2. Vinay Bansal Lead Security Architect, Web and Application Security Cisco Systems iFront Internet Conference 2009 2010 2011 Security in Web 2.0, Social Web and Cloud 2012
12. Let’s twist these connections Users End Points Enablers Providers Data
13. Information Centric Security Users Data 1. Identify User, Authentication 2. Access to which data, Authorization 3. Secure Data Transfer : Encryption 4. Data Center Security 5. Data on Client : Client End Point Security
14.
15.
16. Regulations protecting end users Privacy Intellectual Property Business Continuity Regulatory Compliance HIPPA – Health PCI – Credit Cards EU Directive - …. Users Providers
17.
18.
19.
20.
21.
22. Cisco Story - 3 SDLC Secure Coding Training Application Vulnerability Assessment (AVA) Architecture Review Application Firewall Threat 3: How to continually improve Application Security? Tying Application Security Practice with Software Development Life Cycle (SDLC)