SlideShare a Scribd company logo

Nimbo/Alert Logic - Azure in the Cloud

Download as PPT, PDF
Alert Logic
Alert Logic

Johnathan Norman Nimbo/AL/Azure Event in a Box 01/27

Internet
1 of 21
Alert Logic – Azure Cloud Security Johnathan Norman Cloud Solutions Architect jnorman@alertlogic.com
Agenda • Key Findings: Cloud Security Report, Spring 2014 - Alert Logic Customer Data - Honeypot Research • Common Azure Security & Compliance Issues • Alert Logic for Azure - Log Manager - Threat Manager - Web Security Manager
Cloud Adoption is Gaining Momentum • Major Public cloud vendors predicted to eclipse $10B in revenue by 2015 • Oracle Cloud bookings increased by 35% in 2013 • Gartner predicts 60% of banking institutions to migrate to the cloud • Healthcare is expected to adopt cloud computing at a 21% year over year rate through 2017 • VDI (Desktop as a Service) market reached $13.4 billion in 2013
Over 2,800 Organizations Worldwide Trust Alert Logic Millions of devices secured 3.7 Petabytes of log data under management 8.5 Million security events correlated per day 40,000 incidents identified and reviewed per month
Threats in the Cloud are Increasing With Adoption • Increase in attack frequency • Traditional on-premises threats are now moving to the cloud • Majority of cloud incidents were related to web application attacks, brute force attacks, and vulnerability scans • Brute force attacks and vulnerability scans are now occurring at near-equivalent rates in both cloud and on-premises environments • Malware/Botnet is increasing year over year
Global Honeypot Network Why Honeypots? •Honeypots give us a unique data set •Simulates vulnerable systems without the risk of real data loss •Gives the ability to collect intelligence from malicious attackers •Allows for collection of various different attacks based on system •Helps identify what industry specific targets are out there
Honeypot Findings https://www.alertlogic.com/wp-content/uploads/2014/08/alertlogic-HoneypotFindings2014-infographic.pdf
Common Azure Compliance & Security Issues Secure your code Know your scope Instance Isolation Shared Responsibility Storage Key Management 1 2 3 4 5 6 7
1- Secure Your Code – Implement SDL
1- Secure Your Code – Sharing is bad…
2- Know Your Scope Web Traffic Web Role Web Role Azure Website Azure Website Azure Storage Azure Storage Traffic Manager
2 – Know your scope
3 – Instance Isolation worker rolesweb roles service endpoint service endpoint Virtual NetworkVirtual Network Web Traffic
4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2. Path = http://blah.storage.azure.com/public/xyz/foo.jpg 3. UploadToPath(Path);
4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2.) Return SAS (write/expires 5 min) and Path 3.) Authenticate & Upload
5 - Security in the Cloud is a Shared Responsibility Customer Responsibilit y Foundation Services Hosts • Logical network segmentation • Perimeter security services • External DDoS, spoofing, and scanning prevented • Hardened hypervisor • System image library • Root access for customer • Access management • Patch management • Configuration hardening • Security monitoring • Log analysis Apps • Secure coding and best practices • Software and virtual patching • Configuration management • Access management • Application level attack monitoring • Network threat detection • Security monitoring Networks Cloud Service Provider Responsibilit y Compute Storage DB Network http://azure.microsoft.com/en-us/support/trust-center/compliance/
Alert Logic –Security Solutions
Security and Compliance is Challenging Skilled security resources are in high demand and hard to find Moving to cloud and hybrid IT environments brings different threats and complexities Maintaining continuous security and compliance is expensive
Applications Systems Networks Building a Security and Compliance Solution IDS Vulnerability Scanning Web Application Firewall Log Management Threat Intelligence Feeds SIEM Staff capable of: •Provisioning •Monitoring •Configuration and tuning •Researching incidents, emerging threats, and defining remediation steps Big Data Analytics Products Automated Correlation and Analytics People & Process
Alert Logic Solutions Alert Logic Threat Manager™ Alert Logic Web Security Manager™ Alert Logic Log Manager™ Alert Logic Unified Web User Interface Intrusion Detection & Vulnerability Scanning Log Management & Compliance Reporting Active Protection for Web Applications
Thank you.

Recommended

D do s_white_paper
D do s_white_paperD do s_white_paper
D do s_white_paperFrancisco Terrones Ramos
 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureK.Mohamed Faizal
 
Azure security
Azure securityAzure security
Azure securityLalit Rawat
 
Cloud security
Cloud securityCloud security
Cloud securityFrançois Boucher
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaCloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaEdureka!
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security complianceBryan Starbuck
 

Recommended

D do s_white_paper
D do s_white_paperD do s_white_paper
D do s_white_paperFrancisco Terrones Ramos
 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureK.Mohamed Faizal
 
Azure security
Azure securityAzure security
Azure securityLalit Rawat
 
Cloud security
Cloud securityCloud security
Cloud securityFrançois Boucher
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaCloud Security Tutorial | Cloud Security Fundamentals | AWS Training | Edureka
Cloud Security Tutorial | Cloud Security Fundamentals | AWS Training | EdurekaEdureka!
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security complianceBryan Starbuck
 
2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud SecurityTudor Damian
 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSJoseph Holbrook, Chief Learning Officer (CLO)
 
Seven Seas Technology
Seven Seas TechnologySeven Seas Technology
Seven Seas TechnologyUnnikrishnan P
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threatswhite paper
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Cloud Security
Cloud Security Cloud Security
Cloud Security Giovanni Mazzeo
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud ServicesDavid J Rosenthal
 
AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9Amazon Web Services
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAmazon Web Services
 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataAidan Finn
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The CloudMark Nunnikhoven
 
AWS Security
AWS Security AWS Security
AWS Security Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
Integration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesIntegration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesApcera
 
AWS User Group - Security & Compliance
AWS User Group - Security & ComplianceAWS User Group - Security & Compliance
AWS User Group - Security & ComplianceSatish Kumar Natarajan
 
Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity ProJohn Horn
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 

More Related Content

What's hot

2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud SecurityTudor Damian
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threatswhite paper
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud ServicesDavid J Rosenthal
 
AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9Amazon Web Services
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAmazon Web Services
 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataAidan Finn
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
Integration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesIntegration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesApcera
 
AWS User Group - Security & Compliance
AWS User Group - Security & ComplianceAWS User Group - Security & Compliance
AWS User Group - Security & ComplianceSatish Kumar Natarajan
 

What's hot (20)

2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security2016, A new era of OS and Cloud Security
2016, A new era of OS and Cloud Security
 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
 
Seven Seas Technology
Seven Seas TechnologySeven Seas Technology
Seven Seas Technology
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud Services
 
AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9AWS Summit Auckland Sponsor Presentation - Dome9
AWS Summit Auckland Sponsor Presentation - Dome9
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - Vocus
 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And Data
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The Cloud
 
AWS Security
AWS Security AWS Security
AWS Security
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 
Integration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices ArchitecturesIntegration Patterns and Anti-Patterns for Microservices Architectures
Integration Patterns and Anti-Patterns for Microservices Architectures
 
AWS User Group - Security & Compliance
AWS User Group - Security & ComplianceAWS User Group - Security & Compliance
AWS User Group - Security & Compliance
 

Viewers also liked

Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity ProJohn Horn
 
Azure vnet connectivity solutions
Azure vnet connectivity solutionsAzure vnet connectivity solutions
Azure vnet connectivity solutionsswapnilrkambli
 
Windows Azure Virtual Networks
Windows Azure Virtual NetworksWindows Azure Virtual Networks
Windows Azure Virtual NetworksÖnder Değer
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013sqlserver.co.il
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionMichele Leroux Bustamante
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure
 
Azure Express Route
Azure Express RouteAzure Express Route
Azure Express RouteMustafa
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAsaf Nakash
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingIlyas F ☁☁☁
 

Viewers also liked (11)

Azure Securtity Pro
Azure Securtity ProAzure Securtity Pro
Azure Securtity Pro
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azure
 
Azure vnet connectivity solutions
Azure vnet connectivity solutionsAzure vnet connectivity solutions
Azure vnet connectivity solutions
 
Windows Azure Virtual Networks
Windows Azure Virtual NetworksWindows Azure Virtual Networks
Windows Azure Virtual Networks
 
Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013Windows azure sql_database_security_isug012013
Windows azure sql_database_security_isug012013
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure Solution
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security Infographic
 
Azure Express Route
Azure Express RouteAzure Express Route
Azure Express Route
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
 

Similar to Nimbo/Alert Logic - Azure in the Cloud

Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...Adewole Shitta-bey
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...Amazon Web Services
 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use CasesJason Singh
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedNorm Barber
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --SymantecAbhishek Sood
 
How secured and safe is Cloud?
How secured and safe is Cloud?How secured and safe is Cloud?
How secured and safe is Cloud?IRJET Journal
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudAlert Logic
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloudAjay Rathi
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 

Similar to Nimbo/Alert Logic - Azure in the Cloud (20)

Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...Security concerns of cloud migration and its implications on cloud-enabled bu...
Security concerns of cloud migration and its implications on cloud-enabled bu...
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use Cases
 
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - SanitizedMigrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
 
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedMigrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
How secured and safe is Cloud?
How secured and safe is Cloud?How secured and safe is Cloud?
How secured and safe is Cloud?
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 

More from Alert Logic

Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and ResponseAlert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack SurfaceAlert Logic
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Security Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterSecurity Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: PresidioAlert Logic
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 

More from Alert Logic (20)

Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Security Spotlight: Rent-A-Center
Security Spotlight: Rent-A-CenterSecurity Spotlight: Rent-A-Center
Security Spotlight: Rent-A-Center
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Security Spotlight: Presidio
Security Spotlight: PresidioSecurity Spotlight: Presidio
Security Spotlight: Presidio
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 

Recently uploaded

哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样ayvbos
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Roommeghakumariji156
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.krishnachandrapal52
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...kajalverma014
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsMonica Sydney
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理F
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsMonica Sydney
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiMonica Sydney
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 

Recently uploaded (20)

哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 

Nimbo/Alert Logic - Azure in the Cloud

  • 1. Alert Logic – Azure Cloud Security Johnathan Norman Cloud Solutions Architect jnorman@alertlogic.com
  • 2. Agenda • Key Findings: Cloud Security Report, Spring 2014 - Alert Logic Customer Data - Honeypot Research • Common Azure Security & Compliance Issues • Alert Logic for Azure - Log Manager - Threat Manager - Web Security Manager
  • 3. Cloud Adoption is Gaining Momentum • Major Public cloud vendors predicted to eclipse $10B in revenue by 2015 • Oracle Cloud bookings increased by 35% in 2013 • Gartner predicts 60% of banking institutions to migrate to the cloud • Healthcare is expected to adopt cloud computing at a 21% year over year rate through 2017 • VDI (Desktop as a Service) market reached $13.4 billion in 2013
  • 4. Over 2,800 Organizations Worldwide Trust Alert Logic Millions of devices secured 3.7 Petabytes of log data under management 8.5 Million security events correlated per day 40,000 incidents identified and reviewed per month
  • 5. Threats in the Cloud are Increasing With Adoption • Increase in attack frequency • Traditional on-premises threats are now moving to the cloud • Majority of cloud incidents were related to web application attacks, brute force attacks, and vulnerability scans • Brute force attacks and vulnerability scans are now occurring at near-equivalent rates in both cloud and on-premises environments • Malware/Botnet is increasing year over year
  • 6. Global Honeypot Network Why Honeypots? •Honeypots give us a unique data set •Simulates vulnerable systems without the risk of real data loss •Gives the ability to collect intelligence from malicious attackers •Allows for collection of various different attacks based on system •Helps identify what industry specific targets are out there
  • 8. Common Azure Compliance & Security Issues Secure your code Know your scope Instance Isolation Shared Responsibility Storage Key Management 1 2 3 4 5 6 7
  • 9. 1- Secure Your Code – Implement SDL
  • 10. 1- Secure Your Code – Sharing is bad…
  • 11. 2- Know Your Scope Web Traffic Web Role Web Role Azure Website Azure Website Azure Storage Azure Storage Traffic Manager
  • 12. 2 – Know your scope
  • 13. 3 – Instance Isolation worker rolesweb roles service endpoint service endpoint Virtual NetworkVirtual Network Web Traffic
  • 14. 4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2. Path = http://blah.storage.azure.com/public/xyz/foo.jpg 3. UploadToPath(Path);
  • 15. 4 - Storage Key Management storage blob Azure Mobile Services 1. Upload() 2.) Return SAS (write/expires 5 min) and Path 3.) Authenticate & Upload
  • 16. 5 - Security in the Cloud is a Shared Responsibility Customer Responsibilit y Foundation Services Hosts • Logical network segmentation • Perimeter security services • External DDoS, spoofing, and scanning prevented • Hardened hypervisor • System image library • Root access for customer • Access management • Patch management • Configuration hardening • Security monitoring • Log analysis Apps • Secure coding and best practices • Software and virtual patching • Configuration management • Access management • Application level attack monitoring • Network threat detection • Security monitoring Networks Cloud Service Provider Responsibilit y Compute Storage DB Network http://azure.microsoft.com/en-us/support/trust-center/compliance/
  • 18. Security and Compliance is Challenging Skilled security resources are in high demand and hard to find Moving to cloud and hybrid IT environments brings different threats and complexities Maintaining continuous security and compliance is expensive
  • 19. Applications Systems Networks Building a Security and Compliance Solution IDS Vulnerability Scanning Web Application Firewall Log Management Threat Intelligence Feeds SIEM Staff capable of: •Provisioning •Monitoring •Configuration and tuning •Researching incidents, emerging threats, and defining remediation steps Big Data Analytics Products Automated Correlation and Analytics People & Process
  • 20. Alert Logic Solutions Alert Logic Threat Manager™ Alert Logic Web Security Manager™ Alert Logic Log Manager™ Alert Logic Unified Web User Interface Intrusion Detection & Vulnerability Scanning Log Management & Compliance Reporting Active Protection for Web Applications

Editor's Notes

  1. Highest volume of attacks occurred in Europe Attacks against Microsoft DS accounted for over 51% of the overall attack vectors Database services have been a consistent target Underscores the importance of a defense in depth strategy for the need to secure your cloud infrastructure