Rethinking Security:

The Cloud Infrastructure EffectCarson Sweet

CEO, CloudPassage

4

Virtualized networks

New topologies

No hardware

Highly dynamic

Shared infrastructure

Cloud “pros”

become security

“cons”

Abstraction

• Assets are everywhere. Security needs to be able to follow.

Automation

• Software, storage, compute, networking – what about security?

Orchestration

• (x) point solutions times (y) environments = tons of management

Auto-scalability

• What happens when apps scale from 100 to 10,000 systems?

API enablement

• SDSec cannot work without complete, open API access

The Software-Defined Security Strategy

Building a software-defined security platform

Security service orchestration

Individual control automation

Unified policy management

Control provisioning & maintenance

Security & compliance analytics

Compliance data collection

Event logging & alerting

RE

ST

AP

IConfiguration security

Vulnerability management

Privileged access auditing

File integrity monitoring

Host Firewall automation

Multi-factor authentication

Server access management

Log-based intrusion detection Volume / disk / app crypto

Key management

Monitoring and enforcement modules

Elastic compute & storage

Core platform services

Deployment model for infrastructure security

anywhere, at any scale, on demand

Configuration security

Vulnerability management

Privileged access auditing

File integrity monitoring

Security service orchestration

Individual control automation

Unified policy management

Control provisioning & maintenance

Host Firewall automation

Multi-factor authentication

Server access management

Security & compliance analytics

Compliance data collection

Event logging & alerting

RE

ST

AP

I

Log-based intrusion detection

Key / secrets management?

Volume / disk crypto?

www.cloudpassage.com