SlideShare une entreprise Scribd logo

System Security on Cloud

Tu Pham
Tu Pham

System Security on Cloud

Logiciels
1  sur  47
System Security on Cloud Tu Pham CTO @ DYNO
CTO @ DYNO Data As A Service Technologies: Java, Python, all kind of databases and Cloud platform from Google, Aws, Azure. Interests: Cloud computing, machine learning, system architecture, technology evolution, distributed systems. Husband, Father, GDE, Open source contributor Tu Pham foto: Lars Kruse, Aarhus Universitet 2
Current system > 10 000 users - 4 countries: US, UK, VN, Singapore - 1.3B user profiles - > 1B new raw data daily (~110 GB) - Hundred of jobs daily Images by ConnieZhou
Let’s compare: 10 TB - 45,813,058.125 book (200 pages of 240,000 characters) - 2,621,440 MP3 files (with 4MB average file size) - 3,495,250 MP3 files (with 3MB average file size) Images by ConnieZhou
From 2014, we bring success to hundreds of thousands online marketing campaigns based on our big data system.
DYNO DYNO has ability to build, organize, and operate a Big Data system with an efficiency and speed then apply Machine Learning algorithms to make magic happen. These are our advantages: unique technology, talents, company culture, growth hack, extreme product focus.
Organize the world’s information and make it universally accessible and useful. Our mission is aligned with Google’s mission With Sundar Pichai - CEO of Google 2
Yes, We Can Power that User Identify Social User Modeling Social CRM Advertising Network Big Data System Data Mining
Our Partners
Our Clients
Real estate Ecommerce Beauty Fashion Food & Drinks Our Clients
Our Clients Education Co-working space Retail Finance Other vaytaichinh.info Vay Tiền Mặt
Our Partners Just Google
HOW TO PROTECT YOUR SYSTEM, PARTNERS & CUSTOMERS ?
Infrastructure Has Changed EARLY 2000’s MID 2000’s NOW Buying Hardware
Infrastructure Has Changed EARLY 2000’s MID 2000’s NOW Infrastructure As a ServiceBuying Hardware
Security Has Changed
Security Has Changed
Cybercrime Has Also Changed Single Actors EARLY 2000’s MID 2000’s NOW
Cybercrime Has AlsoChanged Single Actors Highly Organized Groups EARLY 2000’s MID 2000’s NOW
Cybercrime is Flourishing 508 is the average number of applications in an enterprise Evolution of AdversariesExpanding Attack Surfaces Overwhelmed Defenses 37% of US companies face 50,000+ alerts per month 390,000 new malicious programs every day with a viable ecosystem Forbes, 2014 FireEye, 2015 AV-TEST, 2016
Attack methods are evolving • Security risks -Perception of increased risk due to lack of control -Blind spots: no way to connect on-premise and cloud attacks -Increased threat surface -Tuning tools for relevant notifications Cloud Environment On Premise Environment Source: Alert Logic CSR 2016 42% 25% 19% 8% 4% 2% application-attack brute-force recon trojan-activity suspicious-activity denial-of-service 51% 22% 5% 3% 1% 18% brute-force trojan-activity suspicious-activity application-attack recon denial-of-service
Today’sAttacks Have Several Stages
Who is being targeted? BIG
Who is being targeted?And Small
SECURITY IN THE CLOUD
The Cloud Can be Secure “Public cloud workloads can be at least as secure as those in your own data center, likely better.” Neil McDonald – Gartner Security and Risk Management Summit London Sept 2015
Cloud has disrupted traditional security DEPLOYMENT & MANAGEMENT PERFORMANCE & OPERATIONS CUSTOMER APPLICATION REQUIREMENTS TRADITIONAL SECURITY CLOUD DRIVERS AGILITY & AUTOMATION HYPER-SCALABILITY PRIORITY: WEB APPLICATIONS SCALING CHOKEPOINTS POOR DETECTION OF WEB APP ATTACKS vs SLOW, COMPLEX CONFIGURATIONS vs vs
Challenges of being Secure in the Cloud SECURITY TOOLSARE Complicated to use Difficult to deploy Expensive to manage and tune HUMAN EXPERTISE IS Hard to find Harder to keep Very expensive THREAT INTELLIGENCE AND SECURITY CONTENT Gets stale quickly Requires specific know-how Validation required to avoid false positives
Cloud Security – NewApproach The Principles of security do not change but your Approach to security needs to change: • Security best practices are no different in the cloud • You need to apply the same security standards to cloud workloads as applied to on-premises • Understand the Shared Responsibility of Cloud Security
• Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (including multi- factor authentication) • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration • Web Application Firewall • Vulnerability Scanning • Application level attack monitoring • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored APPS CUSTOMER ALERT LOGICMICROSOFT VIRTUAL MACHINES NETWORKING INFRASTRUCTURE SERVICES Cloud Security is a Shared, but not Equal, Responsibility
YOU NEED ASOLUTION ?
We protect cloud workloads & web applications BLOCK COMPLY FULLY-MANAGED SECURITY, DELIVERED AS A SERVICE ASSESS DETECT • Full-stack security • Integrated analytics & experts • Built for cloud • Cost-effective outcomes Data Center Hosting
WebApp Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management CLOUD INSIGHT Signatures & Rules Anomaly Detection Machine Learning Integrated value chain delivering full stack security, experts included • Threat Intelligence • Security Research • Data Science • Security Content • Security Operations Center ACTIVEWATCH DETECTION & PROTECTION Web Security Manager Log Manager Threat Manager ALL IN ONE DEFENDER
Which designed security for cloud and hybrid environments GET STARTED IN MINUTES MAINTAIN COVERAGE AT CLOUD SCALEKEEP PRODUCTION FLOWING with modular services that grow with you with integration to cloudAPIs and DevOps automation with auto-scaling support and out-of-band detection Single pane of glass for workload and application security across cloud, hosted & on-premises
Leaders 28 8 25 3 11 6 8 4 10 10 15 24 ThreatStack FortyCloud CloudCheckr CloudPassage Microsoft Palerra 5 Evident.io 5 JumpCloud Barricade Symantec Okta Intel Security Fortinet Cisco Chronicle Data Check Point Amazon Other Alert Logic A recognized securityleader PETER STEPHENSON SC Magazine review “…the depth and breadth of the offering’s analytics and threat management process goes beyond anything we’ve seen…” Who is your primary in-use vendor for Cloud Infrastructure Security? Who are the top vendors in consideration for Cloud Infrastructure Security? Alert Logic
BEST PRACTICE & TAKEAWAYS
10 Cloud Security Best Practices 1. Secure your code 2. Create access management policies 3. Data Classification 4. Adopt a patch management approach 5. Review logs regularly 6. Build a security toolkit 7. Stay informed of the latest vulnerabilities that may affect you 8. Understand your cloud service providers security model 9. Understand the shared security responsibility 10. Know your adversaries
10 Cloud Security Best Practices 1. Secure your code 2. Create access management policies 3. Data Classification 4. Adopt a patch management approach 5. Review logs regularly 6. Build a security toolkit 7. Stay informed of the latest vulnerabilities that may affect you 8. Understand your cloud service providers security model 9. Understand the shared security responsibility 10. Know your adversaries
Top 3 Takeaways 1. Cyber Crime is flourishing – Big and small companies 2. Security in the Cloud has similar overall principles but new complexity 3. You may need a full stack security vendor with experts included
Challenges at DYNO - Advertising Network • Things we have to do • Deliver right ad at right time for right people • Mining user information to help brands understand their audience • Build flexible ad targeting infrastructure • Analyze user behavior to improve ad relevancy at real time
Challenges at DYNO - User Profiling • The truth • 65 social network all around the world • 2B monthly active user from Facebook (300 PB data warehouse) • Unlimited data still offline • The problem: • How you know N account from Facebook, Google, Twitter, Linkedin, StackOverFlow, Github, … belong to one person or not ?
Challenges at DYNO - Image Processing • The problem • Detect board sets of objects (House, Car, Motorbike) • Find topical entities (Logo, Celebrity, New Event) • Face detection
Big Data Challenges At DYNO - Image Extraction • Things we have to do • Deliver right ad at right time for right people • Mining user information to help brands understand their audience • Build flexible ad targeting infrastructure • Analyze user behavior to improve ad relevancy at real time
We are hiring - Data Engineer Responsibilities - Designing and developing high-volume, low-latency applications for mission-critical systems and delivering high-availability and performance - Writing well designed, testable, efficient components for ETL system - Processing, cleansing, verifying the integrity of data Requirements - BS/MS degree in Computer Science, Engineering or a related subject - Language: Java, Python - Knowledge of API, Databases, Distributed system - (Plus) Data scraping experience - (Plus) Familiar with big data system (Volume, variety and velocity) - (Plus) Domain knowledge (E-commerce / Finance / Retail / Real estate / Advertising)
We are hiring - Data Scientist Responsibilities - Designing, mining, testing machine learning algorithms for delivering valued information from DYNO data warehouse. - Doing ad-hoc analytics and presenting results - Selecting features, building, optimizing algorithms Requirements - BS/MS degree in Computer Science, Engineering or a related subject - Good at machine learning algorithms - (Plus) Familiar with big data system (Volume, variety and velocity) - (Plus) Domain knowledge (E-commerce / Finance / Retail / Real estate / Advertising)
JOIN THE FLIGHT IO Extended 2017 Facebook: fb/pham.phuong.tu Twitter: @phamptu Slideshare: /phamphuongtu Email: tu@dyno.vn

Recommandé

MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB
MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB�MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB�
MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUBTu Pham
 
Big Data at DYNO
Big Data at DYNOBig Data at DYNO
Big Data at DYNOTu Pham
 
Big data in action
Big data in actionBig data in action
Big data in actionTu Pham
 
End To End Machine Learning With Google Cloud
End To End Machine Learning With Google Cloud End To End Machine Learning With Google Cloud
End To End Machine Learning With Google Cloud Tu Pham
 
Big Data Driven At Eway
Big Data Driven At Eway Big Data Driven At Eway
Big Data Driven At Eway Tu Pham
 
Building Reactive Applications With Akka And Java
Building Reactive Applications With Akka And JavaBuilding Reactive Applications With Akka And Java
Building Reactive Applications With Akka And JavaTu Pham
 
Google Cloud Platform (GCP)
Google Cloud Platform (GCP)Google Cloud Platform (GCP)
Google Cloud Platform (GCP)Chetan Sharma
 
Google App Engine - Simple Introduction
Google App Engine - Simple IntroductionGoogle App Engine - Simple Introduction
Google App Engine - Simple IntroductionLenny Rachitsky
 

Recommandé

MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB
MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB�MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUB�
MILLIONS EVENT DELIVERY WITH CLOUD PUB / SUBTu Pham
 
Big Data at DYNO
Big Data at DYNOBig Data at DYNO
Big Data at DYNOTu Pham
 
Big data in action
Big data in actionBig data in action
Big data in actionTu Pham
 
End To End Machine Learning With Google Cloud
End To End Machine Learning With Google Cloud End To End Machine Learning With Google Cloud
End To End Machine Learning With Google Cloud Tu Pham
 
Big Data Driven At Eway
Big Data Driven At Eway Big Data Driven At Eway
Big Data Driven At Eway Tu Pham
 
Building Reactive Applications With Akka And Java
Building Reactive Applications With Akka And JavaBuilding Reactive Applications With Akka And Java
Building Reactive Applications With Akka And JavaTu Pham
 
Google Cloud Platform (GCP)
Google Cloud Platform (GCP)Google Cloud Platform (GCP)
Google Cloud Platform (GCP)Chetan Sharma
 
Google App Engine - Simple Introduction
Google App Engine - Simple IntroductionGoogle App Engine - Simple Introduction
Google App Engine - Simple IntroductionLenny Rachitsky
 
Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)bigdata trunk
 
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...Amazon Web Services
 
Amazon quicksight
Amazon quicksightAmazon quicksight
Amazon quicksightSivakumar Ramar
 
Cloud Computing: Making the right choice
Cloud Computing: Making the right choiceCloud Computing: Making the right choice
Cloud Computing: Making the right choiceIndicThreads
 
L2 3.fa19
L2 3.fa19L2 3.fa19
L2 3.fa19Kv Sagar
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big DataRobert Keahey
 
Big Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriBig Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriDemi Ben-Ari
 
The Cloud Changing the Game
The Cloud Changing the GameThe Cloud Changing the Game
The Cloud Changing the GameAmazon Web Services
 
Essentials of cloud dsc skct
Essentials of cloud dsc skctEssentials of cloud dsc skct
Essentials of cloud dsc skctNaveenK158
 
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...Amazon Web Services
 
Hadoop for the Masses
Hadoop for the MassesHadoop for the Masses
Hadoop for the MassesDataWorks Summit/Hadoop Summit
 
Modern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the CloudModern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the CloudAlluxio, Inc.
 
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...Kai Wähner
 
Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016Daniel Toomey
 
Cloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans IntroductionCloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans IntroductionDavid Terrar
 
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017Codemotion
 
A Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsA Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsCloudera, Inc.
 
Cloud computing ft
Cloud computing ftCloud computing ft
Cloud computing ftPallawi Bala
 
Final Report
Final ReportFinal Report
Final ReportSan Kai Hong
 
Big SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open sourceBig SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open sourceDataWorks Summit
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUlf Mattsson
 
Inception: A reverse-engineer horror History
Inception: A reverse-engineer horror HistoryInception: A reverse-engineer horror History
Inception: A reverse-engineer horror HistoryNelson Brito
 

Contenu connexe

Tendances

Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)bigdata trunk
 
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...Amazon Web Services
 
Cloud Computing: Making the right choice
Cloud Computing: Making the right choiceCloud Computing: Making the right choice
Cloud Computing: Making the right choiceIndicThreads
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big DataRobert Keahey
 
Big Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriBig Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriDemi Ben-Ari
 
Essentials of cloud dsc skct
Essentials of cloud dsc skctEssentials of cloud dsc skct
Essentials of cloud dsc skctNaveenK158
 
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...Amazon Web Services
 
Modern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the CloudModern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the CloudAlluxio, Inc.
 
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...Kai Wähner
 
Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016Daniel Toomey
 
Cloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans IntroductionCloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans IntroductionDavid Terrar
 
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017Codemotion
 
A Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsA Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsCloudera, Inc.
 
Cloud computing ft
Cloud computing ftCloud computing ft
Cloud computing ftPallawi Bala
 
Big SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open sourceBig SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open sourceDataWorks Summit
 

Tendances (20)

Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)Getting started with GCP ( Google Cloud Platform)
Getting started with GCP ( Google Cloud Platform)
 
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...
 
Amazon quicksight
Amazon quicksightAmazon quicksight
Amazon quicksight
 
Cloud Computing: Making the right choice
Cloud Computing: Making the right choiceCloud Computing: Making the right choice
Cloud Computing: Making the right choice
 
L2 3.fa19
L2 3.fa19L2 3.fa19
L2 3.fa19
 
Cloud Computing and Big Data
Cloud Computing and Big DataCloud Computing and Big Data
Cloud Computing and Big Data
 
Big Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriBig Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-Ari
 
The Cloud Changing the Game
The Cloud Changing the GameThe Cloud Changing the Game
The Cloud Changing the Game
 
Essentials of cloud dsc skct
Essentials of cloud dsc skctEssentials of cloud dsc skct
Essentials of cloud dsc skct
 
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BD...
 
Hadoop for the Masses
Hadoop for the MassesHadoop for the Masses
Hadoop for the Masses
 
Modern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the CloudModern Data Platforms - Thinking Data Flywheel on the Cloud
Modern Data Platforms - Thinking Data Flywheel on the Cloud
 
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
JBoss OneDayTalk 2013: "NoSQL Integration with Apache Camel - MongoDB, CouchD...
 
Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016Microsoft Azure News - Sept 2016
Microsoft Azure News - Sept 2016
 
Cloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans IntroductionCloud Computing World Forum Chairmans Introduction
Cloud Computing World Forum Chairmans Introduction
 
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
An Introduction to Apache Ignite - Mandhir Gidda - Codemotion Rome 2017
 
A Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsA Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber Threats
 
Cloud computing ft
Cloud computing ftCloud computing ft
Cloud computing ft
 
Final Report
Final ReportFinal Report
Final Report
 
Big SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open sourceBig SQL: Powerful SQL Optimization - Re-Imagined for open source
Big SQL: Powerful SQL Optimization - Re-Imagined for open source
 

En vedette

UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUlf Mattsson
 
Inception: A reverse-engineer horror History
Inception: A reverse-engineer horror HistoryInception: A reverse-engineer horror History
Inception: A reverse-engineer horror HistoryNelson Brito
 
The Suite Club Presentazione English Power
The Suite Club Presentazione English PowerThe Suite Club Presentazione English Power
The Suite Club Presentazione English Powermasnas
 
Worms: Conheça o inimigo e defenda-se
Worms: Conheça o inimigo e defenda-seWorms: Conheça o inimigo e defenda-se
Worms: Conheça o inimigo e defenda-seNelson Brito
 
Apresentação Soluções Vísent -Awards
Apresentação Soluções Vísent -AwardsApresentação Soluções Vísent -Awards
Apresentação Soluções Vísent -AwardsRicardo Bassoi
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
Fog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptFog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptpriyanka reddy
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017Carol Smith
 

En vedette (10)

UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
 
Inception: A reverse-engineer horror History
Inception: A reverse-engineer horror HistoryInception: A reverse-engineer horror History
Inception: A reverse-engineer horror History
 
Network Security
Network SecurityNetwork Security
Network Security
 
The Suite Club Presentazione English Power
The Suite Club Presentazione English PowerThe Suite Club Presentazione English Power
The Suite Club Presentazione English Power
 
miniOMNIAlog - Short Version
miniOMNIAlog - Short VersionminiOMNIAlog - Short Version
miniOMNIAlog - Short Version
 
Worms: Conheça o inimigo e defenda-se
Worms: Conheça o inimigo e defenda-seWorms: Conheça o inimigo e defenda-se
Worms: Conheça o inimigo e defenda-se
 
Apresentação Soluções Vísent -Awards
Apresentação Soluções Vísent -AwardsApresentação Soluções Vísent -Awards
Apresentação Soluções Vísent -Awards
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
Fog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptFog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud ppt
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
 

Similaire à System Security on Cloud

110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
Bridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudBridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudInside Analysis
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudAlert Logic
 
Wicsa2011 cloud tutorial
Wicsa2011 cloud tutorialWicsa2011 cloud tutorial
Wicsa2011 cloud tutorialAnna Liu
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteInsurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteHenrique Centieiro
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Tudor Damian
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldHao Tran
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldInside Analysis
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itAndy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itNordic Infrastructure Conference
 
Security On The Cloud
Security On The CloudSecurity On The Cloud
Security On The CloudTu Pham
 
Agents for Agility - The Just-in-Time Enterprise Has Arrived
Agents for Agility - The Just-in-Time Enterprise Has ArrivedAgents for Agility - The Just-in-Time Enterprise Has Arrived
Agents for Agility - The Just-in-Time Enterprise Has ArrivedInside Analysis
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfInfosec Train
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfinfosec train
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? Jorge García
 

Similaire à System Security on Cloud (20)

110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Bridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the CloudBridging the Gap: Analyzing Data in and Below the Cloud
Bridging the Gap: Analyzing Data in and Below the Cloud
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
 
Wicsa2011 cloud tutorial
Wicsa2011 cloud tutorialWicsa2011 cloud tutorial
Wicsa2011 cloud tutorial
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance InstituteInsurtech, Cloud and Cybersecurity - Chartered Insurance Institute
Insurtech, Cloud and Cybersecurity - Chartered Insurance Institute
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
3 Reasons Why the Cloud is More Secure than Your Server
3 Reasons Why the Cloud is More Secure than Your Server3 Reasons Why the Cloud is More Secure than Your Server
3 Reasons Why the Cloud is More Secure than Your Server
 
Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]Security & Compliance in the Cloud [2019]
Security & Compliance in the Cloud [2019]
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
Rethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile WorldRethinking Data Availability and Governance in a Mobile World
Rethinking Data Availability and Governance in a Mobile World
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for itAndy Malone - Keynote: the cloud one small step for man one giant leap for it
Andy Malone - Keynote: the cloud one small step for man one giant leap for it
 
Security On The Cloud
Security On The CloudSecurity On The Cloud
Security On The Cloud
 
Agents for Agility - The Just-in-Time Enterprise Has Arrived
Agents for Agility - The Just-in-Time Enterprise Has ArrivedAgents for Agility - The Just-in-Time Enterprise Has Arrived
Agents for Agility - The Just-in-Time Enterprise Has Arrived
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdf
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdf
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night?
 

Plus de Tu Pham

Go from idea to app with no coding using AppSheet.pptx
Go from idea to app with no coding using AppSheet.pptxGo from idea to app with no coding using AppSheet.pptx
Go from idea to app with no coding using AppSheet.pptxTu Pham
 
Secure your app against DDOS, API Abuse, Hijacking, and Fraud
Secure your app against DDOS, API Abuse, Hijacking, and Fraud Secure your app against DDOS, API Abuse, Hijacking, and Fraud
Secure your app against DDOS, API Abuse, Hijacking, and FraudTu Pham
 
Challenges In Implementing SRE
Challenges In Implementing SREChallenges In Implementing SRE
Challenges In Implementing SRETu Pham
 
IT Strategy
IT Strategy IT Strategy
IT Strategy Tu Pham
 
Set up Learn and Development program
Set up Learn and Development programSet up Learn and Development program
Set up Learn and Development programTu Pham
 
Cost Management For IT Project / Product
Cost Management For IT Project / ProductCost Management For IT Project / Product
Cost Management For IT Project / ProductTu Pham
 
Minimum Viable Product 101
Minimum Viable Product 101Minimum Viable Product 101
Minimum Viable Product 101Tu Pham
 
Understand your customers
Understand your customersUnderstand your customers
Understand your customersTu Pham
 
Let's build great products for mid-size companies
Let's build great products for mid-size companiesLet's build great products for mid-size companies
Let's build great products for mid-size companiesTu Pham
 
Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Tu Pham
 
End To End Business Intelligence On Google Cloud
End To End Business Intelligence On Google CloudEnd To End Business Intelligence On Google Cloud
End To End Business Intelligence On Google CloudTu Pham
 
High Output Tech Management
High Output Tech Management High Output Tech Management
High Output Tech Management Tu Pham
 
Eway Tech Talk #2 Coding Guidelines
Eway Tech Talk #2 Coding GuidelinesEway Tech Talk #2 Coding Guidelines
Eway Tech Talk #2 Coding GuidelinesTu Pham
 
Eway Tech Talk #0 Knowledge Sharing
Eway Tech Talk #0 Knowledge SharingEway Tech Talk #0 Knowledge Sharing
Eway Tech Talk #0 Knowledge SharingTu Pham
 
Php 5.6 vs Php 7 performance comparison
Php 5.6 vs Php 7 performance comparisonPhp 5.6 vs Php 7 performance comparison
Php 5.6 vs Php 7 performance comparisonTu Pham
 
Big data on google cloud
Big data on google cloudBig data on google cloud
Big data on google cloudTu Pham
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding KubernetesTu Pham
 
Database, data storage, hosting with Firebase
Database, data storage, hosting with FirebaseDatabase, data storage, hosting with Firebase
Database, data storage, hosting with FirebaseTu Pham
 
Recommendation system for ecommerce
Recommendation system for ecommerceRecommendation system for ecommerce
Recommendation system for ecommerceTu Pham
 
Data warehouse solutions
Data warehouse solutionsData warehouse solutions
Data warehouse solutionsTu Pham
 

Plus de Tu Pham (20)

Go from idea to app with no coding using AppSheet.pptx
Go from idea to app with no coding using AppSheet.pptxGo from idea to app with no coding using AppSheet.pptx
Go from idea to app with no coding using AppSheet.pptx
 
Secure your app against DDOS, API Abuse, Hijacking, and Fraud
Secure your app against DDOS, API Abuse, Hijacking, and Fraud Secure your app against DDOS, API Abuse, Hijacking, and Fraud
Secure your app against DDOS, API Abuse, Hijacking, and Fraud
 
Challenges In Implementing SRE
Challenges In Implementing SREChallenges In Implementing SRE
Challenges In Implementing SRE
 
IT Strategy
IT Strategy IT Strategy
IT Strategy
 
Set up Learn and Development program
Set up Learn and Development programSet up Learn and Development program
Set up Learn and Development program
 
Cost Management For IT Project / Product
Cost Management For IT Project / ProductCost Management For IT Project / Product
Cost Management For IT Project / Product
 
Minimum Viable Product 101
Minimum Viable Product 101Minimum Viable Product 101
Minimum Viable Product 101
 
Understand your customers
Understand your customersUnderstand your customers
Understand your customers
 
Let's build great products for mid-size companies
Let's build great products for mid-size companiesLet's build great products for mid-size companies
Let's build great products for mid-size companies
 
Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns Latency Control And Supervision In Resilience Design Patterns
Latency Control And Supervision In Resilience Design Patterns
 
End To End Business Intelligence On Google Cloud
End To End Business Intelligence On Google CloudEnd To End Business Intelligence On Google Cloud
End To End Business Intelligence On Google Cloud
 
High Output Tech Management
High Output Tech Management High Output Tech Management
High Output Tech Management
 
Eway Tech Talk #2 Coding Guidelines
Eway Tech Talk #2 Coding GuidelinesEway Tech Talk #2 Coding Guidelines
Eway Tech Talk #2 Coding Guidelines
 
Eway Tech Talk #0 Knowledge Sharing
Eway Tech Talk #0 Knowledge SharingEway Tech Talk #0 Knowledge Sharing
Eway Tech Talk #0 Knowledge Sharing
 
Php 5.6 vs Php 7 performance comparison
Php 5.6 vs Php 7 performance comparisonPhp 5.6 vs Php 7 performance comparison
Php 5.6 vs Php 7 performance comparison
 
Big data on google cloud
Big data on google cloudBig data on google cloud
Big data on google cloud
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding Kubernetes
 
Database, data storage, hosting with Firebase
Database, data storage, hosting with FirebaseDatabase, data storage, hosting with Firebase
Database, data storage, hosting with Firebase
 
Recommendation system for ecommerce
Recommendation system for ecommerceRecommendation system for ecommerce
Recommendation system for ecommerce
 
Data warehouse solutions
Data warehouse solutionsData warehouse solutions
Data warehouse solutions
 

Dernier

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 

Dernier (20)

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 

System Security on Cloud

  • 1. System Security on Cloud Tu Pham CTO @ DYNO
  • 3. Current system > 10 000 users - 4 countries: US, UK, VN, Singapore - 1.3B user profiles - > 1B new raw data daily (~110 GB) - Hundred of jobs daily Images by ConnieZhou
  • 5. From 2014, we bring success to hundreds of thousands online marketing campaigns based on our big data system.
  • 7. Organize the world’s information and make it universally accessible and useful. Our mission is aligned with Google’s mission With Sundar Pichai - CEO of Google 2
  • 11. Real estate Ecommerce Beauty Fashion Food & Drinks Our Clients
  • 12. Our Clients Education Co-working space Retail Finance Other vaytaichinh.info Vay Tiền Mặt
  • 14. HOW TO PROTECT YOUR SYSTEM, PARTNERS & CUSTOMERS ?
  • 15. Infrastructure Has Changed EARLY 2000’s MID 2000’s NOW Buying Hardware
  • 16. Infrastructure Has Changed EARLY 2000’s MID 2000’s NOW Infrastructure As a ServiceBuying Hardware
  • 19. Cybercrime Has Also Changed Single Actors EARLY 2000’s MID 2000’s NOW
  • 20. Cybercrime Has AlsoChanged Single Actors Highly Organized Groups EARLY 2000’s MID 2000’s NOW
  • 21. Cybercrime is Flourishing 508 is the average number of applications in an enterprise Evolution of AdversariesExpanding Attack Surfaces Overwhelmed Defenses 37% of US companies face 50,000+ alerts per month 390,000 new malicious programs every day with a viable ecosystem Forbes, 2014 FireEye, 2015 AV-TEST, 2016
  • 22. Attack methods are evolving • Security risks -Perception of increased risk due to lack of control -Blind spots: no way to connect on-premise and cloud attacks -Increased threat surface -Tuning tools for relevant notifications Cloud Environment On Premise Environment Source: Alert Logic CSR 2016 42% 25% 19% 8% 4% 2% application-attack brute-force recon trojan-activity suspicious-activity denial-of-service 51% 22% 5% 3% 1% 18% brute-force trojan-activity suspicious-activity application-attack recon denial-of-service
  • 24. Who is being targeted? BIG
  • 25. Who is being targeted?And Small
  • 27. The Cloud Can be Secure “Public cloud workloads can be at least as secure as those in your own data center, likely better.” Neil McDonald – Gartner Security and Risk Management Summit London Sept 2015
  • 28. Cloud has disrupted traditional security DEPLOYMENT & MANAGEMENT PERFORMANCE & OPERATIONS CUSTOMER APPLICATION REQUIREMENTS TRADITIONAL SECURITY CLOUD DRIVERS AGILITY & AUTOMATION HYPER-SCALABILITY PRIORITY: WEB APPLICATIONS SCALING CHOKEPOINTS POOR DETECTION OF WEB APP ATTACKS vs SLOW, COMPLEX CONFIGURATIONS vs vs
  • 29. Challenges of being Secure in the Cloud SECURITY TOOLSARE Complicated to use Difficult to deploy Expensive to manage and tune HUMAN EXPERTISE IS Hard to find Harder to keep Very expensive THREAT INTELLIGENCE AND SECURITY CONTENT Gets stale quickly Requires specific know-how Validation required to avoid false positives
  • 30. Cloud Security – NewApproach The Principles of security do not change but your Approach to security needs to change: • Security best practices are no different in the cloud • You need to apply the same security standards to cloud workloads as applied to on-premises • Understand the Shared Responsibility of Cloud Security
  • 31. • Security Monitoring • Log Analysis • Vulnerability Scanning • Network Threat Detection • Security Monitoring • Secure Coding and Best Practices • Software and Virtual Patching • Configuration Management • Access Management (including multi- factor authentication) • Access Management • Configuration Hardening • Patch Management • TLS/SSL Encryption • Network Security Configuration • Web Application Firewall • Vulnerability Scanning • Application level attack monitoring • Hypervisor Management • System Image Library • Root Access for Customers • Managed Patching (PaaS, not IaaS) • Logical Network Segmentation • Perimeter Security Services • External DDOS, spoofing, and scanning monitored APPS CUSTOMER ALERT LOGICMICROSOFT VIRTUAL MACHINES NETWORKING INFRASTRUCTURE SERVICES Cloud Security is a Shared, but not Equal, Responsibility
  • 33. We protect cloud workloads & web applications BLOCK COMPLY FULLY-MANAGED SECURITY, DELIVERED AS A SERVICE ASSESS DETECT • Full-stack security • Integrated analytics & experts • Built for cloud • Cost-effective outcomes Data Center Hosting
  • 34. WebApp Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks Web Apps Server-side Apps App Frameworks Dev Platforms Server OS Hypervisor Databases Networking Cloud Management CLOUD INSIGHT Signatures & Rules Anomaly Detection Machine Learning Integrated value chain delivering full stack security, experts included • Threat Intelligence • Security Research • Data Science • Security Content • Security Operations Center ACTIVEWATCH DETECTION & PROTECTION Web Security Manager Log Manager Threat Manager ALL IN ONE DEFENDER
  • 35. Which designed security for cloud and hybrid environments GET STARTED IN MINUTES MAINTAIN COVERAGE AT CLOUD SCALEKEEP PRODUCTION FLOWING with modular services that grow with you with integration to cloudAPIs and DevOps automation with auto-scaling support and out-of-band detection Single pane of glass for workload and application security across cloud, hosted & on-premises
  • 36. Leaders 28 8 25 3 11 6 8 4 10 10 15 24 ThreatStack FortyCloud CloudCheckr CloudPassage Microsoft Palerra 5 Evident.io 5 JumpCloud Barricade Symantec Okta Intel Security Fortinet Cisco Chronicle Data Check Point Amazon Other Alert Logic A recognized securityleader PETER STEPHENSON SC Magazine review “…the depth and breadth of the offering’s analytics and threat management process goes beyond anything we’ve seen…” Who is your primary in-use vendor for Cloud Infrastructure Security? Who are the top vendors in consideration for Cloud Infrastructure Security? Alert Logic
  • 37. BEST PRACTICE & TAKEAWAYS
  • 38. 10 Cloud Security Best Practices 1. Secure your code 2. Create access management policies 3. Data Classification 4. Adopt a patch management approach 5. Review logs regularly 6. Build a security toolkit 7. Stay informed of the latest vulnerabilities that may affect you 8. Understand your cloud service providers security model 9. Understand the shared security responsibility 10. Know your adversaries
  • 39. 10 Cloud Security Best Practices 1. Secure your code 2. Create access management policies 3. Data Classification 4. Adopt a patch management approach 5. Review logs regularly 6. Build a security toolkit 7. Stay informed of the latest vulnerabilities that may affect you 8. Understand your cloud service providers security model 9. Understand the shared security responsibility 10. Know your adversaries
  • 40. Top 3 Takeaways 1. Cyber Crime is flourishing – Big and small companies 2. Security in the Cloud has similar overall principles but new complexity 3. You may need a full stack security vendor with experts included
  • 41. Challenges at DYNO - Advertising Network • Things we have to do • Deliver right ad at right time for right people • Mining user information to help brands understand their audience • Build flexible ad targeting infrastructure • Analyze user behavior to improve ad relevancy at real time
  • 42. Challenges at DYNO - User Profiling • The truth • 65 social network all around the world • 2B monthly active user from Facebook (300 PB data warehouse) • Unlimited data still offline • The problem: • How you know N account from Facebook, Google, Twitter, Linkedin, StackOverFlow, Github, … belong to one person or not ?
  • 43. Challenges at DYNO - Image Processing • The problem • Detect board sets of objects (House, Car, Motorbike) • Find topical entities (Logo, Celebrity, New Event) • Face detection
  • 44. Big Data Challenges At DYNO - Image Extraction • Things we have to do • Deliver right ad at right time for right people • Mining user information to help brands understand their audience • Build flexible ad targeting infrastructure • Analyze user behavior to improve ad relevancy at real time
  • 45. We are hiring - Data Engineer Responsibilities - Designing and developing high-volume, low-latency applications for mission-critical systems and delivering high-availability and performance - Writing well designed, testable, efficient components for ETL system - Processing, cleansing, verifying the integrity of data Requirements - BS/MS degree in Computer Science, Engineering or a related subject - Language: Java, Python - Knowledge of API, Databases, Distributed system - (Plus) Data scraping experience - (Plus) Familiar with big data system (Volume, variety and velocity) - (Plus) Domain knowledge (E-commerce / Finance / Retail / Real estate / Advertising)
  • 46. We are hiring - Data Scientist Responsibilities - Designing, mining, testing machine learning algorithms for delivering valued information from DYNO data warehouse. - Doing ad-hoc analytics and presenting results - Selecting features, building, optimizing algorithms Requirements - BS/MS degree in Computer Science, Engineering or a related subject - Good at machine learning algorithms - (Plus) Familiar with big data system (Volume, variety and velocity) - (Plus) Domain knowledge (E-commerce / Finance / Retail / Real estate / Advertising)
  • 47. JOIN THE FLIGHT IO Extended 2017 Facebook: fb/pham.phuong.tu Twitter: @phamptu Slideshare: /phamphuongtu Email: tu@dyno.vn