SlideShare ist ein Scribd-Unternehmen logo

Cloud Security - A Visibility Challenge

•
•
Raffael Marty
Raffael Marty

Cloud security really boils down to a visibility challenge. I am showing why companies are moving to the cloud and what the security implications are. The security challenges boil down to a visibility, which in turn is a big data challenge. Loggly, a logging as a service provider, addresses this visibility challenge by providing a big data, cloud logging platform. The presentation outlines some visualization use-cases that can be built on top of the Loggly platform to support visibility into cloud operations.

TechnologieBusiness
1 von 30
Downloaden Sie, um offline zu lesen
Cloud Security A Visibility Challenge Raffael Marty - @zrlram UNAM 2010, Mexico City Wednesday, December 1, 2010
Raffael Marty • Founder @ • Chief Security Strategist and Product Manager @ Splunk • Manager Solutions @ ArcSight • Intrusion Detection Research @ IBM Research • IT Security Consultant @ PriceWaterhouse Coopers Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 Logging as a Service 2 © by Raffael Marty Wednesday, December 1, 2010
Agenda •Data Centers •Visibility and Big Data •The Cloud •Logging as a Service •A New Risk Landscape Logging as a Service 3 © by Raffael Marty Wednesday, December 1, 2010
Data Centers 4 Wednesday, December 1, 2010
11.8 million servers in data centers “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 5 Wednesday, December 1, 2010
Servers are used at only 15% of their capacity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 6 Wednesday, December 1, 2010
800 billion dollars spent yearly on purchasing and maintaining enterprise software 80% of enterprise software expenditure is on installation and maintenance of software “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 7 Wednesday, December 1, 2010
Data centers consume up to 100 times more per square foot than a typical office building Data centers consume 1.5% of the USA’s electricity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 8 Wednesday, December 1, 2010
From 2001 to 2006: • Number of servers doubled • Average power consumption per server quadrupled “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 9 Wednesday, December 1, 2010
Green technologies can reduce energy costs by 50% “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 10 Wednesday, December 1, 2010
The Cloud 11 Wednesday, December 1, 2010
The Public Cloud IaaS - Infrastructure PaaS - Platform SaaS - Software Enterprise Infrastructure Services LaaS - Logging XaaS - DNS / RDBMS /... Raffael Marty - @zrlram 12 Wednesday, December 1, 2010
Cloud “Features” • Almost infinite resources - on demand • Pay as you go • Elasticity - dynamic load allocation • Quality of service guarantees (SLAs) • Outsource non-core capabilities / responsibilities • Forces operations to streamline and automate • Availability of infrastructure services (load balancing, database, logging, etc.) • Enables higher availability - Provision in multiple data centers / multiple instances Raffael Marty - @zrlram 13 Wednesday, December 1, 2010
Why Companies Move to the Cloud “If you move your data centre to a cloud provider, it will cost a tenth of the cost.” – Brian Gammage, Gartner Fellow “Using cloud infrastructures saves 18% to 29% before considering that you no longer need to buy for peak capacity” - George Reese, founder Valtira and enStratus “Web service providers offer APIs that enable developers to exploit functionality over the Internet, rather than delivering full-blown applications.” - Infoworld Raffael Marty - @zrlram 14 Wednesday, December 1, 2010
Why Companies Move to the Cloud • Ecological considerations drive economical decisions • Increased Efficiency due to better use of resources • More predictable cost • IT staff can be freed up for other initiatives • Design with redundancy and failure tolerance needed • Automation is necessary, but is a good thing • Easy integration of services for non-core capabilities (RDBMS, Load balancing, etc.) Raffael Marty - @zrlram 15 Wednesday, December 1, 2010
Changes in Security • The Good - Cloud homogeneity makes security auditing/testing simpler - Clouds enable automated security management - Redundancy / Disaster Recovery - Distributed denial of service (DDoS) protection • The Bad? - Loss of physical control - No more network-based Intrusion Detection - No data leak prevention (DLP) - Little network routing mechanisms Raffael Marty - @zrlram 16 Wednesday, December 1, 2010
What Has Changed • Data Storage and Access - Isolation management / data multi-tenancy - Data retention issues - Data dispersal and international privacy laws ‣ EU Data Protection Directive and U.S. Safe Harbor program ‣ Exposure of data to foreign governments and data subpoenas • Processing Infrastructure - Application multi-tenancy - Reliance on hypervisors - Process isolation / Application sandboxes Raffael Marty - @zrlram 17 Wednesday, December 1, 2010
Your New Risk Landscape 18 Wednesday, December 1, 2010
Risk = (Threat, Vulnerability) • Shared resources • Hypervisor escaping • Using external services • Stored credentials Proprietary implementations can’t be examined - • Web ubiquity - Availability of services - Confidentiality of services • Malicious insiders • Data storage • Trusting vendor’s security model - Obtaining support for investigations - Inability to respond to audit findings Raffael Marty - @zrlram 19 Wednesday, December 1, 2010
Visibility and Big Data 20 Wednesday, December 1, 2010
Visibility Raffael Marty - @zrlram 21 Wednesday, December 1, 2010
Visibility • Monitoring - Performance - Availability - Ephemeral Infrastructure IaaS - Similar to before • Security PaaS - Lack of Infrastructure - New Threats SaaS - Blind? - New Vulnerabilities - Different Risk Distribution Raffael Marty - @zrlram 22 Wednesday, December 1, 2010
Application Visibility • If you can’t control the infrastructure, control your applications • Application logging - need guidelines - better tools - education of developers / students? • Challenges - how to centrally collect all the data - how to mine the data - how to use/understand the data See: Raffael Marty, “Cloud Application Logging for Forensics”, SAC 2011, Taipei. Raffael Marty - @zrlram 23 Wednesday, December 1, 2010
Big Data • NoSQL • Distributed data stores • Distributed queues • Map reduce • ETL (Extract, Transform, Load) • ... Raffael Marty - @zrlram 24 Wednesday, December 1, 2010
LaaS - Logging as a Service • Log collection Benefits • all data in one place • No installation • Great scalability • Log storage and management • Easy configuration • 7x24 availability • No maintenance • Pay as you go • index, storage, archive • Extremely fast log search across all your data • data source agnostic (no parsers) • innovative Web shell • API log access • oAuth authentication • always on Logging as a Service 25 © by Raffael Marty Wednesday, December 1, 2010
“Logging Bus” Machines Mashups mobile-166 My syslog Users • Logs published to bus • Consumers read from bus Bus Individuals Mashups • Situational awareness Clouds Small businesses • Security forensics Data centers • Security monitoring Logging as a Service 26 © by Raffael Marty Wednesday, December 1, 2010
Situational Awareness • Treemap • Protovis.JS • Size: Amount • Brightness: Variance • Color: Sensor • Shows: Scans - bright spots • Thanks to Chris Horsley Logging as a Service 27 © by Raffael Marty Wednesday, December 1, 2010
Forensics mobile-166 My syslog Logging as a Service 28 Š by Raffael Marty Wednesday, December 1, 2010
Security Visualization www.secviz.org Logging as a Service 29 Š by Raffael Marty Wednesday, December 1, 2010
about.me/raffy loggly.com/signup 30 Wednesday, December 1, 2010

Empfohlen

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 Predictions
Raffael Marty
 
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Marco Garcia
 
Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101
Adam Doyle
 
Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019
Adam Doyle
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera
 
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Insight Technology, Inc.
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
Jeremy Brown
 
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
DataWorks Summit
 

Empfohlen

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 Predictions
Raffael Marty
 
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Marco Garcia
 
Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101
Adam Doyle
 
Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019
Adam Doyle
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera
 
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Insight Technology, Inc.
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
Jeremy Brown
 
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
DataWorks Summit
 
IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
Ivo Andreev
 
Architecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big Data
Richard McDougall
 
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
Cloudera, Inc.
 
The Destiny of Data
The Destiny of DataThe Destiny of Data
The Destiny of Data
Hortonworks
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wireless
LINAGORA
 
Big Data Application Architectures - IoT
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoT
DataWorks Summit/Hadoop Summit
 
Hortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your data
Scott Clinton
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache Accumulo
Sqrrl
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
DataWorks Summit
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
Rochester Security Summit
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013
IntelAPAC
 
Reference architecture for Internet of Things
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of Things
Sujee Maniyam
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AI
DataWorks Summit
 
Hadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes Keynote
Mark van Rijmenam
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
DataCentred
 
Logging at scale: doing more with less
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with less
AndrĂŠ Fucs de Miranda
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure
HTS Hosting
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for Telcos
Cloudera, Inc.
 
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
Naoki (Neo) SATO
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and Governed
Cloudera, Inc.
 
Visualization: Transforming How We View Security
Visualization: Transforming How We View SecurityVisualization: Transforming How We View Security
Visualization: Transforming How We View Security
digitallibrary
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
CipherCloud
 

Weitere ähnliche Inhalte

Was ist angesagt?

IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
Ivo Andreev
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache Accumulo
Sqrrl
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
Rochester Security Summit
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013
IntelAPAC
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AI
DataWorks Summit
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and Governed
Cloudera, Inc.
 

Was ist angesagt? (20)

IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
 
Architecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big Data
 
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
 
The Destiny of Data
The Destiny of DataThe Destiny of Data
The Destiny of Data
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wireless
 
Big Data Application Architectures - IoT
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoT
 
Hortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your data
 
Performance Models for Apache Accumulo
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache Accumulo
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
 
Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013
 
Reference architecture for Internet of Things
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of Things
 
Breaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AI
 
Hadoop Big Data Lakes Keynote
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes Keynote
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
 
Logging at scale: doing more with less
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with less
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for Telcos
 
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and Governed
 

Andere mochten auch

Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Amazon Web Services
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
Amazon Web Services
 
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
VMware Tanzu
 
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
Amazon Web Services
 
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
DevOps Enterprise Summit
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 

Andere mochten auch (10)

Visualization: Transforming How We View Security
Visualization: Transforming How We View SecurityVisualization: Transforming How We View Security
Visualization: Transforming How We View Security
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
 
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
Achieve cloud visibility, control and automation with IBM Hybrid Cloud Manage...
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
 
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
In Pursuit of Complete Visibility within Cloud Foundry (Cloud Foundry Summit ...
 
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...
 
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
Anand Ahire - Electric Cloud - Visibility, Coordination, Control. Getting st...
 
Cloud Management with vRealize Operations
Cloud Management with vRealize OperationsCloud Management with vRealize Operations
Cloud Management with vRealize Operations
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 

Ähnlich wie Cloud Security - A Visibility Challenge

The Sun Cloud
The Sun CloudThe Sun Cloud
The Sun Cloud
Megan Eskey
 
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ SystemsLogical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
Denodo
 
Announcing RTI Connext
Announcing RTI ConnextAnnouncing RTI Connext
Announcing RTI Connext
Real-Time Innovations (RTI)
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRB
Michael Zimmer
 

Ähnlich wie Cloud Security - A Visibility Challenge (20)

Cloudy with a chance of downtime
Cloudy with a chance of downtimeCloudy with a chance of downtime
Cloudy with a chance of downtime
 
Cloud - Security - Big Data
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big Data
 
Iia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V FinalIia 2012 Spring Conference Philly V Final
Iia 2012 Spring Conference Philly V Final
 
Cloud Security: Trust and Transformation
Cloud Security: Trust and TransformationCloud Security: Trust and Transformation
Cloud Security: Trust and Transformation
 
Easing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDSEasing Integration of Large-Scale Real-Time Systems with DDS
Easing Integration of Large-Scale Real-Time Systems with DDS
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risks
 
Top 10 Data Center Success Criteria
Top 10 Data Center Success CriteriaTop 10 Data Center Success Criteria
Top 10 Data Center Success Criteria
 
PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent PXL Data Engineering Workshop By Selligent
PXL Data Engineering Workshop By Selligent
 
The Sun Cloud
The Sun CloudThe Sun Cloud
The Sun Cloud
 
Turn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWSTurn Big Data into Big Value on Informatica and AWS
Turn Big Data into Big Value on Informatica and AWS
 
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ SystemsLogical Data Fabric and Industry-Focused Solutions by IQZ Systems
Logical Data Fabric and Industry-Focused Solutions by IQZ Systems
 
Announcing RTI Connext
Announcing RTI ConnextAnnouncing RTI Connext
Announcing RTI Connext
 
Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010Peering Through the Cloud Forrester EMEA 2010
Peering Through the Cloud Forrester EMEA 2010
 
Big Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & VirtualizationBig Data: Movement, Warehousing, & Virtualization
Big Data: Movement, Warehousing, & Virtualization
 
Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017Scality SDS Day, London, 20 SEP 2017
Scality SDS Day, London, 20 SEP 2017
 
OMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time SystemsOMG DDS: The Data Distribution Service for Real-Time Systems
OMG DDS: The Data Distribution Service for Real-Time Systems
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRB
 
Redrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierRedrawing the Cyber Defense Frontier
Redrawing the Cyber Defense Frontier
 
OMG DDS Tutorial - Part I
OMG DDS Tutorial - Part IOMG DDS Tutorial - Part I
OMG DDS Tutorial - Part I
 
Service goes accessible_2013_sh
Service goes accessible_2013_shService goes accessible_2013_sh
Service goes accessible_2013_sh
 

Mehr von Raffael Marty

Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
Raffael Marty
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
Raffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
Raffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 

Mehr von Raffael Marty (20)

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data Visualization
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 

KĂźrzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

KĂźrzlich hochgeladen (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

Cloud Security - A Visibility Challenge

  • 1. Cloud Security A Visibility Challenge Raffael Marty - @zrlram UNAM 2010, Mexico City Wednesday, December 1, 2010
  • 2. Raffael Marty • Founder @ • Chief Security Strategist and Product Manager @ Splunk • Manager Solutions @ ArcSight • Intrusion Detection Research @ IBM Research • IT Security Consultant @ PriceWaterhouse Coopers Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 Logging as a Service 2 Š by Raffael Marty Wednesday, December 1, 2010
  • 3. Agenda •Data Centers •Visibility and Big Data •The Cloud •Logging as a Service •A New Risk Landscape Logging as a Service 3 Š by Raffael Marty Wednesday, December 1, 2010
  • 4. Data Centers 4 Wednesday, December 1, 2010
  • 5. 11.8 million servers in data centers “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 5 Wednesday, December 1, 2010
  • 6. Servers are used at only 15% of their capacity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 6 Wednesday, December 1, 2010
  • 7. 800 billion dollars spent yearly on purchasing and maintaining enterprise software 80% of enterprise software expenditure is on installation and maintenance of software “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 7 Wednesday, December 1, 2010
  • 8. Data centers consume up to 100 times more per square foot than a typical office building Data centers consume 1.5% of the USA’s electricity “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 8 Wednesday, December 1, 2010
  • 9. From 2001 to 2006: • Number of servers doubled • Average power consumption per server quadrupled “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 9 Wednesday, December 1, 2010
  • 10. Green technologies can reduce energy costs by 50% “Effectively and Securely Using the Cloud Computing Paradigm AWS services” - Peter Mell, Tim Grance, NIST Raffael Marty - @zrlram 10 Wednesday, December 1, 2010
  • 11. The Cloud 11 Wednesday, December 1, 2010
  • 12. The Public Cloud IaaS - Infrastructure PaaS - Platform SaaS - Software Enterprise Infrastructure Services LaaS - Logging XaaS - DNS / RDBMS /... Raffael Marty - @zrlram 12 Wednesday, December 1, 2010
  • 13. Cloud “Features” • Almost infinite resources - on demand • Pay as you go • Elasticity - dynamic load allocation • Quality of service guarantees (SLAs) • Outsource non-core capabilities / responsibilities • Forces operations to streamline and automate • Availability of infrastructure services (load balancing, database, logging, etc.) • Enables higher availability - Provision in multiple data centers / multiple instances Raffael Marty - @zrlram 13 Wednesday, December 1, 2010
  • 14. Why Companies Move to the Cloud “If you move your data centre to a cloud provider, it will cost a tenth of the cost.” – Brian Gammage, Gartner Fellow “Using cloud infrastructures saves 18% to 29% before considering that you no longer need to buy for peak capacity” - George Reese, founder Valtira and enStratus “Web service providers offer APIs that enable developers to exploit functionality over the Internet, rather than delivering full-blown applications.” - Infoworld Raffael Marty - @zrlram 14 Wednesday, December 1, 2010
  • 15. Why Companies Move to the Cloud • Ecological considerations drive economical decisions • Increased Efficiency due to better use of resources • More predictable cost • IT staff can be freed up for other initiatives • Design with redundancy and failure tolerance needed • Automation is necessary, but is a good thing • Easy integration of services for non-core capabilities (RDBMS, Load balancing, etc.) Raffael Marty - @zrlram 15 Wednesday, December 1, 2010
  • 16. Changes in Security • The Good - Cloud homogeneity makes security auditing/testing simpler - Clouds enable automated security management - Redundancy / Disaster Recovery - Distributed denial of service (DDoS) protection • The Bad? - Loss of physical control - No more network-based Intrusion Detection - No data leak prevention (DLP) - Little network routing mechanisms Raffael Marty - @zrlram 16 Wednesday, December 1, 2010
  • 17. What Has Changed • Data Storage and Access - Isolation management / data multi-tenancy - Data retention issues - Data dispersal and international privacy laws ‣ EU Data Protection Directive and U.S. Safe Harbor program ‣ Exposure of data to foreign governments and data subpoenas • Processing Infrastructure - Application multi-tenancy - Reliance on hypervisors - Process isolation / Application sandboxes Raffael Marty - @zrlram 17 Wednesday, December 1, 2010
  • 18. Your New Risk Landscape 18 Wednesday, December 1, 2010
  • 19. Risk = (Threat, Vulnerability) • Shared resources • Hypervisor escaping • Using external services • Stored credentials Proprietary implementations can’t be examined - • Web ubiquity - Availability of services - Confidentiality of services • Malicious insiders • Data storage • Trusting vendor’s security model - Obtaining support for investigations - Inability to respond to audit findings Raffael Marty - @zrlram 19 Wednesday, December 1, 2010
  • 20. Visibility and Big Data 20 Wednesday, December 1, 2010
  • 21. Visibility Raffael Marty - @zrlram 21 Wednesday, December 1, 2010
  • 22. Visibility • Monitoring - Performance - Availability - Ephemeral Infrastructure IaaS - Similar to before • Security PaaS - Lack of Infrastructure - New Threats SaaS - Blind? - New Vulnerabilities - Different Risk Distribution Raffael Marty - @zrlram 22 Wednesday, December 1, 2010
  • 23. Application Visibility • If you can’t control the infrastructure, control your applications • Application logging - need guidelines - better tools - education of developers / students? • Challenges - how to centrally collect all the data - how to mine the data - how to use/understand the data See: Raffael Marty, “Cloud Application Logging for Forensics”, SAC 2011, Taipei. Raffael Marty - @zrlram 23 Wednesday, December 1, 2010
  • 24. Big Data • NoSQL • Distributed data stores • Distributed queues • Map reduce • ETL (Extract, Transform, Load) • ... Raffael Marty - @zrlram 24 Wednesday, December 1, 2010
  • 25. LaaS - Logging as a Service • Log collection Benefits • all data in one place • No installation • Great scalability • Log storage and management • Easy configuration • 7x24 availability • No maintenance • Pay as you go • index, storage, archive • Extremely fast log search across all your data • data source agnostic (no parsers) • innovative Web shell • API log access • oAuth authentication • always on Logging as a Service 25 Š by Raffael Marty Wednesday, December 1, 2010
  • 26. “Logging Bus” Machines Mashups mobile-166 My syslog Users • Logs published to bus • Consumers read from bus Bus Individuals Mashups • Situational awareness Clouds Small businesses • Security forensics Data centers • Security monitoring Logging as a Service 26 Š by Raffael Marty Wednesday, December 1, 2010
  • 27. Situational Awareness • Treemap • Protovis.JS • Size: Amount • Brightness: Variance • Color: Sensor • Shows: Scans - bright spots • Thanks to Chris Horsley Logging as a Service 27 Š by Raffael Marty Wednesday, December 1, 2010
  • 28. Forensics mobile-166 My syslog Logging as a Service 28 Š by Raffael Marty Wednesday, December 1, 2010
  • 29. Security Visualization www.secviz.org Logging as a Service 29 Š by Raffael Marty Wednesday, December 1, 2010
  • 30. about.me/raffy loggly.com/signup 30 Wednesday, December 1, 2010