SlideShare une entreprise Scribd logo

Proteja sus datos en cualquier servicio Cloud y Web de forma unificada

Télécharger en tant que PPTX, PDF
Cristian Garcia G.
Cristian Garcia G.

The document discusses the need for cloud security solutions as cloud usage increases. It summarizes that the way people work has changed with access from any device at any time. More sensitive data is now stored in the cloud exposing it to new risks. It then provides an overview of the Netskope cloud security platform, highlighting its capabilities including visibility, data security, compliance, threat protection and ability to govern sanctioned and unsanctioned cloud applications and web usage from a single interface. Sample customers and use cases that Netskope addresses are also summarized.

Technologie
1  sur  36
Adopta el Cloud: SaaS o IaaS y WEB, con Seguridad de 360 grados! Alain Karioty, Director Regional LATAM 2018 © Netskope. All rights reserved.
The Way People Work Has Changed… Any place, any device, any time Instantaneous sharing and collaborating More sensitive data now in the cloud
Yesterday 3 Today 2018 © Netskope. All rights reserved.
42018 © Netskope. All rights reserved. There are 25,000+ enterprise cloud services today
1,200+ Cloud Services Per Enterprise – How Do They Get In? 52018 © Netskope. All rights reserved. 2% 78% 20%
© 2016 Netskope. All Rights Reserved. How Much of Your Business Data is in the Cloud? 6 33%
Web Transactions are More Complex 72018 © Netskope confidential. All rights reserved. Information Consumption Information Creation COMPLEXITY OF ACTIVITIES WEB “STATIC” CLOUD “API- DRIVEN” SOCIAL MEDIA BLOGS/ FORUMS SAAS IAAS WEB = Value of data
A Website Today is a Mixture of Different Destinations • Analysis was coarse-grained and did not distinguish destination URLs from 3rd and 4th party services • In this example, a visit to CNN.com looks like 46 different destinations 82018 © Netskope confidential. All rights reserved. DESTINATIONS VISITED 4611229
Data New Risks that Legacy Security Tools are Blind to 9 Disrupt Destroy Extort Exposure Access Theft INTERNAL RISK EXTERNAL RISK Sensitive data shared publicly Download to personal device Exfiltration via unsanctioned cloud Malware synced from the cloud to your premises Hybrid threats that use cloud and web Ransomware delivered from the cloud 2018 © Netskope. All rights reserved.
CASB – Cloud Access Security Broker 102018 © Netskope. All rights reserved. “CASB is a required security platform for organizations using cloud services.” VISIBILITY DATA SECURITY COMPLIANCE THREAT PROTECTION The Four Pillars of CASB Source: Gartner
CASB Capabilities 11 SaaS IaaS Web Analytics Policy Data Protection Threat Protection Any User Any Device Any Location Cloud-native, single interface for visibility and control of SaaS, IaaS, and Web 2018 © Netskope. All rights reserved.
2016 © Netskope. All rights reserved. Lack of visibility into cloud activity Why Threat Protection for the Cloud? 12 Increasing cloud usage Cloud apps are attractive to attackers For companies that inspect cloud services for malware, 57% find malware (Ponemon Institute) Threat protection one of four pillars of CASB functionality (Gartner Market Guide for CASBs)  >50% of cloud usage from outside corporate network  >50% of cloud access from sync clients and apps, not browsers  85% of companies allow cloud access from unmanaged devices  51% of employees using cloud services for work  33% of business data in the cloud  +1200 apps on average, with 98% unknown to IT  New cloud threats discovered by Netskope researchers  Cloud accelerates spread of malware and amplifies effects  Increased click-through on links to familiar cloud apps
2016 © Netskope. All rights reserved. Virlock Ransomware • Exhibits cloud malware fan-out • First polymorphic ransomware • Encrypts files and also infects same files • Cloud sharing and collaboration turn it into a ransomware worm 13
2016 © Netskope. All rights reserved. Social Engineering + Cloud Sharing = “Click” 14
Safely enable unsanctioned SaaS, IaaS, and web Create category-level and context-based policies Block risky activities Skipping this step may lead to user revolt and a decrease in productivity Safely enable sanctioned SaaS and IaaS Adaptive access control Granular policies/workflows Data loss prevention Threat protection Encryption The Cloud Security Journey in Phases 15 Unsanctioned and optionally blocked Block risky services Coach users Discover / assess SaaS, IaaS, and web risks Sanctioned 2018 © Netskope. All rights reserved.
10 Highest-Impact CASB Use Cases 2018 © Netskope. All rights reserved. Netskope confidential.
Use Case #1 Get a consolidated view of your cloud usage and risk exposure
Use Case #2 Use a layered approach to data protection in the cloud
Use Case #3 Get visibility and control of unmanaged devices
Use Case #4 Remove public shares of sensitive data
Use Case #5 Prevent data exfiltration from sanctioned to unsanctioned cloud services
Use Case #6 Safely enable cloud services instead of blocking them outright
Use Case #7 Coach users away from risky cloud services
Use Case #8 Ensure GDPR compliance in the cloud
Use Case #9 Protect sensitive data in Amazon S3 buckets Confidential PCI-DSS PHI PII
Use Case #10 Protect against cloud-based malware and ransomware • Quarantine malware in sanctioned cloud services • Stop malware to and from all cloud services • Remediate post- ransomware infections • Detect anomalous behavior • Malicious insider activities to potential account hijacking
Netskope – Overview
28© 2017 Netskope. All Rights Reserved. ‣ Customers include some of the largest organizations across industries: retail • financial services • healthcare • oil and gas • manufacturing • media • automotive credit card processing • high tech • insurance • hospitality • consulting The largest Box, Google, O365, Slack users worldwide ‣ Discover apps and assess risk ‣ Safely enable sanctioned apps ‣ Govern all (i.e. unsanctioned) apps and data ‣ ~480 employees globally, including Americas, throughout Europe, and Asia-Pacific ‣ Early architects/executives from Palo Alto Networks, NetScreen, Cisco, McAfee, VMware ‣ 50+ patent claims granted, 100+ patents pending Customers TeamWhat We Do ‣ Financially independent – backers include the top venture firms in the world Investors
Sample Customers – Largest Enterprises in the World HIGH TECH FINANCIAL HEALTHCARE/LIFE SCIENCES OIL & GAS RETAIL/HOSPITALITY MANUFACTURING UTILITY OTHERGOVERNMENT 2017 © Netskope. All rights reserved. Netskope confidential. 29
Netskope Cloud Security Platform 302018 © Netskope confidential. All rights reserved. Started with controls for cloud services like Box, Office 365, and thousands of unsanctioned services Extended to social media and IaaS/PaaS Customers demanded granular control Added controls for web: • Natural extension of platform • Web is now written using APIs • Need for unified proxy, unified policies Internet traffic organizations care about
DETECTION ENGINES 1010 11010 11010 1101 110 Advanced, Comprehensive Threat Protection 31 REAL-TIME PROTECTION • Pre-filter • Anti virus • Global threat intelligence • Malicious site detection • Threat intelligence derived from deep protection scans DEEP PROTECTION • Cloud sandbox • Heuristic analysis • Ransomware detection • Anomaly detection QUARANTINE NETSKOPE THREAT RESEARCH LABS Award-winning and industry-recognized threat research team • Proactive threat research • Custom engines • Threat intelligence generation • Globally distributed honeypots SaaS API IaaS Web SaaS Inline
2017 CASB Analyst Reports 322018 © Netskope. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Netskope. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publicationsconsist of the opinionsof Gartner's research organization and should not be construed as statements of fact. Gartner disclaimsall warranties, expressed or implied, with respect to this research, includingany warranties of merchantability or fitness for a particularpurpose. * Gartner Magic Quadrant for Cloud Access Security Brokers, Craig Lawson and Steve Riley, November 2017
The Netskope Advantage 33 2017 © Netskope. All rights reserved. Netskope confidential. Only CASB built to safely enable unsanctioned, yet permitted, thousands of cloud services, and Web in an unified security platform Award-winning cloud DLP provides broadest and most accurate coverage on thousands of sanctioned and unsanctioned cloud and web services The most comprehensive cloud-specific threat protection Uniquely architected to cover the widest range of use cases
342018 © Netskope. All rights reserved. Summary Cloud security is top of mind for enterprises Start with use cases that are important to you A CASB like Netskope can help you be secure
Questions latam@netskope.com 2017 © Netskope. All rights reserved.
362018 © Netskope confidential. All rights reserved. Netskope is Smart Cloud Security

Recommandé

Business Continuity and app Security
Business Continuity and app Security Business Continuity and app Security
Business Continuity and app Security
Cristian Garcia G.
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
Cristian Garcia G.
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Susanne Tedrick
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
Iftikhar Ali Iqbal
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
Cristian Garcia G.
 

Recommandé

Business Continuity and app Security
Business Continuity and app Security Business Continuity and app Security
Business Continuity and app Security
Cristian Garcia G.
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
Cristian Garcia G.
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Susanne Tedrick
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
Iftikhar Ali Iqbal
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
Cristian Garcia G.
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Secure
scoopnewsgroup
 
Inteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceInteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformace
MarketingArrowECS_CZ
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la Cibersegu
Cristian Garcia G.
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
Giuseppe Paterno'
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
GARL
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
michaelbasoah
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
AccuKnox
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
Priyanka Aash
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate Overview
Stephen Bates
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
Kyle Watson
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service Providers
Cisco Security
 
Palo Alto Networks - Magnifier
Palo Alto Networks - MagnifierPalo Alto Networks - Magnifier
Palo Alto Networks - Magnifier
Jisc
 
01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx
ssuser4c54af
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
Netskope
 

Contenu connexe

Tendances

Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
michaelbasoah
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
Kyle Watson
 

Tendances (20)

How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Secure
 
Inteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformaceInteligentní ochrana osobních údajů v procesu digitální transformace
Inteligentní ochrana osobních údajů v procesu digitální transformace
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la Cibersegu
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate Overview
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service Providers
 
Palo Alto Networks - Magnifier
Palo Alto Networks - MagnifierPalo Alto Networks - Magnifier
Palo Alto Networks - Magnifier
 

Similaire à Proteja sus datos en cualquier servicio Cloud y Web de forma unificada

Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019
African Cyber Security Summit
 

Similaire à Proteja sus datos en cualquier servicio Cloud y Web de forma unificada (20)

01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx
 
5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases5 Highest-Impact CASB Use Cases
5 Highest-Impact CASB Use Cases
 
Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)
 
FullDay Faeder on Friday
FullDay Faeder on Friday FullDay Faeder on Friday
FullDay Faeder on Friday
 
FullDay on Fridays Feb. 3, 2017
FullDay on Fridays Feb. 3, 2017FullDay on Fridays Feb. 3, 2017
FullDay on Fridays Feb. 3, 2017
 
Improving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & SecurityImproving Cloud Visibility, Accountability & Security
Improving Cloud Visibility, Accountability & Security
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud Security
 
Cloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeCloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the Hype
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019
 
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba EraThe Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
 
Forcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptxForcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptx
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?
 
Blocking Viral SaaS Adoption is Blocking Innovation - Novosco & Amplipahe
Blocking Viral SaaS Adoption is Blocking Innovation - Novosco & AmplipaheBlocking Viral SaaS Adoption is Blocking Innovation - Novosco & Amplipahe
Blocking Viral SaaS Adoption is Blocking Innovation - Novosco & Amplipahe
 
Cloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityCloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & Security
 
Digital Transformation is Cloud-Powered
Digital Transformation is Cloud-PoweredDigital Transformation is Cloud-Powered
Digital Transformation is Cloud-Powered
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – Data
 
Cloud Seeding
Cloud SeedingCloud Seeding
Cloud Seeding
 
How to Power Innovation with Geo-Distributed Data Management in Hybrid Cloud
How to Power Innovation with Geo-Distributed Data Management in Hybrid CloudHow to Power Innovation with Geo-Distributed Data Management in Hybrid Cloud
How to Power Innovation with Geo-Distributed Data Management in Hybrid Cloud
 

Plus de Cristian Garcia G.

Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Cristian Garcia G.
 

Plus de Cristian Garcia G. (20)

Making App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyMaking App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously Easy
 
Ciberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCiberseguridad Alineada al Negocio
Ciberseguridad Alineada al Negocio
 
Reducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadReducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridad
 
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Symantec Enterprise Cloud
Symantec Enterprise CloudSymantec Enterprise Cloud
Symantec Enterprise Cloud
 
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
 
Protección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterProtección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-Datacenter
 
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoLa Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
 
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
 
Gestión de la Exposición
Gestión de la ExposiciónGestión de la Exposición
Gestión de la Exposición
 
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoUn enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
 
La crisis de identidad que se avecina
La crisis de identidad que se avecinaLa crisis de identidad que se avecina
La crisis de identidad que se avecina
 
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoSimplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
 
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
 
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCStay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
 
La evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteLa evolución de IBM Qradar Suite
La evolución de IBM Qradar Suite
 
Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD
 
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
 

Dernier

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Dernier (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Proteja sus datos en cualquier servicio Cloud y Web de forma unificada

  • 1. Adopta el Cloud: SaaS o IaaS y WEB, con Seguridad de 360 grados! Alain Karioty, Director Regional LATAM 2018 © Netskope. All rights reserved.
  • 2. The Way People Work Has Changed… Any place, any device, any time Instantaneous sharing and collaborating More sensitive data now in the cloud
  • 3. Yesterday 3 Today 2018 © Netskope. All rights reserved.
  • 4. 42018 © Netskope. All rights reserved. There are 25,000+ enterprise cloud services today
  • 5. 1,200+ Cloud Services Per Enterprise – How Do They Get In? 52018 © Netskope. All rights reserved. 2% 78% 20%
  • 6. © 2016 Netskope. All Rights Reserved. How Much of Your Business Data is in the Cloud? 6 33%
  • 7. Web Transactions are More Complex 72018 © Netskope confidential. All rights reserved. Information Consumption Information Creation COMPLEXITY OF ACTIVITIES WEB “STATIC” CLOUD “API- DRIVEN” SOCIAL MEDIA BLOGS/ FORUMS SAAS IAAS WEB = Value of data
  • 8. A Website Today is a Mixture of Different Destinations • Analysis was coarse-grained and did not distinguish destination URLs from 3rd and 4th party services • In this example, a visit to CNN.com looks like 46 different destinations 82018 © Netskope confidential. All rights reserved. DESTINATIONS VISITED 4611229
  • 9. Data New Risks that Legacy Security Tools are Blind to 9 Disrupt Destroy Extort Exposure Access Theft INTERNAL RISK EXTERNAL RISK Sensitive data shared publicly Download to personal device Exfiltration via unsanctioned cloud Malware synced from the cloud to your premises Hybrid threats that use cloud and web Ransomware delivered from the cloud 2018 © Netskope. All rights reserved.
  • 10. CASB – Cloud Access Security Broker 102018 © Netskope. All rights reserved. “CASB is a required security platform for organizations using cloud services.” VISIBILITY DATA SECURITY COMPLIANCE THREAT PROTECTION The Four Pillars of CASB Source: Gartner
  • 11. CASB Capabilities 11 SaaS IaaS Web Analytics Policy Data Protection Threat Protection Any User Any Device Any Location Cloud-native, single interface for visibility and control of SaaS, IaaS, and Web 2018 © Netskope. All rights reserved.
  • 12. 2016 © Netskope. All rights reserved. Lack of visibility into cloud activity Why Threat Protection for the Cloud? 12 Increasing cloud usage Cloud apps are attractive to attackers For companies that inspect cloud services for malware, 57% find malware (Ponemon Institute) Threat protection one of four pillars of CASB functionality (Gartner Market Guide for CASBs)  >50% of cloud usage from outside corporate network  >50% of cloud access from sync clients and apps, not browsers  85% of companies allow cloud access from unmanaged devices  51% of employees using cloud services for work  33% of business data in the cloud  +1200 apps on average, with 98% unknown to IT  New cloud threats discovered by Netskope researchers  Cloud accelerates spread of malware and amplifies effects  Increased click-through on links to familiar cloud apps
  • 13. 2016 © Netskope. All rights reserved. Virlock Ransomware • Exhibits cloud malware fan-out • First polymorphic ransomware • Encrypts files and also infects same files • Cloud sharing and collaboration turn it into a ransomware worm 13
  • 14. 2016 © Netskope. All rights reserved. Social Engineering + Cloud Sharing = “Click” 14
  • 15. Safely enable unsanctioned SaaS, IaaS, and web Create category-level and context-based policies Block risky activities Skipping this step may lead to user revolt and a decrease in productivity Safely enable sanctioned SaaS and IaaS Adaptive access control Granular policies/workflows Data loss prevention Threat protection Encryption The Cloud Security Journey in Phases 15 Unsanctioned and optionally blocked Block risky services Coach users Discover / assess SaaS, IaaS, and web risks Sanctioned 2018 © Netskope. All rights reserved.
  • 16. 10 Highest-Impact CASB Use Cases 2018 © Netskope. All rights reserved. Netskope confidential.
  • 17. Use Case #1 Get a consolidated view of your cloud usage and risk exposure
  • 18. Use Case #2 Use a layered approach to data protection in the cloud
  • 19. Use Case #3 Get visibility and control of unmanaged devices
  • 20. Use Case #4 Remove public shares of sensitive data
  • 21. Use Case #5 Prevent data exfiltration from sanctioned to unsanctioned cloud services
  • 22. Use Case #6 Safely enable cloud services instead of blocking them outright
  • 23. Use Case #7 Coach users away from risky cloud services
  • 24. Use Case #8 Ensure GDPR compliance in the cloud
  • 25. Use Case #9 Protect sensitive data in Amazon S3 buckets Confidential PCI-DSS PHI PII
  • 26. Use Case #10 Protect against cloud-based malware and ransomware • Quarantine malware in sanctioned cloud services • Stop malware to and from all cloud services • Remediate post- ransomware infections • Detect anomalous behavior • Malicious insider activities to potential account hijacking
  • 28. 28© 2017 Netskope. All Rights Reserved. ‣ Customers include some of the largest organizations across industries: retail • financial services • healthcare • oil and gas • manufacturing • media • automotive credit card processing • high tech • insurance • hospitality • consulting The largest Box, Google, O365, Slack users worldwide ‣ Discover apps and assess risk ‣ Safely enable sanctioned apps ‣ Govern all (i.e. unsanctioned) apps and data ‣ ~480 employees globally, including Americas, throughout Europe, and Asia-Pacific ‣ Early architects/executives from Palo Alto Networks, NetScreen, Cisco, McAfee, VMware ‣ 50+ patent claims granted, 100+ patents pending Customers TeamWhat We Do ‣ Financially independent – backers include the top venture firms in the world Investors
  • 29. Sample Customers – Largest Enterprises in the World HIGH TECH FINANCIAL HEALTHCARE/LIFE SCIENCES OIL & GAS RETAIL/HOSPITALITY MANUFACTURING UTILITY OTHERGOVERNMENT 2017 © Netskope. All rights reserved. Netskope confidential. 29
  • 30. Netskope Cloud Security Platform 302018 © Netskope confidential. All rights reserved. Started with controls for cloud services like Box, Office 365, and thousands of unsanctioned services Extended to social media and IaaS/PaaS Customers demanded granular control Added controls for web: • Natural extension of platform • Web is now written using APIs • Need for unified proxy, unified policies Internet traffic organizations care about
  • 31. DETECTION ENGINES 1010 11010 11010 1101 110 Advanced, Comprehensive Threat Protection 31 REAL-TIME PROTECTION • Pre-filter • Anti virus • Global threat intelligence • Malicious site detection • Threat intelligence derived from deep protection scans DEEP PROTECTION • Cloud sandbox • Heuristic analysis • Ransomware detection • Anomaly detection QUARANTINE NETSKOPE THREAT RESEARCH LABS Award-winning and industry-recognized threat research team • Proactive threat research • Custom engines • Threat intelligence generation • Globally distributed honeypots SaaS API IaaS Web SaaS Inline
  • 32. 2017 CASB Analyst Reports 322018 © Netskope. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Netskope. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publicationsconsist of the opinionsof Gartner's research organization and should not be construed as statements of fact. Gartner disclaimsall warranties, expressed or implied, with respect to this research, includingany warranties of merchantability or fitness for a particularpurpose. * Gartner Magic Quadrant for Cloud Access Security Brokers, Craig Lawson and Steve Riley, November 2017
  • 33. The Netskope Advantage 33 2017 © Netskope. All rights reserved. Netskope confidential. Only CASB built to safely enable unsanctioned, yet permitted, thousands of cloud services, and Web in an unified security platform Award-winning cloud DLP provides broadest and most accurate coverage on thousands of sanctioned and unsanctioned cloud and web services The most comprehensive cloud-specific threat protection Uniquely architected to cover the widest range of use cases
  • 34. 342018 © Netskope. All rights reserved. Summary Cloud security is top of mind for enterprises Start with use cases that are important to you A CASB like Netskope can help you be secure
  • 36. 362018 © Netskope confidential. All rights reserved. Netskope is Smart Cloud Security

Notes de l'éditeur

  1. The move to the cloud has exposed limitations in existing security controls. In the past, data was controlled mostly by IT and stored inside a protected perimeter.  Remote access to the data was permission-based and almost always through a VPN. Threats were focused on the network and endpoint. With a defined perimeter IT was able to tightly control access. Fast forward to today….the business leads where data is created and stored.  Remote use is expected and happens outside of IT’s controls. The focus is on speed to market, collaboration, sharing and business enablement with security lagging behind. As a result, use cases have evolved beyond what legacy tools understand. Examples include cloud to cloud data movement, direct to cloud access, advanced cloud threats, access from unmanaged devices and more. Enterprises need a cloud native solution that understands this new way people work and how to secure data in a borderless world.
  2. The real question, though, is how much of your data is in these apps? What do you think? [build] Last year we did a study with Ponemon to examine the impact the cloud has on the probability and economic impact of a data breach. One of the question we asked IT and security professionals was how much business data they believe is in the cloud. Their (self-reported) estimate is about 30 percent. [build] Whether it’s 30 percent or more than that, it’s only going up from here.
  3. This transition to the cloud brings with it new challenges and new risks. Users are creating and storing your data in thousands of cloud services potentially exposing your sensitive business data like trade secrets, intellectual property, customer information, PII, PHI, etc. The reality is traditional security tools were not designed to protect the different ways users move and share data in the cloud. So let’s look at some specific cloud security use cases. Users are sharing sensitive data publicly directly from services like OneDrive, Box and personal instances of apps Users are accessing data from remote or risky locations without IT permission Users are exfiltrating data by moving it directly from one cloud service to another….and without the data touching the endpoint Uses are Downloading data to personal or BYOD devices In addition, malicious actors are trying to disrupt business with advanced cloud threats like Malware, encrypting files with ransomware, and hijacking cloud credentials to steal data. The good news is the Netskope platform was designed to address all of these new risks even for the most advanced cloud security use cases.
  4. Netskope is a cloud access security broker positioned as a leader in the Gartner Magic Quadrant. We are the only standalone vendor remaining in the leader’s quadrant and positioned the furthest right for completeness of vision. Netskope has also been named a leader by IDC while receiving numerous awards from other industry analysts. Netskope’s mission is to provide a unified, cloud-native security platform covering all SaaS, IaaS and Web traffic. As I go through this presentation I plan to show you that…. Netskope is most comprehensive CASB solution covering the most cloud services Netskope provides true 360 degree data protection even when users are remote And Netskope addresses both basic and advanced cloud security use cases with no blind spots So let’s get going
  5. So let me transition to talk more specifically about the Netskope solution. Netskope’s cloud security platform is a cloud native solution designed to be a single point of control for all SaaS, IaaS and Web traffic. Netskope is unique in that provides granular policy enforcement, comprehensive data protection, advanced threat protection and risk analytics for thousands of cloud services. Most other CASB solutions are limited to a small subset of cloud services and typically require course grain blocking as part of their solution. At the heart of the Netskope’s enablement platform is a patented CloudXD engine providing unparalleled granular control (extreme definition) of user activity for cloud and web. This granular control allows Netskope customers to securely enable cloud services without being forced into binary allow or block decisions. And finally, with Netskope’s advanced cloud architectures, customers can secure any user regardless of device - managed or unmanaged, and from any location – on-premises or remote. In fact, Netskope protection for remote users applies to thousands of cloud services regardless of their access method (mobile apps, sync clients, browser and desktop apps). This is a key differentiator versus other CASB solutions.
  6. A question we get frequently is how do I start thinking about deploying a CASB like Netskope.  We call this the cloud security journey in phases. Phase 1 is a discovery of cloud services in your environment along with determining risk using the Netskope Cloud Confidence Index. Here we start to correlate risk with usage and build the foundation for understanding the type of cloud policies that will be required in phases 2 and 3. Phase 2 is focused on sanctioned cloud services with a combination of API (data-at-rest) and real-time controls.  Think of apps like OneDrive, Box, AWS and ServiceNow. Phase 3 is when we transition to full governance including business and user-led cloud services.  In this phase we deploy real-time, data-in-motion controls for all cloud services.  This phase is a big differentiator of Netskope allowing you to securely enable cloud services…..rather than blocking. Our customers have deployed these phases in a number of different combinations.  Some have started out with phase 1 or just phase 2…while others have started with all 3.  It is really driven by your use cases and your requirements.  What’s important to know is Netskope can grow as your cloud security needs grow.
  7. • Walk through app analytics and CCI • Walk through Introspection dashboard
  8. • Walk through app analytics and CCI • Walk through Introspection dashboard
  9. The final use case is centered around providing granular visibility and control of users connecting to IT-led cloud services from personal devices. Demo script • Disable Netskope client • Show inline policy to block downloads of PCI from Box when on an unmanaged device • Login to Okta and launch Box (pint out reverse proxy) • Attempt to download Credit Cards.pdf from Box and show block
  10. - The 1st use case is centered around sensitive data loss with a focus on accuracy and precision. Netskope’s award-winning Cloud DLP provides more than 25 out of the box templates to cover compliance regimens ranging from PCI to GDPR. In addition, Netskope’s DLP supports advanced features like fingerprinting and exact match and when you combine those with context you get unparalleled accuracy and pre - Let’s look at a common example (demo fingerprinting of document and showcase similarity matching) Demo Script • Go to Policies > DLP > Profiles and show 25 out-of-the-box compliance templates • Show a form with filled in data how this is an example of content that you may want to protect. You can use an out-of-the-box compliance template like PII, but that can lead to false positives • Show DLP rule config by going to Policies > DLP > Fingerprint Classification > Rules and select the profile with the fingerprinted form data. Talk about how Netskope supports advanced features like fingerprinting with similarity matching. Show a black form that is fingerprinted and then when data gets filled in it will be caught. • To show fingerprinting in action, this is a good segue to the next use case
  11. The 2nd use case is a common one across Netskope’s customer base and is often cause for great concern.  This is the scenario when a user uses their corporate credentials to login to a sanctioned cloud service like Box and download sensitive data.  That alone is probably OK because that is why you sanctioned Box in the first place.  However, what the user does next is scary.  After they download the data from the corporate Box, they turn around and upload that data to their personal cloud app. This is problematic because this present s a big blind spot. A CASB like Netskope has the unique ability to see all cloud transactions in real time and understand activities across both sanctioned and unsanctioned and can both detection data exfiltration taking place alert security folks, or can prevent it altogether since we are a control point between the users and the cloud services they are accessing. Demo Script (bonus is to use form data specific to customer) • Show data exfiltration anomaly with form data going form Box to Dropbox and how Netskope can prevent this without requiring you to block Dropbox • Briefly show allow and block policies we setup in previous use case. Reiterate that this policy sequence allows the form data going to sanctioned Box and another that blocks it going to any unsanctioned cloud storage, webmail, or collaboration app (thousands of apps) • Attempt to upload a filled in form that has to Dropbox and show block
  12. - The next use case is one of the next steps many enterprises want to take after discovering cloud services in use and assessing risk.  This is all about putting granular controls in place to safely enable cloud services instead of being forced to block them.   - This is a big shift in security strategy from the old days of blocking as much as you can on your perimeter security device.  In today’s cloud environment, blocking everything is usually not a good strategy as users and lines of business often rely on cloud services to be more productive and get their job done - In this example, let’s look at a financial firm in NYC where the CISO had a catch-22.  Does he try to block social media so that his firm is not at risk for FINRA compliance issues related to users sharing their opinion via social media about a public company or stock?  Or does he accept the risk and let users use social media because culturally it is the right thing to do, not to mention that folks from marketing and support need it for their job? - This is where a CASB like Netskope enables this CISO to have their cake and eat it too.  They don’t have to block social media apps altogether, but instead can leverage granular policies and advanced CASB features to block risky activities instead. Demo Script • Walk through DLP rule that has keywords “guarantee” and “recommend”, custom keyword dictionaries that include public company names and stock symbols, and boolean operator that brings everything together. Name it FINRA Compliance. • Walk through inline policy that blocks posts to social media with the FINRA Compliance rule from users in Finance • Attempt to post “guarantee AAPl will do well in Q4” into Twitter and show block • Go to Incident Management and show trigger words • Mention how this enabled the company to safely enable social media instead of being forced to block it.
  13. The final use case is centered around providing granular visibility and control of users connecting to IT-led cloud services from personal devices. Demo script • Disable Netskope client • Show inline policy to block downloads of PCI from Box when on an unmanaged device • Login to Okta and launch Box (pint out reverse proxy) • Attempt to download Credit Cards.pdf from Box and show block
  14. - The next use case is one of the next steps many enterprises want to take after discovering cloud services in use and assessing risk.  This is all about putting granular controls in place to safely enable cloud services instead of being forced to block them.   - This is a big shift in security strategy from the old days of blocking as much as you can on your perimeter security device.  In today’s cloud environment, blocking everything is usually not a good strategy as users and lines of business often rely on cloud services to be more productive and get their job done - In this example, let’s look at a financial firm in NYC where the CISO had a catch-22.  Does he try to block social media so that his firm is not at risk for FINRA compliance issues related to users sharing their opinion via social media about a public company or stock?  Or does he accept the risk and let users use social media because culturally it is the right thing to do, not to mention that folks from marketing and support need it for their job? - This is where a CASB like Netskope enables this CISO to have their cake and eat it too.  They don’t have to block social media apps altogether, but instead can leverage granular policies and advanced CASB features to block risky activities instead. Demo Script • Walk through DLP rule that has keywords “guarantee” and “recommend”, custom keyword dictionaries that include public company names and stock symbols, and boolean operator that brings everything together. Name it FINRA Compliance. • Walk through inline policy that blocks posts to social media with the FINRA Compliance rule from users in Finance • Attempt to post “guarantee AAPl will do well in Q4” into Twitter and show block • Go to Incident Management and show trigger words • Mention how this enabled the company to safely enable social media instead of being forced to block it.
  15. • Talk about Monsanto use case • Netskope provides both API and inline support for Amazon AWS and S3 • Show Introspection policy to alert on PCI in S3 buckets • Open credit cards.pdf to show credit card numbers and drag to an S3 bucket • Show saved queries in SkopeIT and also point out EC2 activities covered
  16. - The 5th use case is tied to threat protection.  It turns out that the cloud presents a major threat vector when it comes to hiding and propagating various strains of malware like ransomware.  - One common scenario is when you have a cloud storage environment with a combination of shared folders and sync clients.  That environment is great for users because it gives them anytime, anywhere, access to their data.  It is also a great environment for malware because once malware gets into a sync client or a shared folder it spreads rapidly and can infect unsuspecting users.  We can this the attack of the malware fan out. - A CASB like Netskope has build in cloud-centric malware protection with the ability to leverage the API deployment to scan content repositories of sanctioned cloud services for the presence of malware and quarantine that malware and can leverage an inline deployment to stop malware from making its way to its destination Demo Script • Talk about the strength of our threat protection with malware protection, anomaly detection, and ransomware remediation • Drag a malware file to a Box sync folder and show block (put malware back to Box) • Attempt to email malware file using Outlook and show block • Go to Dashboard > Risk > Threat Protection > Malware, select last 90 days and show Gen.Malware.Detect.By.Sandbox • Show Gen.Ransomware.Variant.ns, click on it, and show how you can restore
  17. We are a global company with more than 480 people. Our technical and leadership team are former distinguished engineers, principal architects, and executives from companies such as Palo Alto Networks, Juniper/NetScreen, Cisco, McAfee/IntruVert, VMware, and more. We have a track record of innovation, amassing more than 40 patent claims across four categories. We have strong technology integrations and partnerships with Microsoft, Box, Google, Dropbox, and more, and supportive channel partners who lead in their respective fields. Our investors are top Silicon Valley venture capitalists who are early investors in some of the most important and transformational IT and cloud companies in the world. In short, we are a well-funded, well-positioned leader in the market.
  18. Netskope has the most advanced threat protection platform of any CASB solution including a first of a kind Cloud Threat Research Lab. Netskope’s comprehensive solution includes real-time protection using AV, malicious site detection, global threat intelligence and more advanced “deep protection” like cloud sandboxing, heuristics, ransomware detection and more. And because Netskope can see all cloud and web traffic, there are no blind spots for threats.
  19. Netskope is a cloud access security broker positioned as a leader in the Gartner Magic Quadrant. We are the only standalone vendor remaining in the leader’s quadrant and positioned the furthest right for completeness of vision. Netskope has also been named a leader by IDC while receiving numerous awards from other industry analysts. Netskope’s mission is to provide a unified, cloud-native security platform covering all SaaS, IaaS and Web traffic. As I go through this presentation I plan to show you that…. Netskope is most comprehensive CASB solution covering the most cloud services Netskope provides true 360 degree data protection even when users are remote And Netskope addresses both basic and advanced cloud security use cases with no blind spots So let’s get going
  20. • So why are the largest enterprises in the world choosing Netskope? • It really comes down to four primary reasons First, Netskope is the only CASB that can address use cases tied to safely enabling unsanctioned or Shadow IT cloud services. Other CASBs cannot address this use case because they were not architected with the ability to provide granular visibility and control of thousands of cloud services Their DLP is limited to dozens of apps, not the thousands required to adequately protect against sensitive data loss in unsanctioned cloud services They don’t understand the language of the cloud. They can’t differentiate between corporate and personal instances of cloud apps and don’t have a policy engine that can adequately deal with thousands of cloud services with support for category-level policies with both allow and block actions. Next is Netskope’s award-winning cloud DLP. Protecting against sensitive data loss in the cloud is a big use case, and Netskope’s DLP is far ahead of the competition when it comes to breadth of app coverage and accuracy of inspection results. Netskope also provides the most comprehensive cloud-specific threat protection. Backed by the Netskope Threat Research labs, our ability to find and stop various strains of malware like ransomware in the cloud and even help you remediate post infection, separates us from other CASBs that provide rudimentary threat protection capabilities. Last, but certainly not least is our ability to comprehensively cover customer use cases in a way that other CASBs simply cannot. Our platform was architected with flexible deployment options that enable you to optionally take a crawl-walk-run approach to cloud security and start with Discovery or a friction-less deployment like API Introspection. • You can then grow into a more advanced deployment method and go inline using a number of configurations to achieve real-time visibility and control with comprehensive coverage for users on premises, mobile, and remote and accessing browsers, mobile apps, desktop apps, and sync clients. The net-net is that we are architected to uniquely cover your use cases today and tomorrow.
  21. Final thought…