SlideShare ist ein Scribd-Unternehmen logo

Protect Your Data and Apps in the Public Cloud

Imperva
Imperva

This document discusses protecting applications and data in public clouds using Imperva security solutions. It begins with an overview of cloud security challenges due to the shared responsibility model. It then describes Imperva's SecureSphere, Incapsula, and Skyfence solutions for securing applications in AWS and Azure. Reference architectures are provided for deploying the solutions on AWS and Azure. A case study describes how an online gaming company used Imperva SecureSphere WAF to protect their applications after moving them to AWS.

Technologie
1 von 27
Downloaden Sie, um offline zu lesen
© 2016 Imperva, Inc. All rights reserved. Protect Your Data and Apps in the Public Cloud Lior Lukov, Sr. Product Manager, Application Security, Imperva Narayan Makaram, Dir. Product Marketing, Application Security, Imperva
© 2016 Imperva, Inc. All rights reserved. AGENDA • Cloud Security Challenges • Imperva Cloud Security Solutions • Reference Architecture • Customer Case Study 2
© 2016 Imperva, Inc. All rights reserved. Speakers 3 Narayan Makaram Dir., Product Marketing, Imperva Lior Lukov Sr. Product Manager, Imperva
© 2016 Imperva, Inc. All rights reserved. Web Application Attacks Cloud Security Challenges 1 4
© 2016 Imperva, Inc. All rights reserved.5 Cloud Brings New Advantages toApplications IaaS ProvidersOn-premise Data Centers Applications in Data Center Applications in Cloud Fixed capacity Elastic capacity Scale-up Scale-out Manual build and deploy Automated build and deploy Allocated costs Metered cost Limited HA and DR HA and DR across data-centers/regions Defense in depth Perimeter Security
© 2016 Imperva, Inc. All rights reserved. Business Challenges Business Impact: • Lost revenue associated with website downtime • Brand damage with bad publicity • Lost competitive advantage with sensitive data theft • Fines and regulatory actions with data breach Attack vectors remain the same as applications and data migrate from on-premises data centers to the cloud Cloud Infrastructure (IaaS) DDoS attacks Data Center Mobile attacks Technical attacks Business logic attacks 6
© 2016 Imperva, Inc. All rights reserved. Security – a Shared Responsibility in Cloud Infrastructure 7 AWS Article: Introduction to AWS Security, July 2015 Azure Blog Post: Cloud Security is a Shared Responsibility, June 2015 Customers are responsible for securing the customer applications and content hosted in any cloud infrastructure – AWS, Azure, and others
© 2016 Imperva, Inc. All rights reserved. Imperva Application Security Cloud Security Solutions 2 8
© 2016 Imperva, Inc. All rights reserved. Imperva Solutions for AWS and Azure 9 Imperva is laser focused on protecting business-critical applications and data, wherever they reside – in the cloud and on-premises Protects applications and data hosted in AWS and Azure Mitigates DDoS attacks through cloud-based Content Delivery Network Protects administrative access to AWS/Azure management console
© 2016 Imperva, Inc. All rights reserved. Imperva SecureSphere - On AWS and Azure Cloud Infrastructure 10 Comprehensive application and database protection with enterprise-class on-premises solution that customers trust In-depth Web Application Protection SecureSphere WAF blocks technical attacks that exploit vulnerabilities in your applications and automated attacks that abuse business functionality Dynamic Application Profiling Automatically discovers application interfaces and adapts security controls to changes in applications to simplify on-going maintenance Crowd-sourced Threat Intelligence ThreatRadar services: Reputation, Bot Mitigation, Community Defense, Account Takeover. Arms the WAF with the latest security policies, signatures, and compliance reports crowd- sourced from Imperva customers and 3rd party providers Protects Databases Hosted in the Cloud Discovers and monitors all user activity in databases hosted in AWS (using SecureSphere gateways) and on Azure (using SecureSphere Agents) App Servers DB Servers
© 2016 Imperva, Inc. All rights reserved. Imperva Incapsula – Cloud Based WAF 11 DDoS Mitigation CDN Load Balancing WAF All-in-one Website Security, DDoS and Bot Protection, and Load Balancing on a Global Content Delivery Network Load Balancing Cloud-based Layer 7 Load Balancing service optimizes traffic distributions based on its actual flow to each server. Global Content Delivery Network Application-aware Content Delivery Network delivers full site acceleration, boosts website performance using advanced networking, dynamic caching, and content optimization techniques. Enterprise-Grade Website Security and WAF Incapsula’s PCI-certified web application firewall, advanced bot detection, and access control technologies secure any website against known and emerging threats. Volumetric DDoS Attack and Bot Protection Combining a robust network backbone of advanced traffic inspection solutions, Incapsula protections your cloud-based site against all types of DDoS attacks.
© 2016 Imperva, Inc. All rights reserved. Imperva Skyfence - Protect Management Console Monitors high-risk activities executed thru the AWS/Azure Management Console 12 Management Console Audits all administrator activity. Identifies security and compliance gaps Enforces separation of duties between privileged users and security and compliance teams
© 2015 Imperva, Inc. All rights reserved. Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. THE ONLY LEADER TWO CONSECUTIVE YEARS Gartner Magic Quadrant for Web Application Firewalls 13
© 2016 Imperva, Inc. All rights reserved. Imperva Security Solutions Reference Architectures for AWS and Azure 3 14
© 2016 Imperva, Inc. All rights reserved. AWS: Imperva Deployment Architecture SecureSphere, Incapsula, Skyfence 15 Administrators Users AWS Management Console Availability Zone 1 Availability Zone 2Scaling Group CDN, DDoS, LB, WAF WAF Cloud Access Service Broker (CASB)
© 2016 Imperva, Inc. All rights reserved. SecureSphere WAF forAmazon AWS 16 • Protects web applications hosted in AWS cloud with industry leading WAF • CloudFormation templates streamlines WAF deployments on AWS • CloudWatch monitors WAF instances • Automates re-routing traffic to different availability zones Availability Zone 1 Availability Zone 2Scaling Group
© 2016 Imperva, Inc. All rights reserved. AWS: SecureSphere DeploymentArchitecture – WAF Only 17 AZ1 MX Management AZ2 Users ELBELB Scaling Group Scaling Group Scaling Group Web Servers Web Servers WAF gateway WAF gateway MX Management
© 2016 Imperva, Inc. All rights reserved. AWS: SecureSphere DeploymentArchitecture - WAF + DAM 18 AZ1 MX Management MX Management AZ2 WAF gateway WAF gateway Users ELB DAM gateway DAM gateway MX Management MX Management Scaling Group ELB DB Server DB Server Web Server Web Server
© 2016 Imperva, Inc. All rights reserved. AWS: Hybrid Management for SecureSphere WAF 19 V P C VPN Customer Data Center Use single MX deployment for both AWS and on-premises WAF management WAF only (at this time) Either physical or virtual MX Gateways Gateways MX Management
© 2016 Imperva, Inc. All rights reserved. SecureSphere forAWS Options (BYOL, On-Demand) 20 Performance AV2500 AV1000 AVM150 Supported SecureSphere Products Web Application Firewall Database Activity Monitor Database Firewall Web Application Firewall MX Management Server HTTP Throughput Up to 500 Mbps Up to 100 Mbps Not Applicable Minimum Requirements for Each SecureSphere for AWS Instance Minimum AWS Instance Type M3 Extra Large M3 Large M3 Extra Large
© 2016 Imperva, Inc. All rights reserved. SecureSphere WAF for Microsoft Azure 21 • Protects web applications hosted in Azure cloud with industry leading WAF • Azure Resource Manager streamlines WAF deployments on Azure • Azure Application Insights monitors WAF instances • Automates re-routing traffic to different Azure Regions Web Servers LB LB Azure Region 1 Azure Region 2 Availability Set LB Availability Set Web Servers
© 2016 Imperva, Inc. All rights reserved. Azure: SecureSphere DeploymentArchitecture 22 SecureSphere WAFs Virtual Network Azure Region External LB Management Subnet Gateway Subnet LB Apps Subnet Availability Set Availability Set Web Serverswww.company.com Public IP
© 2016 Imperva, Inc. All rights reserved. SecureSphere forAzure Options (BYOL only) 23 Performance MV2500 MV1000 MVM150 Supported SecureSphere Products Web Application Firewall Web Application Firewall MX Management Server HTTP Throughput Up to 500 Mbps Up to 100 Mbps Not Applicable Minimum Requirements for Each SecureSphere for AWS Instance Minimum Azure Instance Types A3/D3 for HTTP only D3v2/D4 for HTTPS A2 for HTTP only A3 for HTTPS A3 Standard
© 2016 Imperva, Inc. All rights reserved. SecureSphere on Microsoft Azure Security Center 24
© 2016 Imperva, Inc. All rights reserved. Case Study: Online Gaming Company Moved all Gaming Apps to AWS 25 Requirements: • Protect Gaming application from technical (SQLi) and business logic attacks • Protect Registration page from malicious bots and other automated attacks • Be able to scale up quickly and handle peaks in traffic per request Solution: • Originally sized @ 20 instances, eventually scaled to 120 during holidays • SecureSphere WAF deployed in front of all application instances in AWS • Additional redundancy provided by geographically distributed instances using AWS availability zones Benefits: • Seamless Deployment – took just hours instead of weeks on physical data center • Operational Efficiency - AWS environment managed by 2 FTE, instead of 4+ in physical data center • No upfront costs – shift from Capital-Expenditure to Operational-Expenditure
© 2016 Imperva, Inc. All rights reserved.26 Questions?
Protect Your Data and Apps in the Public Cloud

Empfohlen

Aruba wireless and clear pass 6 integration guide v1.3
Aruba wireless and clear pass 6 integration guide v1.3Aruba wireless and clear pass 6 integration guide v1.3
Aruba wireless and clear pass 6 integration guide v1.3Aruba, a Hewlett Packard Enterprise company
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
ClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesAruba, a Hewlett Packard Enterprise company
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWSAmazon Web Services
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityDeepak Shrivastava
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
Cloud security
Cloud securityCloud security
Cloud securityPurva Dublay
 
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...Edureka!
 

Empfohlen

Aruba wireless and clear pass 6 integration guide v1.3
Aruba wireless and clear pass 6 integration guide v1.3Aruba wireless and clear pass 6 integration guide v1.3
Aruba wireless and clear pass 6 integration guide v1.3Aruba, a Hewlett Packard Enterprise company
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
ClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesAruba, a Hewlett Packard Enterprise company
 
Network Security and Access Control in AWS
Network Security and Access Control in AWSNetwork Security and Access Control in AWS
Network Security and Access Control in AWSAmazon Web Services
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityDeepak Shrivastava
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
Cloud security
Cloud securityCloud security
Cloud securityPurva Dublay
 
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...
Introduction To Amazon Web Services | AWS Tutorial for Beginners | AWS Traini...Edureka!
 
Base Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignBase Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignAruba, a Hewlett Packard Enterprise company
 
Advanced Aruba ClearPass Workshop
Advanced Aruba ClearPass WorkshopAdvanced Aruba ClearPass Workshop
Advanced Aruba ClearPass WorkshopAruba, a Hewlett Packard Enterprise company
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelAshwin Patil, GCIH, GCIA, GCFE
 
Clear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyClear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyAruba, a Hewlett Packard Enterprise company
 
Mobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim DökümanıMobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim DökümanıAhmet Gürel
 
Aruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep DiveAruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep DiveAruba, a Hewlett Packard Enterprise company
 
ClearPass Overview
ClearPass OverviewClearPass Overview
ClearPass OverviewJoAnna Cheshire
 
Real-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesReal-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesAruba, a Hewlett Packard Enterprise company
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfBGA Cyber Security
 
ISE-802.1X-MAB
ISE-802.1X-MABISE-802.1X-MAB
ISE-802.1X-MABEmerson Barros Rivas
 
İleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabıİleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab KitabıBGA Cyber Security
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Aruba, a Hewlett Packard Enterprise company
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarCodit
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Amazon Web Services
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarImperva
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim DökümanıMobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim DökümanıAhmet Gürel
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfBGA Cyber Security
 
İleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabıİleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab KitabıBGA Cyber Security
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Aruba, a Hewlett Packard Enterprise company
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarCodit
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Amazon Web Services
 

Was ist angesagt? (20)

Base Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference DesignBase Designs Lab Setup for Validated Reference Design
Base Designs Lab Setup for Validated Reference Design
 
Advanced Aruba ClearPass Workshop
Advanced Aruba ClearPass WorkshopAdvanced Aruba ClearPass Workshop
Advanced Aruba ClearPass Workshop
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
 
Clear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyClear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthy
 
Mobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim DökümanıMobil Pentest Eğitim Dökümanı
Mobil Pentest Eğitim Dökümanı
 
Aruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep DiveAruba ClearPass Exchange Deep Dive
Aruba ClearPass Exchange Deep Dive
 
ClearPass Overview
ClearPass OverviewClearPass Overview
ClearPass Overview
 
Real-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesReal-world 802.1X Deployment Challenges
Real-world 802.1X Deployment Challenges
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
 
ISE-802.1X-MAB
ISE-802.1X-MABISE-802.1X-MAB
ISE-802.1X-MAB
 
İleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabıİleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabı
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF
 
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 

Andere mochten auch

More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Imperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014Imperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsImperva
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemIJSRD
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesImperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusImperva
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment SpamImperva
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceImperva
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksImperva
 

Andere mochten auch (20)

More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall Webinar
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
 
xstream_network
xstream_networkxstream_network
xstream_network
 
Ali shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1XAli shahbazi khojasteh dot1X
Ali shahbazi khojasteh dot1X
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment Spam
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat Intelligence
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted Attacks
 

Ähnlich wie Protect Your Data and Apps in the Public Cloud

SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)Cisco Canada
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Amazon Web Services
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Amazon Web Services
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxYitao Cen
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing StrategyRex Wang
 
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPC
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPCAWS Initiate Day Dublin 2019 – Security and Compliance in your VPC
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPCAmazon Web Services
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Canada
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...RoiElbaz1
 
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPC
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPCAWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPC
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPCAmazon Web Services
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
AWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud InnovationsAWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud InnovationsAmazon Web Services
 
SolarWinds SAM Product Overview & Feature Highlights
SolarWinds SAM Product Overview & Feature HighlightsSolarWinds SAM Product Overview & Feature Highlights
SolarWinds SAM Product Overview & Feature HighlightsSolarWinds
 
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAmazon Web Services
 
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAmazon Web Services
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)Amazon Web Services
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksAmazon Web Services
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůMarketingArrowECS_CZ
 

Ähnlich wie Protect Your Data and Apps in the Public Cloud (20)

SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
 
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptx
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
 
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPC
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPCAWS Initiate Day Dublin 2019 – Security and Compliance in your VPC
AWS Initiate Day Dublin 2019 – Security and Compliance in your VPC
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...
 
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPC
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPCAWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPC
AWS Initiate Day Manchester 2019 – AWS Security Compliance in your VPC
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
 
AWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud InnovationsAWS & Intel: A Partnership Dedicated to Cloud Innovations
AWS & Intel: A Partnership Dedicated to Cloud Innovations
 
SolarWinds SAM Product Overview & Feature Highlights
SolarWinds SAM Product Overview & Feature HighlightsSolarWinds SAM Product Overview & Feature Highlights
SolarWinds SAM Product Overview & Feature Highlights
 
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS Foundations
 
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced Attacks
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
 

Mehr von Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 

Mehr von Imperva (20)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 

Kürzlich hochgeladen

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 

Kürzlich hochgeladen (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 

Protect Your Data and Apps in the Public Cloud

  • 1. © 2016 Imperva, Inc. All rights reserved. Protect Your Data and Apps in the Public Cloud Lior Lukov, Sr. Product Manager, Application Security, Imperva Narayan Makaram, Dir. Product Marketing, Application Security, Imperva
  • 2. © 2016 Imperva, Inc. All rights reserved. AGENDA • Cloud Security Challenges • Imperva Cloud Security Solutions • Reference Architecture • Customer Case Study 2
  • 3. © 2016 Imperva, Inc. All rights reserved. Speakers 3 Narayan Makaram Dir., Product Marketing, Imperva Lior Lukov Sr. Product Manager, Imperva
  • 4. © 2016 Imperva, Inc. All rights reserved. Web Application Attacks Cloud Security Challenges 1 4
  • 5. © 2016 Imperva, Inc. All rights reserved.5 Cloud Brings New Advantages toApplications IaaS ProvidersOn-premise Data Centers Applications in Data Center Applications in Cloud Fixed capacity Elastic capacity Scale-up Scale-out Manual build and deploy Automated build and deploy Allocated costs Metered cost Limited HA and DR HA and DR across data-centers/regions Defense in depth Perimeter Security
  • 6. © 2016 Imperva, Inc. All rights reserved. Business Challenges Business Impact: • Lost revenue associated with website downtime • Brand damage with bad publicity • Lost competitive advantage with sensitive data theft • Fines and regulatory actions with data breach Attack vectors remain the same as applications and data migrate from on-premises data centers to the cloud Cloud Infrastructure (IaaS) DDoS attacks Data Center Mobile attacks Technical attacks Business logic attacks 6
  • 7. © 2016 Imperva, Inc. All rights reserved. Security – a Shared Responsibility in Cloud Infrastructure 7 AWS Article: Introduction to AWS Security, July 2015 Azure Blog Post: Cloud Security is a Shared Responsibility, June 2015 Customers are responsible for securing the customer applications and content hosted in any cloud infrastructure – AWS, Azure, and others
  • 8. © 2016 Imperva, Inc. All rights reserved. Imperva Application Security Cloud Security Solutions 2 8
  • 9. © 2016 Imperva, Inc. All rights reserved. Imperva Solutions for AWS and Azure 9 Imperva is laser focused on protecting business-critical applications and data, wherever they reside – in the cloud and on-premises Protects applications and data hosted in AWS and Azure Mitigates DDoS attacks through cloud-based Content Delivery Network Protects administrative access to AWS/Azure management console
  • 10. © 2016 Imperva, Inc. All rights reserved. Imperva SecureSphere - On AWS and Azure Cloud Infrastructure 10 Comprehensive application and database protection with enterprise-class on-premises solution that customers trust In-depth Web Application Protection SecureSphere WAF blocks technical attacks that exploit vulnerabilities in your applications and automated attacks that abuse business functionality Dynamic Application Profiling Automatically discovers application interfaces and adapts security controls to changes in applications to simplify on-going maintenance Crowd-sourced Threat Intelligence ThreatRadar services: Reputation, Bot Mitigation, Community Defense, Account Takeover. Arms the WAF with the latest security policies, signatures, and compliance reports crowd- sourced from Imperva customers and 3rd party providers Protects Databases Hosted in the Cloud Discovers and monitors all user activity in databases hosted in AWS (using SecureSphere gateways) and on Azure (using SecureSphere Agents) App Servers DB Servers
  • 11. © 2016 Imperva, Inc. All rights reserved. Imperva Incapsula – Cloud Based WAF 11 DDoS Mitigation CDN Load Balancing WAF All-in-one Website Security, DDoS and Bot Protection, and Load Balancing on a Global Content Delivery Network Load Balancing Cloud-based Layer 7 Load Balancing service optimizes traffic distributions based on its actual flow to each server. Global Content Delivery Network Application-aware Content Delivery Network delivers full site acceleration, boosts website performance using advanced networking, dynamic caching, and content optimization techniques. Enterprise-Grade Website Security and WAF Incapsula’s PCI-certified web application firewall, advanced bot detection, and access control technologies secure any website against known and emerging threats. Volumetric DDoS Attack and Bot Protection Combining a robust network backbone of advanced traffic inspection solutions, Incapsula protections your cloud-based site against all types of DDoS attacks.
  • 12. © 2016 Imperva, Inc. All rights reserved. Imperva Skyfence - Protect Management Console Monitors high-risk activities executed thru the AWS/Azure Management Console 12 Management Console Audits all administrator activity. Identifies security and compliance gaps Enforces separation of duties between privileged users and security and compliance teams
  • 13. © 2015 Imperva, Inc. All rights reserved. Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. THE ONLY LEADER TWO CONSECUTIVE YEARS Gartner Magic Quadrant for Web Application Firewalls 13
  • 14. © 2016 Imperva, Inc. All rights reserved. Imperva Security Solutions Reference Architectures for AWS and Azure 3 14
  • 15. © 2016 Imperva, Inc. All rights reserved. AWS: Imperva Deployment Architecture SecureSphere, Incapsula, Skyfence 15 Administrators Users AWS Management Console Availability Zone 1 Availability Zone 2Scaling Group CDN, DDoS, LB, WAF WAF Cloud Access Service Broker (CASB)
  • 16. © 2016 Imperva, Inc. All rights reserved. SecureSphere WAF forAmazon AWS 16 • Protects web applications hosted in AWS cloud with industry leading WAF • CloudFormation templates streamlines WAF deployments on AWS • CloudWatch monitors WAF instances • Automates re-routing traffic to different availability zones Availability Zone 1 Availability Zone 2Scaling Group
  • 17. © 2016 Imperva, Inc. All rights reserved. AWS: SecureSphere DeploymentArchitecture – WAF Only 17 AZ1 MX Management AZ2 Users ELBELB Scaling Group Scaling Group Scaling Group Web Servers Web Servers WAF gateway WAF gateway MX Management
  • 18. © 2016 Imperva, Inc. All rights reserved. AWS: SecureSphere DeploymentArchitecture - WAF + DAM 18 AZ1 MX Management MX Management AZ2 WAF gateway WAF gateway Users ELB DAM gateway DAM gateway MX Management MX Management Scaling Group ELB DB Server DB Server Web Server Web Server
  • 19. © 2016 Imperva, Inc. All rights reserved. AWS: Hybrid Management for SecureSphere WAF 19 V P C VPN Customer Data Center Use single MX deployment for both AWS and on-premises WAF management WAF only (at this time) Either physical or virtual MX Gateways Gateways MX Management
  • 20. © 2016 Imperva, Inc. All rights reserved. SecureSphere forAWS Options (BYOL, On-Demand) 20 Performance AV2500 AV1000 AVM150 Supported SecureSphere Products Web Application Firewall Database Activity Monitor Database Firewall Web Application Firewall MX Management Server HTTP Throughput Up to 500 Mbps Up to 100 Mbps Not Applicable Minimum Requirements for Each SecureSphere for AWS Instance Minimum AWS Instance Type M3 Extra Large M3 Large M3 Extra Large
  • 21. © 2016 Imperva, Inc. All rights reserved. SecureSphere WAF for Microsoft Azure 21 • Protects web applications hosted in Azure cloud with industry leading WAF • Azure Resource Manager streamlines WAF deployments on Azure • Azure Application Insights monitors WAF instances • Automates re-routing traffic to different Azure Regions Web Servers LB LB Azure Region 1 Azure Region 2 Availability Set LB Availability Set Web Servers
  • 22. © 2016 Imperva, Inc. All rights reserved. Azure: SecureSphere DeploymentArchitecture 22 SecureSphere WAFs Virtual Network Azure Region External LB Management Subnet Gateway Subnet LB Apps Subnet Availability Set Availability Set Web Serverswww.company.com Public IP
  • 23. © 2016 Imperva, Inc. All rights reserved. SecureSphere forAzure Options (BYOL only) 23 Performance MV2500 MV1000 MVM150 Supported SecureSphere Products Web Application Firewall Web Application Firewall MX Management Server HTTP Throughput Up to 500 Mbps Up to 100 Mbps Not Applicable Minimum Requirements for Each SecureSphere for AWS Instance Minimum Azure Instance Types A3/D3 for HTTP only D3v2/D4 for HTTPS A2 for HTTP only A3 for HTTPS A3 Standard
  • 24. © 2016 Imperva, Inc. All rights reserved. SecureSphere on Microsoft Azure Security Center 24
  • 25. © 2016 Imperva, Inc. All rights reserved. Case Study: Online Gaming Company Moved all Gaming Apps to AWS 25 Requirements: • Protect Gaming application from technical (SQLi) and business logic attacks • Protect Registration page from malicious bots and other automated attacks • Be able to scale up quickly and handle peaks in traffic per request Solution: • Originally sized @ 20 instances, eventually scaled to 120 during holidays • SecureSphere WAF deployed in front of all application instances in AWS • Additional redundancy provided by geographically distributed instances using AWS availability zones Benefits: • Seamless Deployment – took just hours instead of weeks on physical data center • Operational Efficiency - AWS environment managed by 2 FTE, instead of 4+ in physical data center • No upfront costs – shift from Capital-Expenditure to Operational-Expenditure
  • 26. © 2016 Imperva, Inc. All rights reserved.26 Questions?