest Growing Segment of Cloud Source: Gartner Forecasts Worldwide Public Cloud Revenue press release April 12, 2019 IaaS 35.9% CAGR SaaS 22.2% CAGR
7 IaaS—Securing Infrastructure and Apps Infrastructure 1 Detect and correct security misconfigurations 2 Detect and Secure Workloads and Containers Workloads and Containers 3 Protect the data in the apps Apps IaaS
8 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
9 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts
10 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Security Configuration Control
11 1. Security Configuration Audit Prevent regulated/high-value data being stored in the cloud. ▪ Continuously monitor IaaS security settings for misconfiguration.
12 1. Security Configuration Audit Prevent regulated/high-value data being stored in the cloud. ▪ As IaaS admins correct misconfigured settings, McAfee automatically resolves the incident.
13 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Shadow IaaS Control
14 2. Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Identify risky or unsanctioned IaaS platforms in use.
15 2. Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Enforce governance policies and coach users to approved IaaS platform.
16 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Visibility of Confidential Data Inside PaaS Storage
17 3. Visibility of Confidential Data Gain visibility of regulated/high-value data stored in AWS S3 and Azure Storage. ▪ Perform on-demand scans to identify sensitive or protected data stored in IaaS storage services.
18 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts User Behavior Analytics Forensics
19 4. Advanced Threat Protection Detect compromised accounts, insider threats, and malware. ▪ Threat funnel correlates multiple anomalies, minimizing false positives.
20 4. Advanced Threat Protection Detect compromised accounts, insider threats, and malware. ▪ No pre-defined policies or thresholds, automatic models based on activity.
21 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Categorizes 100s of activities into 13 categories for easy filtering/navigation.
22 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Expand the scope of an investigation and browse a geo-location map.
23 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Investigate activities for a specific user centered around an incident.
24 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ IP reputation to identify access by a malicious IP such as a TOR network.
25 IaaS—Securing Infrastructure Infrastructure 1 Detect and correct security misconfigurations 2 Detect and Secure Workloads and Containers Workloads and Containers 3 Protect the data in the Apps Apps IaaS
26 IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy Management IaaSLack of Workload and Container Visibility
27 Discover and Manage Multiple Public Cloud Accounts Security Controls Live Status with details Views: ▪ Workload ▪ Events ▪ VPC Issue Details Workload Count Take Action
28 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy ManagementWorkload/Container Inventory
29 Traffic & Network Visibility Graphical traffic analysis for both E-W & N-S traffic (traffic moving to, from, and between workloads) Correction • Shutdown • Update Firewall rules in AWS/Azure Security Groups Threat Events • Workload threats • Network threats Detection • GTI IP Reputation • Heuristics (Blocked E-W connections, Activity on high-risk ports) • Alerts from vNSP
30 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy ManagementAgent Installation & Security Configuration Single-Click Quarantine
31 Safeguard Workloads Quarantine Infected Workloads and Containers Identify malicious connections Reduce misconfiguration risk and increase initial remediation efficiency by nearly 90% Isolate workloads or containers
32 Auditing of Security best practices and Compliance checks Security assessment ▪ Industry standard security benchmarks like CIS Regulatory Compliance assessment ▪ Auditing of governance policies like PCI DSS, SOX, GLBA, HIPAA, FISMA.
33 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy Management Unified Policy Management and Reporting
34 Simplify ▪ Single security policy, single pane of glass console management across data center and public and private clouds with McAfee ePO. ▪ Automated policy management across all on-premise and off-premise infrastructure. ▪ APIs, automation and integration with Cloud tools e.g. Chef, Puppet. ▪ Efficient security management keeps operational expenses under control. ▪ Security smart enough to scale up and scale down with the load. Efficiently manage all security policies across on-premise and public, private and hybrid cloud environments. McAfee ePO Device Security | Data Protection Security Operations Center Network & Web Security | Cloud Workloads Security Native Security McAFEE
35 Secure Containers with CWS There are three ways to apply security for containers as of today in the market space: - Agent based (inside the container itself) - Ephemeral Proxy - Additional container as FW
36 Securing Containers using agentless approach • Repository Image vulnerability & antimalware scanning • Discovery Pods and Services within Kubernetes environment • Container Runtime Security • Continuous monitoring • Vulnerability Assessment • Access Protection • Application Control • Log management • CIS Benchmark Scanning – misconfiguration • Network Security – Container Firewall with Micro segmentation support • Compliance - AV as service, Access Protection, File Integrity Monitoring, Vulnerability Assessment • Host security (if supported OS is used) • Management– Monitoring, threat anomaly detection, Policy enforcement, Dashboards Kubernetes Node Dock er kubel et kube- proxy fluent d CNI Networ k Plugin Pod Pod API Scheduler Controller etcd A P I McAfee Security Pod Persisten t Storage (Policy & Events) Rule Enforcer (Network Policy) K8s API client API Server CWS - ePO Kubernetes Master DevOps
& McAfee. The device-to-cloud cybersecurity company.
38 3 Phases In a Common Cloud Breach 1. Land ▪ Gain first foothold into a 3rd parties VPC, and IaaS/PaaS real estate 2. Expand ▪ Find ways to move beyond the node on which the hacker landed in order to extract maximum value out of the breach 3. Exfiltrate ▪ Find ways to exfiltrate GBs of data while staying under the radar
39 Layered Container Security Validate Container Orchestration System Config (CSPM) Vulnerability Assessment for container components (Vulnerability Mgmt) App Level Visibility and Control (Zero Trust Security Model) Detect and remove known vulnerabilities Block Land Prevent Bad East West Traffic Block Exfiltrate Audit and monitor changes to infrastructure Block Expand
40 Layered Container Security Deep Visibility and Context • Rapid inventory of current applications, components and processes • Visual mapping of all traffic between applications and dependencies • Blast maps and capabilities to playback traffic for forensics Threat Detection • Modeling behavior of any app to detect Anomalies • Identification of backdoors in components • Identifying unknown processes with elevated privileges Seamless protection • Seamlessly operates across all platforms, with controls at app level • One click Security Policy generation – protect once, run anywhere • Light-weight operation and services ------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------
41 MVISION ePO Data / Web Protection “Nirvana for Cloud” McAfee Web Gateway / WGCS MVISION Cloud Cloud Workload Security (ePO) A solution built with CASB, DLP and Web components DLP CASB SWG A solution combining CWPP, CSPM and Micro- Segmentation 0-Trust CASB - IaaS CWS / Container
McAfee, the McAfee logo are trademarks or registered trademarks of McAfee LLC or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others. Copyright © 2017 McAfee LLC.

Recommandé

F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation ToolchainMarketingArrowECS_CZ
 
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITMarketingArrowECS_CZ
 
F5 Cloud Solutions
F5 Cloud SolutionsF5 Cloud Solutions
F5 Cloud SolutionsMarketingArrowECS_CZ
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 SolutionsMarketingArrowECS_CZ
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionMarketingArrowECS_CZ
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Inteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceInteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceMarketingArrowECS_CZ
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloadsRuncy Oommen
 

Recommandé

F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation ToolchainMarketingArrowECS_CZ
 
Jak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITJak využít cloudu pro zvýšení bezpečnosti vašeho IT
Jak využít cloudu pro zvýšení bezpečnosti vašeho ITMarketingArrowECS_CZ
 
F5 Cloud Solutions
F5 Cloud SolutionsF5 Cloud Solutions
F5 Cloud SolutionsMarketingArrowECS_CZ
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 SolutionsMarketingArrowECS_CZ
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionMarketingArrowECS_CZ
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Inteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceInteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceMarketingArrowECS_CZ
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloadsRuncy Oommen
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsSecure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsCloudPassage
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCarlos Andrés García
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAmazon Web Services
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloudPassage
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...Nur Shiqim Chok
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21Jorge Sebastiao
 
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraCheck Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraMarketingArrowECS_CZ
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the CloudCloudPassage
 
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014Risk Analysis Consultants, s.r.o.
 
Securing Your Cloud Transformation
Securing Your Cloud TransformationSecuring Your Cloud Transformation
Securing Your Cloud TransformationMarketingArrowECS_CZ
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
Cisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Canada
 
Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenMarketingArrowECS_CZ
 
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
 
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
 

Contenu connexe

Tendances

5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsSecure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsCloudPassage
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCarlos Andrés García
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAmazon Web Services
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloudPassage
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...Nur Shiqim Chok
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21Jorge Sebastiao
 
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraCheck Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraMarketingArrowECS_CZ
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the CloudCloudPassage
 
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014Risk Analysis Consultants, s.r.o.
 
Securing Your Cloud Transformation
Securing Your Cloud TransformationSecuring Your Cloud Transformation
Securing Your Cloud TransformationMarketingArrowECS_CZ
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
Cisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Canada
 
Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenMarketingArrowECS_CZ
 

Tendances (20)

5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsSecure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOps
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New Reality
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloud
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
 
AWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - IntelAWS Summit Auckland Sponsor Presentation - Intel
AWS Summit Auckland Sponsor Presentation - Intel
 
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO Successful
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
 
Cloud risk and business continuity v21
Cloud risk and business continuity v21Cloud risk and business continuity v21
Cloud risk and business continuity v21
 
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraCheck Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the Cloud
 
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
 
Securing Your Cloud Transformation
Securing Your Cloud TransformationSecuring Your Cloud Transformation
Securing Your Cloud Transformation
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
 
Cisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of Attack
 
Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heaven
 

Similaire à Unified Protection for Multi-Cloud Infrastructure

McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
 
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraRogerChaucaZea
 
Cloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsCloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsIndicThreads
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud ApplicationsIBM Security
 
Cloud security introduction
Cloud security introductionCloud security introduction
Cloud security introductionCalvin Lee
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSAmazon Web Services
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리Amazon Web Services Korea
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services
 
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...VMworld
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxTrongMinhHoang1
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAmazon Web Services
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 

Similaire à Unified Protection for Multi-Cloud Infrastructure (20)

McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
 
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 
Cloud Security:Threats & Mitgations
Cloud Security:Threats & MitgationsCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Cloud security introduction
Cloud security introductionCloud security introduction
Cloud security introduction
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
 
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...
VMworld 2013: Introduction to the vCloud Suite and the Software-Defined Data ...
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptx
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 

Plus de MarketingArrowECS_CZ

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfMarketingArrowECS_CZ
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?MarketingArrowECS_CZ
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaMarketingArrowECS_CZ
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceMarketingArrowECS_CZ
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeMarketingArrowECS_CZ
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle softwareMarketingArrowECS_CZ
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?MarketingArrowECS_CZ
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoMarketingArrowECS_CZ
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. částMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částMarketingArrowECS_CZ
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyMarketingArrowECS_CZ
 

Plus de MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Dernier

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Dernier (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Unified Protection for Multi-Cloud Infrastructure

  • 1. Unified Protection for Multi-Cloud Infrastructure Tamas Barna CISSP, CISM, CCSP, Security+ Enterprise Technology Specialist, EMEA Cloud Infrastructure Security
  • 2. 2 Today’s Enterprise Landscape Transformations Applications and Infrastructures Cloud IaaS/PaaS Offices | Remote Sites Private Cloud On-Prem / Hosted SaaS Providers Business Acceleration
  • 3. 3 Hybrid Cloud: Data Centers and Service Transformation Physical Server Public Cloud Container and PaaS Monolithic Fixed Virtual Server Private Cloud Serverless Loosely Coupled
  • 4. 4 Hybrid Cloud: Resulting Challenges Physical Server Public Cloud Container and PaaS Monolithic Fixed Virtual Server Private Cloud Serverless Complexity, Speed & Shared Responsibilities Loosely CoupledComplete Visibility, Protection & Provisioning Shadow IT, Efficient Management & Compliance
  • 5. 5 Understanding Shared Responsibility Application Platform, Identity and Access Management Customer Data Provider Global Infrastructure (Regions, Availability Zones, Edge Locations) Storage Operating System, Network and Firewall Configuration Client side Data Encryption, Data Integrity Authentication Server-side Encryption (File System and/or data) Network Traffic Protection (Encryption/Integrity/Identity) Compute NetworkingDatabase Customer (Responsible for security ‘in’ the cloud) IaaS Provider (Responsible for security ‘of’ the cloud) PaaS Provider SaaS Provider
  • 6. 6 IaaS Fastest Growing Segment of Cloud Source: Gartner Forecasts Worldwide Public Cloud Revenue press release April 12, 2019 IaaS 35.9% CAGR SaaS 22.2% CAGR
  • 7. 7 IaaS—Securing Infrastructure and Apps Infrastructure 1 Detect and correct security misconfigurations 2 Detect and Secure Workloads and Containers Workloads and Containers 3 Protect the data in the apps Apps IaaS
  • 8. 8 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts IaaS
  • 9. 9 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts
  • 10. 10 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Security Configuration Control
  • 11. 11 1. Security Configuration Audit Prevent regulated/high-value data being stored in the cloud. ▪ Continuously monitor IaaS security settings for misconfiguration.
  • 12. 12 1. Security Configuration Audit Prevent regulated/high-value data being stored in the cloud. ▪ As IaaS admins correct misconfigured settings, McAfee automatically resolves the incident.
  • 13. 13 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Shadow IaaS Control
  • 14. 14 2. Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Identify risky or unsanctioned IaaS platforms in use.
  • 15. 15 2. Managing Rogue IaaS Instances Discover shadow AWS usage and reclaim control of risky IaaS usage. ▪ Enforce governance policies and coach users to approved IaaS platform.
  • 16. 16 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts Visibility of Confidential Data Inside PaaS Storage
  • 17. 17 3. Visibility of Confidential Data Gain visibility of regulated/high-value data stored in AWS S3 and Azure Storage. ▪ Perform on-demand scans to identify sensitive or protected data stored in IaaS storage services.
  • 18. 18 Data Exfiltration Vectors—IaaS Infrastructure and Apps Compromised AccountsMisconfiguration Rogue User Confidential Data Leaks Rogue IaaS Accounts User Behavior Analytics Forensics
  • 19. 19 4. Advanced Threat Protection Detect compromised accounts, insider threats, and malware. ▪ Threat funnel correlates multiple anomalies, minimizing false positives.
  • 20. 20 4. Advanced Threat Protection Detect compromised accounts, insider threats, and malware. ▪ No pre-defined policies or thresholds, automatic models based on activity.
  • 21. 21 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Categorizes 100s of activities into 13 categories for easy filtering/navigation.
  • 22. 22 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Expand the scope of an investigation and browse a geo-location map.
  • 23. 23 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ Investigate activities for a specific user centered around an incident.
  • 24. 24 5. Activity Monitoring and Forensics Capture and categorize an audit trail of activity for forensic investigations. ▪ IP reputation to identify access by a malicious IP such as a TOR network.
  • 25. 25 IaaS—Securing Infrastructure Infrastructure 1 Detect and correct security misconfigurations 2 Detect and Secure Workloads and Containers Workloads and Containers 3 Protect the data in the Apps Apps IaaS
  • 26. 26 IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy Management IaaSLack of Workload and Container Visibility
  • 27. 27 Discover and Manage Multiple Public Cloud Accounts Security Controls Live Status with details Views: ▪ Workload ▪ Events ▪ VPC Issue Details Workload Count Take Action
  • 28. 28 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy ManagementWorkload/Container Inventory
  • 29. 29 Traffic & Network Visibility Graphical traffic analysis for both E-W & N-S traffic (traffic moving to, from, and between workloads) Correction • Shutdown • Update Firewall rules in AWS/Azure Security Groups Threat Events • Workload threats • Network threats Detection • GTI IP Reputation • Heuristics (Blocked E-W connections, Activity on high-risk ports) • Alerts from vNSP
  • 30. 30 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy ManagementAgent Installation & Security Configuration Single-Click Quarantine
  • 31. 31 Safeguard Workloads Quarantine Infected Workloads and Containers Identify malicious connections Reduce misconfiguration risk and increase initial remediation efficiency by nearly 90% Isolate workloads or containers
  • 32. 32 Auditing of Security best practices and Compliance checks Security assessment ▪ Industry standard security benchmarks like CIS Regulatory Compliance assessment ▪ Auditing of governance policies like PCI DSS, SOX, GLBA, HIPAA, FISMA.
  • 33. 33 Lack of Workload and Container Visibility IaaS Workload and Containers Challenges Malware and Viruses Difficulty Detecting Breaches Lack of Network Traffic Visibility Fragmented Policy Management Unified Policy Management and Reporting
  • 34. 34 Simplify ▪ Single security policy, single pane of glass console management across data center and public and private clouds with McAfee ePO. ▪ Automated policy management across all on-premise and off-premise infrastructure. ▪ APIs, automation and integration with Cloud tools e.g. Chef, Puppet. ▪ Efficient security management keeps operational expenses under control. ▪ Security smart enough to scale up and scale down with the load. Efficiently manage all security policies across on-premise and public, private and hybrid cloud environments. McAfee ePO Device Security | Data Protection Security Operations Center Network & Web Security | Cloud Workloads Security Native Security McAFEE
  • 35. 35 Secure Containers with CWS There are three ways to apply security for containers as of today in the market space: - Agent based (inside the container itself) - Ephemeral Proxy - Additional container as FW
  • 36. 36 Securing Containers using agentless approach • Repository Image vulnerability & antimalware scanning • Discovery Pods and Services within Kubernetes environment • Container Runtime Security • Continuous monitoring • Vulnerability Assessment • Access Protection • Application Control • Log management • CIS Benchmark Scanning – misconfiguration • Network Security – Container Firewall with Micro segmentation support • Compliance - AV as service, Access Protection, File Integrity Monitoring, Vulnerability Assessment • Host security (if supported OS is used) • Management– Monitoring, threat anomaly detection, Policy enforcement, Dashboards Kubernetes Node Dock er kubel et kube- proxy fluent d CNI Networ k Plugin Pod Pod API Scheduler Controller etcd A P I McAfee Security Pod Persisten t Storage (Policy & Events) Rule Enforcer (Network Policy) K8s API client API Server CWS - ePO Kubernetes Master DevOps
  • 37. & McAfee. The device-to-cloud cybersecurity company.
  • 38. 38 3 Phases In a Common Cloud Breach 1. Land ▪ Gain first foothold into a 3rd parties VPC, and IaaS/PaaS real estate 2. Expand ▪ Find ways to move beyond the node on which the hacker landed in order to extract maximum value out of the breach 3. Exfiltrate ▪ Find ways to exfiltrate GBs of data while staying under the radar
  • 39. 39 Layered Container Security Validate Container Orchestration System Config (CSPM) Vulnerability Assessment for container components (Vulnerability Mgmt) App Level Visibility and Control (Zero Trust Security Model) Detect and remove known vulnerabilities Block Land Prevent Bad East West Traffic Block Exfiltrate Audit and monitor changes to infrastructure Block Expand
  • 40. 40 Layered Container Security Deep Visibility and Context • Rapid inventory of current applications, components and processes • Visual mapping of all traffic between applications and dependencies • Blast maps and capabilities to playback traffic for forensics Threat Detection • Modeling behavior of any app to detect Anomalies • Identification of backdoors in components • Identifying unknown processes with elevated privileges Seamless protection • Seamlessly operates across all platforms, with controls at app level • One click Security Policy generation – protect once, run anywhere • Light-weight operation and services ------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------
  • 41. 41 MVISION ePO Data / Web Protection “Nirvana for Cloud” McAfee Web Gateway / WGCS MVISION Cloud Cloud Workload Security (ePO) A solution built with CASB, DLP and Web components DLP CASB SWG A solution combining CWPP, CSPM and Micro- Segmentation 0-Trust CASB - IaaS CWS / Container
  • 42. McAfee, the McAfee logo are trademarks or registered trademarks of McAfee LLC or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others. Copyright © 2017 McAfee LLC.