Learn how to improve cloud security posture by using pre-built policies or writing custom policies. Perform real-time continuous monitoring of cloud infrastructure.
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Cloud Security 101 (Webinar Deck)
1. Jack Naglieri | Founder & CEO | jack.naglieri@runpanther.io
Cloud Security 101
2. Cloud Security 101 | Panther
Your Host
● Cloud security expert w/ 8+ years experience leading
detection efforts @ co’s like Yahoo & Airbnb
● Co-creator and core developer of StreamAlert
● Originally from D.C. area, now based (i.e. quarantined!) in
SF
Jack Naglieri
3. Cloud Security 101 | Panther
Agenda
1. Cloud Security - Why Now?
2. Panther Intro
3. Panther Cloud Security Deep Dive
4. Example Use Case
5. Q&A
4. Cloud Security 101 | Panther
In the era of COVID-19… reliance on
cloud computing is stronger than ever.
5. Cloud Security 101 | Panther
Organizations already
struggle to implement
proper cloud security–more
than 33 billion records were
exposed in 2018 and 2019.
6. Cloud Security 101 | Panther
Cloud misconfigurations
cost companies
worldwide nearly $5
trillion in 2018 and 2019.
2018
$1.76 T
2019
$3.18 T
7. Panther is a Cloud-Native SIEM
for Modern Security Teams
9. OVERVIEW
Panther runs fully on top of AWS services like
Lambda, ECS, DynamoDB, S3, Cognito, and more
Cloud Security 101 | Panther
10. CONCEPTS
A cloud component
RESOURCE
A Python function representing
the desired secure state of a
resource
POLICY
Notification of a policy failure
ALERT
Panther 101
19. Why?
● Credentials can be leaked
● Sensitive data can be exposed
Writing Custom Policies
Cloud Security 101 | Panther
SCENARIO: Detecting Public AMIs (Amazon Machine Image)
27. 1. Panther can help harden our cloud environments
2. Python Policies ensure Resources are secure
3. Panther includes 100+ built-in Policies
4. Automatic Remediation can fix insecure Resources
5. Get started today! https://docs.runpanther.io/quick-start
30. Subscription Tiers
Enterprise
Real-Time Log Analysis
Cloud Security and Remediation
Real-Time Alerting
Historical Search of Log Data
Powerful User Interface
200+ pre-built Rules and Policies
—Free—
+Basic Features
Self-hosted or SaaS
24 x 7 Support & Live Chat
150+ Premium Analysis Packs
Role-Based Access Control
SaaS Logs
—Contact Us—
Max scale and performance
Community
github.com/panther-labs/panther
Panther 101
33. RESOURCES
CloudTrail Config DynamoDB EC2VPC
ELB
GuardDuty IAM KMS RDS
S3
WAF
Redshift
SQS SNS
Write policies for any of the following resource types
Panther 101