www.cloudsec.com | #cloudsec

Digital Transformation,

Cloud and Security

김진광 | 지사장, 한국트렌드마이크로

DIGITAL TRANSFORMATION

BUSINESS INNOVATION

#cloudsec

5G

Nano Technology

인공지능Big

data Smart Home

Smart Healthcare4차산업혁명

가상현실

3D Printing Robot Engineering

Hyper-connectedDigital Convergence

IOT 무인운송

Smart City

Sm

art Fa

ctory

Industry4.0

증강현실

혼합현실

DIGITALTRANSFORMATION

무인자동차

무인항공

자율주행

IIOT

Digital Governance

CLOUD

AI

Industrial Revolution

AR

VR

DRO

N

사물인터넷

Social Networking

O2O

Machine Learning

#cloudsec

Digital Transformation

Sales and Marketing

Finance

Supply Chain

Production

HR

Cloud Computing

Big Data

Artificial Intelligence

Machine Learning

IIOT

Cyber Security

#cloudsec

Cyber Crime in Digital Transformation

Access gained to customer data in Jan

2018

14M

150M “Unauthorized party" gained

access to user account

data in Feb 2018

The personal details of about 106

million individuals across the US

and Canada were stolen

2019

#cloudsec

Cyber Crime and the cost

Source: “2018 state of cyber resilience: Gaining ground on the cyber attacker.” ACCENTURE Source: “2017 cost of cyber crime study: Insights on the security investments that make a difference” ACCENTURE AND PONEMON INSTITUTE

Increase from 2013 to 2017: 62%

#cloudsec

Cyber Crime and the cost

6조원

SOURCE: BBC report

#cloudsec

Shift to New Infrastructure2019+:

<5% of companiesusing serverlesstoday

PhysicalServers

PublicCloud

ContainersVirtual Servers Serverless

2020:80% ofworkloads virtualized

2020:92% will beusing cloud

2020:78% willbe usingcontainers

2020:20% of companiesusing serverless

First to optimize

security for VMware

First to optimize

security for AWS

First cloud workload protection platform to extend protection to

Docker containers

Coming soon

www.cloudsec.com | #cloudsec

Advanced Technology

of Cloud Security

장성민박사 | 한국트렌드마이크로

Workload Security

Manual Process for Development,

Staging and Production Environment

Physical Virtual Cloud Containers

Conventional

Secure it like and

endpoint with

Agents

Silo security for servers

only

Conventional

Of the most used containers have at

least one critical vulnerability

20%

Microservices Development

rely on CI/CD

Trust the

Source

Workload Security

SINGLE STRATEGY FOR MULTIPLE PLATFORMS

Modern Approach

Connected Threat Defense framework to

enable sharing of Threat Intel across

network, channels & platforms

Automation Provide Dev & Ops team

SDKs and APIs to automate and

simplify implementation

Empower your developers with

Admission Control

Workload Security

BUILD PUSH DEPLOY RUNCOMMIT

Full container lifecycle security

Pre-registry Scanning

Container Registry Scanning Compliance Validation

Image AssertionVulnerability Scan

Anti-Malware Scan

Protection for:

• Container

• Platform

• Host

Admission Control

Full stack security

Modern Approach

Workload Security

Network-based approaches in the

cloud are complex and don’t scale

easily

Security can’t always access

cloud workloads

Network Security

Conventional

Network Security

Conventional

Modern Approach

All Applications common Denominator is Code

Host Based Approaches

Do not Work

Code Quality Issues

Amplified

Multiple services mean increased

data flows that are hard to monitor &

protect

Serverless

RUNTIME APPLCIATION SELF-PROTECTION

Inside-Out Approach Safety Net against code

oversight

Low Overhead and

Easy to Implement

Modern Approach

Serverless

External

Creators

Internal

Reviewers

Global Audience

AWS Lambda

Submission Handler

AWS Lambda

Review Handler

Amazon

CloudFront

Amazon DynamoDB

AWS Elemental

MediaConvert

AWS Elemental

MediaStore

API Gateway

Serverless

#cloudsec

Cloud Network Protection

powered by TIPPING POINT

#cloudsec

Hybrid Cloud SecurityNetwork Security (Host and Gateway)

FirewallVulnerability

ScanningIntrusion

PreventionAnti-

Malware

Sandbox Analysis

Malware PreventionSystem Security

Application Control

Integrity Monitoring

Log Inspection

Image Scanning

Malware Detection

Vulnerability Scanning

Sweeping& Hunting

Behavioral Analysis Machine Learning

#cloudsec

AV

Deception

Vulnerability

Shielding

Advanced behavioral

Detection and response

IAAS data at rest Encryption

Exploit Prevention/Memory Protection

Integrity Monitoring/Management

Network Segmentation and Traffic Visibility

Configuration and Vulnerability Management

Operations Hygiene

Cloud Workload

Protection Platforms

23 of 26 capabilities & considerations

#cloudsec

Market Proven

300 Customers 10 / 10 Big 5 Public Cloud

Hybrid & Multi Cloud Architecture Scalability & FlexibilityTotal Security

De Facto Standard

www.cloudsec.com | #cloudsec

THANK YOU

김진광 | 지사장, 한국트렌드마이크로