Alert Logic: Realities of Security in the Cloud

Breach Stats

REALITIES OF SECURITY IN THE CLOUD

James BrownVice President of Technology Services

SECURITY IS A CHALLENGE

Infrastructure Has Changed

EARLY 2000’s MID 2000’s NOW

Buying Hardware

Infrastructure Has Changed

Infrastructure As a ServiceBuying Hardware

Cybercrime Has Also ChangedSingle Actors

Cybercrime Has Also ChangedSingle Actors Highly Organized Groups

Cybercrime is Flourishing

508 is the average number of

applicationsin an enterprise

Evolution of AdversariesExpanding Attack Surfaces Overwhelmed Defenses

37% of US companies face 50,000+ alerts

per month

390,000 new malicious programs

every day with a viable ecosystem

Forbes, 2014FireEye, 2015

AV-TEST, 2016

Who is being targeted?

Today’s Attacks Have Several Stages

THE GOOD NEWS

The Cloud Can be Secure

“Public cloud workloads can be at least as secure as those in your own data center, likely better.”

Neil McDonald – Garter Security and Risk Management SummitLondon Sept 2015

Cloud Security – New Approach

The Principles of security do not change but your Approach to security needs to change:

• Security best practices are no different in the cloud

• You need to apply the same security standards to cloud workloads as applied to on-premises

• Understand the Shared Responsibility of Cloud Security

Security in the Cloud is a Shared Responsibility

PROVIDES

• Secure coding and best practices• Software and virtual patching• Configuration management

• Access management• Application level attack monitoring

• Access management• Patch management• Configuration hardening• Security monitoring• Log analysis

• Network threat detection• Security monitoring

• Logical network segmentation• Perimeter security services• External DDoS, spoofing, and scanning prevented

• Hardened hypervisor• System image library• Root access for customer

• Configuration best practices

Challenges of being Secure in the Cloud

SECURITY TOOLS AREComplicated to use

Difficult to deploy

Expensive to manage and tune

HUMAN EXPERTISE ISHard to find

Harder to keep

Very expensive

THREAT INTELLIGENCE AND SECURITY CONTENTGets stale quickly

Requires specificknow-how

Validation required to avoid false positives

ALERT LOGIC HAS A SOLUTION

Alert Logic Provides

Realtime Security Monitoring of Network and Logs

Analytics Engine to find potential threats

Review and Escalation by our Security Analysts

Visibility of the AWS Environment

AWS Best Practices

Vulnerabilities on the InstancesAWS

Config / Inspector

AWS CloudTrail

Research into generic and AWS threats

Audit and Compliance reporting

Alert Logic – a Leader in Forrester’s 2016 NA MSSP WAVETM

“Alert Logic has a head start in the cloud, and it shows.

Alert Logic is an excellent fit for clients looking to secure their current or planned cloud migrations, clients requiring a provider than can span seamlessly between hybrid architectures, and those that demand strong API capabilities for integrations.”

- Forrester WAVETM Report

How Cloud Defender Works in AWS

AWS Service Log Collection Web and Network Security Events,Application & server logs

Continuous Vulnerability ScanningConfiguration Assessments, and Environment

Visibility

AWS SERVICES INSTANCES & APPLICATIONS

Analytics Platform Threat Intel & Context Expert Analysis

Threat Detection with Remediation Tactics

YOUR TEAM

Vulnerability & Configuration Issues

Vulnerability and AWS-Specific Checks Included

AWS ACCOUNTSPasswords complexityNon-expiring passwordsNo users with API keysNo MFA No key rotationInactive user accountsEC2 instance not using IAM roles

S3 BUCKETSUpload permissions not restrictedDelete permissions not restrictedUnrestricted list access

AWS RDS Secure database settings Data encryption

OVER 80,000 VULNERABILITY AND CONFIGURATION CHECKS

NETWORK TOPOLOGYUnrestricted inbound/outboundDirect inbound/ outbound access to DBInsecure services open to InternetMultiple functions on a single host (Web and DB server)

ELB SECURITYInsecure cipher or protocolListener not using secure protocolUnapproved cipherMissing security groupsUnapproved port access

Almost 4,000 Organizations Worldwide Trust Alert Logic

MILLIONS of devices secured

PETABYTES of log data undermanagement

HUNDREDSOF MILLIONS of security eventscorrelatedper month

THOUSANDS of incidents identified and reviewed per month

Thank you.

Alert Logic: Realities of Security in the Cloud

Technology

The Total Economic Impact Of Alert Logic SIEMless Threat … · 3 | The Total Economic Impact Of Alert Logic SIEMless Threat Management TEI Framework And Methodology From the information

AppSec USA 2014 Denver, Colorado Auto Scaling Web Application Security in the Cloud Misha Govshteyn Alert Logic

UFB Realities

Constructed Realities

Alternate Realities

Rustic Realities Pvt. Ltd.Rustic realities

Alert Logic

Marketplace realities

Educational Realities

ALERT LOGIC ESSENTIALS · Alert Logic Essentials provides visibility across your environments (cloud, on-premises, or hybrid), and helps you identify the remediation steps required

Alert Logic Security and Compliance Solutions for vCloud Air

PCI Solutions From Alert Logic

12 realities

AP Examination Alert The APCS Examination includes a variety of Boolean Logic questions. Many questions require indirect knowledge of Boolean Logic, and

Imagined Realities

CASE STUDY: BCS, THE CHARTERED INSTITUTE FOR IT · WHY ALERT LOGIC? BCS discovered Alert Logic a year ago and it was the first time its executives had decided to work with an outsourced

Alert Logic for HIPAA Compliance...Alert Logic for HIPAA Compliance HIAAHITECH SOLUTIONS MAING Threat Manager contains over 45 dashboards and 100 reports to help you manage compliance

MEDIA ALERTMEDIA ALERTMEDIA ALERTprod.omnianightclub.com.s3-us-west-1.amazonaws.com/... · media alertmedia alertmedia alert for immediate release omnia nightclub

Ground Realities

SECURITY-AS-A-SERVICE BUILT FOR AWS - Alert Logic · PDF fileAlert Logic Security-as-a-Service solutions integrate ... with lightweight agents and auto-scaling ... on app security