SlideShare une entreprise Scribd logo

Mohammed Al Mulla - Best practices to secure working environments

Télécharger en tant que PPTX, PDF
N
nooralmousa
Technologie
1  sur  27
Best Practices to Secure Working Environments Mohammed Almulla Kuwait University
Executive Summary Recent changes in computing architecture from dedicated servers in datacenters to virtualization and Cloud Computing suggest that we rethink our IT security methodologies. The focus is on database security, as well as on securing most enterprise applications.
Table of Contents Limitations of existing database security approaches. Security considerations when deploying virtualization. How distributed monitoring best fits virtual and Cloud Computing environments.
Securing Information in Virtualization Many enterprises future plan is to move some applications to Cloud Computing. How does this affect their IT security methodologies?
Recent Requirements Working environments are centered around two major technological requirements: Very High Performance Networks (VHPN) Complex applications.
Market Response To meet these requirements, security companies introduced a range of network appliances. Network Appliances: machines positioned somewhere in the network, to inspect the traffic for either protocol violations, malicious code, viruses malware or spams.
Types of Security Solutions ,[object Object],Network-based system
Winning the Battle In this era, solutions that depend on host-based software are neglected. Network-based IDS and IPS won the battle against host-based solutions. The concept of simply placing an appliance in a rack and attaching it to a switch is very attractive, especially when resources available for security are limited.
Recent Trend Today, many distributed applications have been leading to the adoption of host-based solutions, in conjunction with network appliances, specially when the enterprises are concerned with insider transactions.
Network-based Isn’t Enough The new databases are dynamically appearing in new locations. Question1: Will the network appliance approach be relevant when many transactions will not make it to the network Question2: Is the network monitoring approach efficient when the application network moves from LAN to WAN.
Before & After Previously, databases were not monitored or protected. Now monitoring DBs must cover local and intra-db attacks. Because of database breaches, customers are now investing time and effort in securing their databases.
Today’s Solutions Recently, appliance vendors have added local agents to their solutions, making many of today’s network-based solutions a hybrid of network appliance and host-based solution.
Solution Analysis The hybrid approach is not ideal, but as long as most applications run on the network in plain sight of the appliance, some enterprises were willing to accept the risks.
Disadvantages These hybrid solutions introduce complex implementation requirements such as kernel-level installation of the agent, for example, requiring reboots to the DB server. They still miss the sophisticated attacks generated from within the database itself. They also fail to address several technical challenges when implemented in either a virtual environments, or in the cloud.
Challenge #1 – Visibility Into VM-to-VM Transactions ,[object Object],[object Object]
In such a case, there is little or no network traffic as the transactions between the application and the database occur from VM-to-VM within the server.
Network monitoring appliances will not see these transactions.,[object Object]
Challenge #2 – The Dynamic System Environments If virtual security appliances are not ideal solutions for virtual machines, they are even less applicable in cloud-based applications, where networks are dynamic.
Solution The only solution that works in all environments, including Cloud environment is a solution that is based on sensors that run side by side with the database on every machine that hosts one database or more.
Challenge #3 – Performance Over WAN ,[object Object]
Cloud Computing prevents you from co-locating a server close to your databases – you simply won’t know where they are.
This will slow down network performance, and prevents timely interruption of malicious activity.,[object Object]
For Cloud Computing, make sure that the system supports wide area network (WAN) topologies.
To limit exposure of sensitive data, encrypt all traffic between the management console and sensors, and for optimum performance, compression techniques should be implemented so that policy updates and alerts are efficiently transmitted.,[object Object]
The Ultimate Challenge The challenge is to create host-based solutions that do not suffer the same drawbacks that made old host-based solutions irrelevant namely: Intrusive implementations, Performance issues Quickly adapt to new and volatile environments.
Next-generation Solutions Next generation solutions must be lightweight, easily added to the virtual machine where needed, and installed in parallel to the first database that is installed on a machine.
Promoting Stability Adding a layer of security does not require changes in architecture and does not rely on the virtualization technology in use.

Recommandé

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
The Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksThe Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksWestbase.io
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 
Aruba Rightsizing Your Network
Aruba Rightsizing Your NetworkAruba Rightsizing Your Network
Aruba Rightsizing Your Networkhypknight
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affairGeorge Delikouras
 
Cloud computing
Cloud computingCloud computing
Cloud computingperfectican
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 

Recommandé

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
The Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksThe Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksWestbase.io
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 
Aruba Rightsizing Your Network
Aruba Rightsizing Your NetworkAruba Rightsizing Your Network
Aruba Rightsizing Your Networkhypknight
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affairGeorge Delikouras
 
Cloud computing
Cloud computingCloud computing
Cloud computingperfectican
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMUG IT
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...webhostingguy
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computingSweta Kumari Barnwal
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overviewhal2005
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan Holt
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationSchneider Electric
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYShivananda Rai
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overviewRifaHaryadi
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computingSweta Kumari Barnwal
 
G0314043
G0314043G0314043
G0314043iosrjournals
 
Cloud computings
Cloud computingsCloud computings
Cloud computingsGopal Jogdand
 
Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wstawill4468
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wstawill4468
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATIONwill4468
 

Contenu connexe

Tendances

VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMUG IT
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...webhostingguy
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overviewhal2005
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan Holt
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationSchneider Electric
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYShivananda Rai
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overviewRifaHaryadi
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 

Tendances (18)

VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computing
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overview
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_Presentation
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startups
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building Automation
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITY
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overview
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computing
 
G0314043
G0314043G0314043
G0314043
 

Similaire à Mohammed Al Mulla - Best practices to secure working environments

Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wstawill4468
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wstawill4468
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATIONwill4468
 
10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-ITIdan Hershkovich
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computingKumayl Rajani
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computingijccsa
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computingneirew J
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  dannyijwest
 
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...IIJSRJournal
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 

Similaire à Mohammed Al Mulla - Best practices to secure working environments (20)

Cloud computings
Cloud computingsCloud computings
Cloud computings
 
Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wsta
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wsta
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATION
 
10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
 
Sdn primer pdf
Sdn primer pdfSdn primer pdf
Sdn primer pdf
 
cc.doc
cc.doccc.doc
cc.doc
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computing
 
Q&A: Why cloud-native apps are better?
Q&A: Why cloud-native apps are better?Q&A: Why cloud-native apps are better?
Q&A: Why cloud-native apps are better?
 
Cloud computing by Bhavesh
Cloud computing by BhaveshCloud computing by Bhavesh
Cloud computing by Bhavesh
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computing
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computing
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 
Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Plus de nooralmousa

Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testingnooralmousa
 
Mr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsMr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsnooralmousa
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...nooralmousa
 
Mr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securityMr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securitynooralmousa
 
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...nooralmousa
 
Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.nooralmousa
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelnooralmousa
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsnooralmousa
 
Ahmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatAhmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatnooralmousa
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Pradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisoPradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisonooralmousa
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metricsnooralmousa
 
Khaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysKhaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysnooralmousa
 
Hisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudHisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudnooralmousa
 
Ghassan farra it security a cio perspective
Ghassan farra it security a cio perspectiveGhassan farra it security a cio perspective
Ghassan farra it security a cio perspectivenooralmousa
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudnooralmousa
 

Plus de nooralmousa (17)

Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
 
Mr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsMr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovations
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
 
Mr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securityMr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it security
 
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
 
Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity model
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
 
Ahmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatAhmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threat
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governance
 
Pradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisoPradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for ciso
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metrics
 
Khaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysKhaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keys
 
Hisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudHisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloud
 
Ghassan farra it security a cio perspective
Ghassan farra it security a cio perspectiveGhassan farra it security a cio perspective
Ghassan farra it security a cio perspective
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 

Dernier

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Dernier (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Mohammed Al Mulla - Best practices to secure working environments

  • 1. Best Practices to Secure Working Environments Mohammed Almulla Kuwait University
  • 2. Executive Summary Recent changes in computing architecture from dedicated servers in datacenters to virtualization and Cloud Computing suggest that we rethink our IT security methodologies. The focus is on database security, as well as on securing most enterprise applications.
  • 3. Table of Contents Limitations of existing database security approaches. Security considerations when deploying virtualization. How distributed monitoring best fits virtual and Cloud Computing environments.
  • 4. Securing Information in Virtualization Many enterprises future plan is to move some applications to Cloud Computing. How does this affect their IT security methodologies?
  • 5. Recent Requirements Working environments are centered around two major technological requirements: Very High Performance Networks (VHPN) Complex applications.
  • 6. Market Response To meet these requirements, security companies introduced a range of network appliances. Network Appliances: machines positioned somewhere in the network, to inspect the traffic for either protocol violations, malicious code, viruses malware or spams.
  • 7.
  • 8. Winning the Battle In this era, solutions that depend on host-based software are neglected. Network-based IDS and IPS won the battle against host-based solutions. The concept of simply placing an appliance in a rack and attaching it to a switch is very attractive, especially when resources available for security are limited.
  • 9. Recent Trend Today, many distributed applications have been leading to the adoption of host-based solutions, in conjunction with network appliances, specially when the enterprises are concerned with insider transactions.
  • 10. Network-based Isn’t Enough The new databases are dynamically appearing in new locations. Question1: Will the network appliance approach be relevant when many transactions will not make it to the network Question2: Is the network monitoring approach efficient when the application network moves from LAN to WAN.
  • 11. Before & After Previously, databases were not monitored or protected. Now monitoring DBs must cover local and intra-db attacks. Because of database breaches, customers are now investing time and effort in securing their databases.
  • 12. Today’s Solutions Recently, appliance vendors have added local agents to their solutions, making many of today’s network-based solutions a hybrid of network appliance and host-based solution.
  • 13. Solution Analysis The hybrid approach is not ideal, but as long as most applications run on the network in plain sight of the appliance, some enterprises were willing to accept the risks.
  • 14. Disadvantages These hybrid solutions introduce complex implementation requirements such as kernel-level installation of the agent, for example, requiring reboots to the DB server. They still miss the sophisticated attacks generated from within the database itself. They also fail to address several technical challenges when implemented in either a virtual environments, or in the cloud.
  • 15.
  • 16. In such a case, there is little or no network traffic as the transactions between the application and the database occur from VM-to-VM within the server.
  • 17.
  • 18. Challenge #2 – The Dynamic System Environments If virtual security appliances are not ideal solutions for virtual machines, they are even less applicable in cloud-based applications, where networks are dynamic.
  • 19. Solution The only solution that works in all environments, including Cloud environment is a solution that is based on sensors that run side by side with the database on every machine that hosts one database or more.
  • 20.
  • 21. Cloud Computing prevents you from co-locating a server close to your databases – you simply won’t know where they are.
  • 22.
  • 23. For Cloud Computing, make sure that the system supports wide area network (WAN) topologies.
  • 24.
  • 25. The Ultimate Challenge The challenge is to create host-based solutions that do not suffer the same drawbacks that made old host-based solutions irrelevant namely: Intrusive implementations, Performance issues Quickly adapt to new and volatile environments.
  • 26. Next-generation Solutions Next generation solutions must be lightweight, easily added to the virtual machine where needed, and installed in parallel to the first database that is installed on a machine.
  • 27. Promoting Stability Adding a layer of security does not require changes in architecture and does not rely on the virtualization technology in use.
  • 28.
  • 29. They realized that the complexity of ensuring adequate data security is an obstacle.
  • 30. But, the movement towards these technologies is inevitable.
  • 31.