Soumettre la recherche
Mettre en ligne
Cloud security and security architecture
•
Télécharger en tant que PPTX, PDF
•
19 j'aime
•
27,876 vues
Vladimir Jirasek
Suivre
Presentation that I gave at ISC2 SecureLondon conference in London on 11th December 2012.
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 12
Télécharger maintenant
Recommandé
Cloud Security: A New Perspective
Cloud Security: A New Perspective
Wen-Pai Lu
Cloud security Presentation
Cloud security Presentation
Ajay p
Cloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
Data security in cloud computing
Data security in cloud computing
Prince Chandu
Cloud Computing - An Introduction
Cloud Computing - An Introduction
Ravindra Dastikop
Cloud Computing Security
Cloud Computing Security
Ninh Nguyen
Cyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
Cloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
Recommandé
Cloud Security: A New Perspective
Cloud Security: A New Perspective
Wen-Pai Lu
Cloud security Presentation
Cloud security Presentation
Ajay p
Cloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
Data security in cloud computing
Data security in cloud computing
Prince Chandu
Cloud Computing - An Introduction
Cloud Computing - An Introduction
Ravindra Dastikop
Cloud Computing Security
Cloud Computing Security
Ninh Nguyen
Cyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
Cloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
Cloud security ppt
Cloud security ppt
Venkatesh Chary
Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
Cloud Security
Cloud Security
AWS User Group Bengaluru
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
Cloud Security Strategy
Cloud Security Strategy
Capgemini
Cloud security
Cloud security
Niharika Varshney
Cloud computing security
Cloud computing security
Akhila Param
Microsoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
Eryk Budi Pratama
NIST cybersecurity framework
NIST cybersecurity framework
Shriya Rai
Next-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
Cloud security
Cloud security
Tushar Kayande
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
The Trouble with Cloud Forensics
The Trouble with Cloud Forensics
Sharique Rizvi
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
Security Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
Cloud security
Cloud security
BikashPokharel3
2012 10 cloud security architecture
2012 10 cloud security architecture
Vladimir Jirasek
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Chad Lawler
Contenu connexe
Tendances
Cloud security ppt
Cloud security ppt
Venkatesh Chary
Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
Cloud Security
Cloud Security
AWS User Group Bengaluru
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
Cloud Security Strategy
Cloud Security Strategy
Capgemini
Cloud security
Cloud security
Niharika Varshney
Cloud computing security
Cloud computing security
Akhila Param
Microsoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
Eryk Budi Pratama
NIST cybersecurity framework
NIST cybersecurity framework
Shriya Rai
Next-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
Cloud security
Cloud security
Tushar Kayande
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
The Trouble with Cloud Forensics
The Trouble with Cloud Forensics
Sharique Rizvi
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
Security Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
Cloud security
Cloud security
BikashPokharel3
Tendances
(20)
Cloud security ppt
Cloud security ppt
Identity and Access Management (IAM)
Identity and Access Management (IAM)
Cloud Security
Cloud Security
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Cloud Security Strategy
Cloud Security Strategy
Cloud security
Cloud security
Cloud computing security
Cloud computing security
Microsoft Zero Trust
Microsoft Zero Trust
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
NIST cybersecurity framework
NIST cybersecurity framework
Next-Gen security operation center
Next-Gen security operation center
Cloud security
Cloud security
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
The Trouble with Cloud Forensics
The Trouble with Cloud Forensics
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Security Issues of Cloud Computing
Security Issues of Cloud Computing
Cloud security
Cloud security
Similaire à Cloud security and security architecture
2012 10 cloud security architecture
2012 10 cloud security architecture
Vladimir Jirasek
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Chad Lawler
Resarch paper i cloud computing
Resarch paper i cloud computing
Bharat Gupta
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
n|u - The Open Security Community
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
Khazret Sapenov
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
L S Subramanian
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
Trend Micro (EMEA) Limited
Cloud security ely kahn
Cloud security ely kahn
Ely Kahn
Cloud Security - Made simple
Cloud Security - Made simple
Sameer Paradia
Enterprise Security in Cloud
Enterprise Security in Cloud
Lenin Aboagye
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Symosis Security (Previously C-Level Security)
Security of,for & by cloud
Security of,for & by cloud
Lakshmi Subramanian
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Cisco Public Relations
Cloud computing
Cloud computing
saralaanuj
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Amazon Web Services
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
UNIT4 IT Solutions
CloudPassage Overview
CloudPassage Overview
CloudPassage
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
Amazon Web Services
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
EnterpriseGRC Solutions, Inc.
451 Research Client Event Nov 10
451 Research Client Event Nov 10
stavvmc
Similaire à Cloud security and security architecture
(20)
2012 10 cloud security architecture
2012 10 cloud security architecture
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Resarch paper i cloud computing
Resarch paper i cloud computing
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
Cloud security ely kahn
Cloud security ely kahn
Cloud Security - Made simple
Cloud Security - Made simple
Enterprise Security in Cloud
Enterprise Security in Cloud
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Security of,for & by cloud
Security of,for & by cloud
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Cloud computing
Cloud computing
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
CloudPassage Overview
CloudPassage Overview
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
451 Research Client Event Nov 10
451 Research Client Event Nov 10
Plus de Vladimir Jirasek
Vulnerability management - beyond scanning
Vulnerability management - beyond scanning
Vladimir Jirasek
Vulnerability Management @ DevSecOps London Gathering
Vulnerability Management @ DevSecOps London Gathering
Vladimir Jirasek
C-Level tools for Cloud security
C-Level tools for Cloud security
Vladimir Jirasek
Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...
Vladimir Jirasek
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
Vladimir Jirasek
Security architecture for LSE 2009
Security architecture for LSE 2009
Vladimir Jirasek
Mobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risks
Vladimir Jirasek
Information Risk Security model and metrics
Information Risk Security model and metrics
Vladimir Jirasek
Integrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processes
Vladimir Jirasek
Securing mobile population for White Hats
Securing mobile population for White Hats
Vladimir Jirasek
Security models for security architecture
Security models for security architecture
Vladimir Jirasek
Meaningfull security metrics
Meaningfull security metrics
Vladimir Jirasek
CAMM presentation for Cyber Security Gas and Oil june 2011
CAMM presentation for Cyber Security Gas and Oil june 2011
Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
Vladimir Jirasek
Qualys Webex 24 June 2008
Qualys Webex 24 June 2008
Vladimir Jirasek
Federation For The Cloud Opportunities For A Single Identity
Federation For The Cloud Opportunities For A Single Identity
Vladimir Jirasek
Plus de Vladimir Jirasek
(16)
Vulnerability management - beyond scanning
Vulnerability management - beyond scanning
Vulnerability Management @ DevSecOps London Gathering
Vulnerability Management @ DevSecOps London Gathering
C-Level tools for Cloud security
C-Level tools for Cloud security
Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
Security architecture for LSE 2009
Security architecture for LSE 2009
Mobile security summit - 10 mobile risks
Mobile security summit - 10 mobile risks
Information Risk Security model and metrics
Information Risk Security model and metrics
Integrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processes
Securing mobile population for White Hats
Securing mobile population for White Hats
Security models for security architecture
Security models for security architecture
Meaningfull security metrics
Meaningfull security metrics
CAMM presentation for Cyber Security Gas and Oil june 2011
CAMM presentation for Cyber Security Gas and Oil june 2011
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
ISE UK&Ireland 2008 Showcase Nominee Presentation Vladimir Jirasek
Qualys Webex 24 June 2008
Qualys Webex 24 June 2008
Federation For The Cloud Opportunities For A Single Identity
Federation For The Cloud Opportunities For A Single Identity
Dernier
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
null - The Open Security Community
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
BookNet Canada
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
LBM Solutions
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Neo4j
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Softradix Technologies
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Precisely
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
BookNet Canada
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Dernier
(20)
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Cloud security and security architecture
1.
Security architecture and
Cloud computing, are these mutually exclusive? (Introduction to Cloud Security Guidance)
2.
Agenda
Cloud risk assessment x compared to traditional risk assessments Cloud security architectures x compared to security architectures CSA domains Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
3.
Cloud risk assessment
Identify Context assets establishment Map the data Evaluate flows assets Risk Risk communication assessment Evaluate Map to Cloud Cloud deployments models and Risk treatment models Providers Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
4.
Cloud model Broad network
Rapid elasticity Measured On-demand access service service Resource pooling Software as a Platform as a Infrastructure Service (SaaS) Service (SaaS) as a Service (SaaS) Publi Private Hybrid Community c Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
5.
Cloud computing deployment
models Infrastructure Infrastructure Infrastructure Accessible and managed by owned by located consumed by Third party Third party Public Off-premise Untrusted provider provider Organisation Organisation On-premise Private/ o Trusted Community r 3rd party 3rdparty Off-Premise provider provider Both Organisation Both Organisation Both On-Premise Trusted & Hybrid & Third party & Third party & Off-Premise Untrusted provider provider Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
6.
Cloud model maps
to Security model Cloud model GRC Business continuity SIEM Data security Identity, Access Direct map Cryptography Application sec. Host security Network security Physical security Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
7.
Responsibilities for areas
in security model compared to delivery models Provider responsible Customer responsible GRC Business continuity SIEM Identity, Access Cryptography Data security Application sec. Host security Network security Physical security IaaS PaaS SaaS IaaS PaaS SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
8.
Cloud Security Domains
Governance Operational Governance and Enterprise Risk Traditional Security, Business Management Continuity and Disaster Recovery Legal Issues: Contracts and Electronic Data Center Operations Discovery Incident Response, Notification and Compliance and Audit Remediation Information Management and Data Application Security Security Encryption and Key Management Portability and Interoperability Identity and Access Management Virtualization Security as a Service Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
9.
Cloud Security Alliance
supports number of projects related to cloud Get involved at https://cloudsecurityalliance.org/resea rch/https://cloudsecurityalliance.org.uk Copyright © 2012 Cloud Security Alliance
10.
How to manage
cloud security • Have a cloud security standard • What to do on an Enterprise level • Before your Cloud project • During your Cloud project How to drive out the • BAU 'seven deadly sins' of cloud computing - new Information Security • Exit from the Cloud provider Forum report • Risks cannot be outsourced • Manage lock-in and exit up-front – especially in SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
11.
Contact Help us secure
cloud computing – Get involved • http://cloudsecurityalliance.org.uk • info@cloudsecurityalliance.org.uk • LinkedIn: http://www.linkedin.com/groups/Cloud- Security-Alliance-UK-Chapter-3745837 • Twitter: @CSAUKResearch Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
12.
Thank you!
www.cloudsecurityalliance.org
Notes de l'éditeur
Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates
Télécharger maintenant