digital transformation, - cloudsecusing serverless today physical servers public cloud virtual...
TRANSCRIPT
#cloudsec
5G
Nano Technology
인공지능Big
data Smart Home
Smart Healthcare4차산업혁명
가상현실
3D Printing Robot Engineering
Hyper-connectedDigital Convergence
IOT 무인운송
Smart City
Sm
art Fa
ctory
Industry4.0
증강현실
혼합현실
DIGITALTRANSFORMATION
무인자동차
무인항공
자율주행
IIOT
Digital Governance
CLOUD
AI
Industrial Revolution
AR
VR
DRO
N
사물인터넷
Social Networking
O2O
Machine Learning
#cloudsec
Digital Transformation
Sales and Marketing
Finance
Supply Chain
Production
HR
Cloud Computing
Big Data
Artificial Intelligence
Machine Learning
IIOT
Cyber Security
#cloudsec
Cyber Crime in Digital Transformation
Access gained to customer data in Jan
2018
14M
150M “Unauthorized party" gained
access to user account
data in Feb 2018
The personal details of about 106
million individuals across the US
and Canada were stolen
2019
#cloudsec
Cyber Crime and the cost
Source: “2018 state of cyber resilience: Gaining ground on the cyber attacker.” ACCENTURE Source: “2017 cost of cyber crime study: Insights on the security investments that make a difference” ACCENTURE AND PONEMON INSTITUTE
Increase from 2013 to 2017: 62%
#cloudsec
Shift to New Infrastructure2019+:
<5% of companiesusing serverlesstoday
PhysicalServers
PublicCloud
ContainersVirtual Servers Serverless
2020:80% ofworkloads virtualized
2020:92% will beusing cloud
2020:78% willbe usingcontainers
2020:20% of companiesusing serverless
First to optimize
security for VMware
First to optimize
security for AWS
First cloud workload protection platform to extend protection to
Docker containers
Coming soon
Workload Security
Manual Process for Development,
Staging and Production Environment
Physical Virtual Cloud Containers
Conventional
Secure it like and
endpoint with
Agents
Silo security for servers
only
Conventional
Of the most used containers have at
least one critical vulnerability
20%
Microservices Development
rely on CI/CD
Trust the
Source
Workload Security
SINGLE STRATEGY FOR MULTIPLE PLATFORMS
Modern Approach
Connected Threat Defense framework to
enable sharing of Threat Intel across
network, channels & platforms
Automation Provide Dev & Ops team
SDKs and APIs to automate and
simplify implementation
Empower your developers with
Admission Control
Workload Security
BUILD PUSH DEPLOY RUNCOMMIT
Full container lifecycle security
Pre-registry Scanning
Container Registry Scanning Compliance Validation
Image AssertionVulnerability Scan
Anti-Malware Scan
Protection for:
• Container
• Platform
• Host
Admission Control
Full stack security
Modern Approach
Workload Security
Network-based approaches in the
cloud are complex and don’t scale
easily
Security can’t always access
cloud workloads
Network Security
Conventional
All Applications common Denominator is Code
Host Based Approaches
Do not Work
Code Quality Issues
Amplified
Multiple services mean increased
data flows that are hard to monitor &
protect
Serverless
RUNTIME APPLCIATION SELF-PROTECTION
Inside-Out Approach Safety Net against code
oversight
Low Overhead and
Easy to Implement
Modern Approach
Serverless
External
Creators
Internal
Reviewers
Global Audience
AWS Lambda
Submission Handler
AWS Lambda
Review Handler
Amazon
CloudFront
Amazon DynamoDB
AWS Elemental
MediaConvert
AWS Elemental
MediaStore
API Gateway
Serverless
#cloudsec
Hybrid Cloud SecurityNetwork Security (Host and Gateway)
FirewallVulnerability
ScanningIntrusion
PreventionAnti-
Malware
Sandbox Analysis
Malware PreventionSystem Security
Application Control
Integrity Monitoring
Log Inspection
Image Scanning
Malware Detection
Vulnerability Scanning
Sweeping& Hunting
Behavioral Analysis Machine Learning
#cloudsec
AV
Deception
Vulnerability
Shielding
Advanced behavioral
Detection and response
IAAS data at rest Encryption
Exploit Prevention/Memory Protection
Integrity Monitoring/Management
Network Segmentation and Traffic Visibility
Configuration and Vulnerability Management
Operations Hygiene
Cloud Workload
Protection Platforms
23 of 26 capabilities & considerations
#cloudsec
Market Proven
300 Customers 10 / 10 Big 5 Public Cloud
Hybrid & Multi Cloud Architecture Scalability & FlexibilityTotal Security