SlideShare a Scribd company logo

Workshop: Threat Intelligence - Part 1

Priyanka Aash
Priyanka Aash

Workshop: Threat Intelligence - Part 1 (Technology Taxonomy For Cloud Security,Key Components Of Cloud Security Architecture,Blue Print To Build Your Cloud Security Program,Basics Of Cloud Security Access Brokers)

Technology
1 of 14
Cloud Access Security Brokers Bikash Barai Co-founder, iViZ
Challenges with SaaS/Cloud • Sanctioned IT: Lack of user behavior visibility, audit trail, ability to encrypt/secure, ability to directly prevent threats • Shadow IT: No visibility or control
CASB • Cloud Access Security Brokers (CASBs) are security enforcement points between consumers and service providers that apply security controls to access cloud services – Data Security/Encryption – Visibility – Threat Protection – Compliance Image Source: Cloud Access Security Broker (CASB): A pattern for secure access to cloud services EDUARDO B. FERNANDEZ et al
SaaS Security Gaps Sanctioned SaaS • Lack of User Behavior visibility • Lack of Audit trails • Lack of automated threat prevention • Lack of data protection controls Shadow IT • No visibility of what’s being used • Risk of compliance breaches • No threat prevention • No data protection mechanism
CASB Use Cases • Approved SaaS Applications – CRM, Office Suites, IT Ops management • Shadow IT – Discovery, Risk Scoring, Visibility and Compliance
CASB Taxonomy Product Feature Metrics Visibility Deployment Options Cloud On Premise Hybrid Content Aware User Device Location Compliance Policy Enforcement Policy control DLP Policy Methods SIEM Integration MDM Integration Data Security Tokenization Data Encryption Threat Prevention Anomaly Detection Shadow IT Sanctioned Apps
CASB Taxonomy - Simpler Visibility • Deployment Options • Cloud • On Premise • Hybrid • Content Aware • User • Device • Location Compliance • SOCA • SOC-2 • FIPS 140-2 • ISO 27001 by Default • Policy Enforcement Policy control • DLP • SIEM Integration • MDM Integration • Policy Methods • Single sign on for Cloud Apps Data Security • Tokenization • Data Encryption • Antimalware • Sandbox malware review Threat Prevention • Anomaly Detection • Shadow IT • Sanctioned Apps
Key Capabilities • Logging and Auditing • Alerting • Authentication • Access Control • Encryption and tokenization • Discovery and risk rating of cloud services • Uncovering Shadow IT by Auditing • Detecting risky users and activities • Protecting by enforcing policies • Performing continuous monitoring and logging • Providing data loss prevention (Cloud DLP) capabilities
Vendor checklist
CASB Limitations • Support for limited number of SaaS apps • Breaking of functionality • Interoperability • Integration with existing security investments • Performance/Latency challenges
Future of CASB • CASB is not a new/independent security feature but an evolution to fit the cloud scenarios. • CASB in the long run shall get embedded with the current security technologies like – SWG, SIEM, Encryption, IDaaS (Additive) – DLP, EMM, WAM, NGFW (Feature overlap)
Now • Visibility/Compliance focused • Management focused CASB • Access Control focused • Data Security focused Future • Integrated with IAM • Integrated with SWG/DAP/DAG • Evolve to cloud security management platforms with IaaS/PaaS
Recommendations • Understand your CASB requirements well • All vendors are not good at all scenarios..Choose wisely..multi vendor approach • Understand your use case and threat model • Support is very important evaluation metric • Evaluate the product roadmap • Check the integration capabilities
Thank You

Recommended

Zero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeZero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeVishwas Manral
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and predictionVishwas Manral
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series
 
IDSA Overview at CSA SV
IDSA Overview at CSA SVIDSA Overview at CSA SV
IDSA Overview at CSA SVVishwas Manral
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloudAzure Group
 

Recommended

Zero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeZero Trust Enterprise Network at Adobe
Zero Trust Enterprise Network at AdobeVishwas Manral
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and predictionVishwas Manral
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series
 
IDSA Overview at CSA SV
IDSA Overview at CSA SVIDSA Overview at CSA SV
IDSA Overview at CSA SVVishwas Manral
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloudAzure Group
 
Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingClinton DSouza
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020Guido Marchetti
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019Advanced Technology Consulting (ATC)
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceTayyaba Farhat
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...Rohan Singh
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2Priyanka Aash
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019Advanced Technology Consulting (ATC)
 
PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)Olga Lavrentieva
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingMark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingPro Mrkt
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust NetworksPractical Code, LLC
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"TELECENTRE EUROPE
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 

More Related Content

What's hot

Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingClinton DSouza
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceTayyaba Farhat
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...Rohan Singh
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2Priyanka Aash
 
PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)Olga Lavrentieva
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingMark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingPro Mrkt
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 

What's hot (20)

Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computing
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security Playbook
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-service
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
 
Workshop on CASB Part 2
Workshop on CASB Part 2Workshop on CASB Part 2
Workshop on CASB Part 2
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
 
PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)PaaS security challenges and solutions (salesforce vision)
PaaS security challenges and solutions (salesforce vision)
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
 
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingMark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust Networks
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 

Viewers also liked

Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"TELECENTRE EUROPE
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence WorkshopPriyanka Aash
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataBitglass
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New HopeBitglass
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceBitglass
 
5 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 3655 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 365Netskope
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityOneLogin
 

Viewers also liked (8)

Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"Andreea Bereczky: "Knowledge Based Economy project"
Andreea Bereczky: "Knowledge Based Economy project"
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
 
5 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 3655 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 365
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 

Similar to Workshop: Threat Intelligence - Part 1

security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloudAjay Rathi
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityBob Rhubart
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology PillarsPriyanka Aash
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Comprehensive Information on CASB
Comprehensive Information on CASBComprehensive Information on CASB
Comprehensive Information on CASBHTS Hosting
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud ApplicationsIBM Security
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial servicesMoshe Ferber
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice Corporation
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
AWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSAWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSCloudHesive
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 

Similar to Workshop: Threat Intelligence - Part 1 (20)

security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud Security
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
 
casb_by_.pptx
casb_by_.pptxcasb_by_.pptx
casb_by_.pptx
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology Pillars
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Comprehensive Information on CASB
Comprehensive Information on CASBComprehensive Information on CASB
Comprehensive Information on CASB
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security Webinar
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
AWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSAWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWS
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Workshop: Threat Intelligence - Part 1

  • 1. Cloud Access Security Brokers Bikash Barai Co-founder, iViZ
  • 2. Challenges with SaaS/Cloud • Sanctioned IT: Lack of user behavior visibility, audit trail, ability to encrypt/secure, ability to directly prevent threats • Shadow IT: No visibility or control
  • 3. CASB • Cloud Access Security Brokers (CASBs) are security enforcement points between consumers and service providers that apply security controls to access cloud services – Data Security/Encryption – Visibility – Threat Protection – Compliance Image Source: Cloud Access Security Broker (CASB): A pattern for secure access to cloud services EDUARDO B. FERNANDEZ et al
  • 4. SaaS Security Gaps Sanctioned SaaS • Lack of User Behavior visibility • Lack of Audit trails • Lack of automated threat prevention • Lack of data protection controls Shadow IT • No visibility of what’s being used • Risk of compliance breaches • No threat prevention • No data protection mechanism
  • 5. CASB Use Cases • Approved SaaS Applications – CRM, Office Suites, IT Ops management • Shadow IT – Discovery, Risk Scoring, Visibility and Compliance
  • 6. CASB Taxonomy Product Feature Metrics Visibility Deployment Options Cloud On Premise Hybrid Content Aware User Device Location Compliance Policy Enforcement Policy control DLP Policy Methods SIEM Integration MDM Integration Data Security Tokenization Data Encryption Threat Prevention Anomaly Detection Shadow IT Sanctioned Apps
  • 7. CASB Taxonomy - Simpler Visibility • Deployment Options • Cloud • On Premise • Hybrid • Content Aware • User • Device • Location Compliance • SOCA • SOC-2 • FIPS 140-2 • ISO 27001 by Default • Policy Enforcement Policy control • DLP • SIEM Integration • MDM Integration • Policy Methods • Single sign on for Cloud Apps Data Security • Tokenization • Data Encryption • Antimalware • Sandbox malware review Threat Prevention • Anomaly Detection • Shadow IT • Sanctioned Apps
  • 8. Key Capabilities • Logging and Auditing • Alerting • Authentication • Access Control • Encryption and tokenization • Discovery and risk rating of cloud services • Uncovering Shadow IT by Auditing • Detecting risky users and activities • Protecting by enforcing policies • Performing continuous monitoring and logging • Providing data loss prevention (Cloud DLP) capabilities
  • 10. CASB Limitations • Support for limited number of SaaS apps • Breaking of functionality • Interoperability • Integration with existing security investments • Performance/Latency challenges
  • 11. Future of CASB • CASB is not a new/independent security feature but an evolution to fit the cloud scenarios. • CASB in the long run shall get embedded with the current security technologies like – SWG, SIEM, Encryption, IDaaS (Additive) – DLP, EMM, WAM, NGFW (Feature overlap)
  • 12. Now • Visibility/Compliance focused • Management focused CASB • Access Control focused • Data Security focused Future • Integrated with IAM • Integrated with SWG/DAP/DAG • Evolve to cloud security management platforms with IaaS/PaaS
  • 13. Recommendations • Understand your CASB requirements well • All vendors are not good at all scenarios..Choose wisely..multi vendor approach • Understand your use case and threat model • Support is very important evaluation metric • Evaluate the product roadmap • Check the integration capabilities