Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Waratek presentation for RANT November 2016

374 vues

Publié le

Three keys to improving Application Security, using Runtime Application Self Protection (RASP) by virtualization

Publié dans : Technologie
  • Identifiez-vous pour voir les commentaires

  • Soyez le premier à aimer ceci

Waratek presentation for RANT November 2016

  1. 1. Application Security is like a Bottomless Pit Brian Maccaba, CEO Highly accurate. Easy to install. Simple to Operate. Copyright2016Waratek–AllRightsReserved
  2. 2. It is a good thing to follow the First Law of Holes: if you are in one, stop digging. Denis Winston Healey, MP Highly accurate. Easy to install. Simple to Operate.  90+% of attacks are aimed at the application layer  Developers downloaded code with known vulnerabilities more than 2 billion times in 2015 Yet..  The investment ratio in network security vs app security is 20+;1  Investing in application security ranks 14 out of 17 priorities says SANS Copyright2016Waratek–AllRightsReserved
  3. 3. Three Keys to Improving Application Security Highly accurate. Easy to install. Simple to Operate. Speed of Deployment Effectiveness of Remediation Cost Competitiveness Copyright2016Waratek–AllRightsReserved
  4. 4. Speed Today Highly accurate. Easy to install. Simple to Operate. “Two principles underlie all strategic planning. Act with the utmost concentration; Act with the utmost speed.” – Carl von Clausewitz “…be swift as the wind; as unfathomable as the clouds, move like a thunderbolt.” – Sun Tzu Copyright2016Waratek–AllRightsReserved
  5. 5. Speed Tomorrow Highly accurate. Easy to install. Simple to Operate. Copyright2016Waratek–AllRightsReserved
  6. 6. Effective Application Security Highly accurate. Easy to install. Simple to Operate. VIRTUALIZATION TODAY’S ALTERNATIVES OWASP TOP 10 RULES + BASIC SECURITY PROFILE SAST SCAN, CODE RE-WRITE or WAF REGEX TUNING PROTECTS THE APPLICATION PLATFORM INSTALL NEW BINARIES VIRTUAL CRITICAL PATCH UPDATES INSTALL NEW BINARIES APPLICATION HARDENING NO ALTERNATIVE EXISTS ZERO DAY ATTACKS VIRTUAL UPDATE BINARY CHANGES WHEN SUPPLIER RE-WRITES CODE Copyright2016Waratek–AllRightsReserved
  7. 7. Virtualization Protection <5K Minutes 8-40K Months 5-300K Months 4-30K Weeks Cost Time PerApplication Traditional Approach Patch Fix Code Find Flaws Cost Competitive Application Security Highly accurate. Easy to install. Simple to Operate. Copyright2016Waratek–AllRightsReserved

×