In 2014, 1,000 retail businesses were hit by remote attacks. Ultimately, most retail attacks started with stolen credentials, which enabled attackers to move laterally, harvesting credentials along the way until they reached their final destination.

There is a worldwide shortage of 600 to 900 thousand cyber security professionals, while 62% of organizations feel unprepared to fend off a sophisticated attack. -ISACA

.. organizations seek new technologies to protect their networks from new cybersecurity threats, and layer these technologies onto existing ones.. The result is a patchwork of equipment and software. A layered approach to security -- using siloed, specialized security technologies -- makes organizations vulnerable to sophisticated attacks that exploit the gaps between each layer

Simplify  

Orchestrate  

Automate  

Security Landscape

Security Gaps – What are they?§  Defence in Depth industry strategy contributes to Security Gaps.§  Diversity and limitations of existing single point solutions create security gaps in threat analysis,

operations and responsiveness.§  Deployment of new protection solutions are regularly delayed due to cumbersome but

necessary integration efforts.§  Personnel shortage of 1M in CyberSecurity alone.§  Average Time from Discovery to Remediation over 200 Days.§  Lack of Holistic Approach to Security.§  Lateral movement is the latest largest threat.

75  Percent  of  Mobile  Security  Breaches  Will  Be  the  Result  of  Mobile  Applica=on  Misconfigura=on                -­‐-­‐Gartner    

Identity and Data Security:BREAKING THE BOUNDARIES

7.Data  

1.Network  

2.Databases  

3.Systems  

4.Endpoints  

6.Messaging  &  content  

5.Applica<on  infrastructure  

Policy  defini=on   Enforcement   Monitoring  &    response  

Measurement  

Network  access  control  

Network  Visibility  

Wireless  gateway  

WLAN  monitoring  

Audit  &

 risk  m

anagem

ent  framew

ork  

IPS  

Firewall  VPN  

Database  encryp<on  

Vulnerability  m

anagem

ent  

Database  monitoring  

An<virus  

         Configura<on  mgmt.  

Storage    Security/Cloud  Security  

Firewall/Host  IPS  

Directory  

Applica<

on  

assessmen

t  

An<virus  

An<spam  

Email  encryp<on  &  filtering  

Web  filtering  

Enterprise  SSO  

An<virus/An<spyware  Endpoint  control  /MDM  

Firewall/Host  IPS  

Client  encryp<on  

Web    SSO  

IM  filtering  

Digital  inves<g

a<on

 &  fo

rensics  

SIEM

 

App  encryp<on  

Informa<on  leak    

protec<on  Enterprise  encryp<on  &    key  management  

Digital  rights  management  

Iden

<ty  &  access  m

anagem

ent  /PIM  

Strong  authe

n<ca<o

n  

Database  config.  mgmt.  

Applica<on  FW  

Real World Customer§  Defence in Depth industry strategy

contributes to Security Gaps.§  Average Time from Compromise to

Discovery over 200 Days.§  Lack of Holistic Approach to Security.

§  Silos, Silos Everywhere.

§  Zero Automation.§  Applications have to integrate with

the entire stack.§  Security becomes a Disabler.

§  Dozens of support tickets.

Market Need:FIXING THE SECURITY GAPS

Minding the Security Gaps§  Simplify Standardize Security templates and workflow visualization.§  Simplify Agile deployment and Security coordination.§  Automate protection and leverage value from existing infrastructure.§  Automate standardized security processes into new business applications.§  Orchestrate ‘Defend the gaps’ by combining Data Security feeds, devices, behaviours and

Identity Management into access control decisions.§  Orchestrate threat mitigation through adaptive risk response.§  IoT/Cloud Ready with web scale and device management.

§  Ultimately.. Transform Security from a defensive obstacle into a competitive advantage.

Market Need:FIXING THE SECURITY GAPS

Cloud

Business Processes

Existing Infrastructure

Security Landscape

§  Enable Business led IT, with Standardized Business Processes

§  Self-Protect Applications

Establish the Foundation

Necessary Steps1. Customer focused mind-set2. Scale, scale, scale3. Business Alignment4. SecDevOps5. Orchestrated Response6. Continuous Monitoring

Love your Customer….Love your Business

Requirements1. KISSing builds love (Keep it Secure and Simple)2. Customers build the business3. Business Led IT4. Adaptive Authorization

 

 

   

   

   

 

Business Alignment:UTILIZE EXISTING PROCESSES

Requirements: Policies, Templates, Processes§  Workflow aligns with pre-defined business processes.§  Seal the gaps in reaction, coordination and operation.§  Applications are protected dynamically.§  Do more with Less: Simplify migrations, patching &

upgrades.§  Simple to communicate Business Processes.

Building BlocksSecurity Success

Business Benefits§  Automated§  Repeatable§  Auditable§  Easy to iterate

Standards§  Access Policy Documents§  Architecture Templates§  Application API’s§  Security Infrastructure Integration API’s

Jenkins  

Chef  

OrchIS  

Applica<on  Access  

Applica<on  Development  

SecDevOps:USAGE SCENARIOS

Application Security Definitions§  SecDevOps – Policy Configuration/

automation with Remediation for cloud and on-premises security infrastructure.

§  DevOPS - Build/Deploy Infrastructure.

§  Continuous Integration - Build Deploy Application WAR/EAR Files.

Application Development Process

Automated Security Configuration§  Rapid repeatable architecture blueprints

enable setup via automated deployments in minutes.

§  Flexible UI to design, adapt and implement security component architectures.

§  Macro Policy Definition at the Application Tier.

§  Automated Micro Policies for Security Services.

§  Cross platform policy-writing and auditing.

§  Available for Cloud Apps.

§  Leverages existing infrastructure.§  Automation Reduces Manpower.

§  Remedy/Service Now Integration.

OrchIS:AUTOMATED SECURITY FOR APPLICATIONS

User  Directory   Policy  Store   Session  

Mgmt   PDP   STS   Other  IAM  Infrastructure  MFA  

SecDevOps    

Applica<on  Services  (API)    

Security  Orchestra<on    

WORKFLOW    

ADAPTIVE  ACCESS    

DATA  SECURITY    

Integra<on  Layer  (API)    

Risk  Response    

Audit/Re

por<ng  

 

Support    

Orchis:Structure

Imperva  WAF  

InstantIAM listeners takes Imperva notification and maps user to session then executes Workflow.

Syntegrity  OrchIS™   AM  System  

Orchestrated Response Example

Workflow takes action on user account:

- Reduce AuthN level-  Disable Account-  Destroy Session-  Audit Records-  Other Options

SQL Injection is detected by Imperva and results are published out via SYSLOG.

User Access Application and inserts SQL injection.

1   2   3   4  

CIDevelopReview

Test Commit

DevOpsDeploy

Test ClassifyDefine

SecurityPush Protection Policies

Integration API’sAuthorization Policies

AuthN PoliciesArchitecture Requirements

RemediateDrift Detection

Dynamic Role AssignmentAdaptive Access Control

Centralized Reusable Architecture and Governance

Simplified Drag and Drop Security Architecture§  Rapid repeatable architecture blueprints enable setup via automated deployments in minutes.

§  Flexible UI to design, adapt and implement security component architectures.§  Macro policy definitions based

on data sensitivity and compliance.

§  Cross platform policy-writing and auditing.

§  Automation of security policies and configuration for applications.

Business win: Simplification and Automation of Application Security

Simplified Security Architecture

Orchestrated Response:REAL-TIME REACTION TO THREATS

Orchestrated Response Interface§  Bridge the gaps-holistic security blanket

unifying the existing security estate.§  Common RESTful API for management of

Users, Sessions, Devices, and Applications.§  Ultra scale Session Management: in-memory

Data Grid harnessing Big Data Technologies.§  Adaptive Risk Based Response: limit

transactions based on risk profile of User, Session, Device, and Application level.

§  Increase ROI of existing Security investments.

Orchestrated Response: Scale, Scale, ScaleWEB-SCALE SESSION STORE

WAM is not enough§  < 40% Applications are protected§  Cumbersome deployments§  Expensive Integrations§  Binary responses§  Full trust Authorizations

WebScale Session Store§  Available for all applications§  50k TPS/node (Medium AWS instance)§  Common Session API§  Stateful and Stateless tokens§  Risk Inculcated§  Memory Grid§  Integrates with existing IAM estate.

Users Sessions Devices Apps

Risk

Web-Scale Session Store§  Web-Scale for B2E or B2C 50,000+tps/node.§  Multi-dimensional array between users, devices,

sessions and applications with Risk tracking.§  Workflow based remediation matches the action

with the threat:§  Reduce Entitlements§  De-provision Account§  Step up AuthZ§  Create ticket, etc.

Orchestrated Response:Web-Scale SESSION STORE

Automated Security Configuration§  User Access and Behaviour Modelling.§  Applications Access Monitor with Data Sensitivity Risk.§  Device/User correlation

and tracking.§  Audit Capture: location,

duration, application sensitivity, devices.

Continuous MonitoringBEYOND TRADITIONAL SECURITY TOOLS

OrchIS:Orchestrated Response WORKFLOWS

IIAM Features:§  Adaptable security workflow that aligns business processes with security requirements.§  Adaptive Risk based Response: limit transactions based on risk profile of user, session, device, and

application. §  Adaptable workflows for

policies, authentication, authorization and more.

§  Propagates rule-sets to existing mixed-vendor security platforms.

Orchestrated Response

How to say “No” without saying “No”§  Adaptive Access Control

§  Step up Authentication§  PEP redirect§  Increase Auditing§  Behavioral Anomalies§  Workflow Based Authorization

§  Increase Access while reducing Transactional Risk

Workflow:AUTHORIZATION

Correlation of User/Device/Session§  Seamless Many to Many Mapping

§  Able to instantiate complex business logic

Complex AuthN/AuthZ Policies§  Zero Day Vulnerability Protection

§  Block all IE 11 access

§  Allow only Android 4.2.2§  Untrusted Device Validation

§  Send IOS through Multiple levels of Auth

Incorporate Additional Data Elements§  Service layer API set is mapped to a business

process and (possibly) multiple separate low level RESTful APIs

§  Customer business processes can be inserted and/or extend default services

§  Customizable field validation in BPE

Simplified Management§  Enable Businesses and Applications to adapt to changing threat landscape.§  Provide Best Practice Security Workflows that align with Business Processes and

Regulations/Compliance.§  Audit capture of location, duration, application, sensitivity, and devices.

Automated Deployment§  Rapid Deployment based on Data Classification provides foundation for Business Agility.§  Drag and Drop Assembly of Security Components.

Orchestrated Response§  Adaptive Access Control provides dynamic policy enforcement.§  ‘Defend the gaps’ by combining Data Security feeds, devices, behaviours and Identity

Management into the access control decisions.

OrchIS:ORCHESTRATED INTELLIGENT SECURITY

User Trust:How?

Device Recognition/Validation

Moving Beyond the Password§  Strong Authentication§  Out of Band 2FA§  Voice Biometrics§  Picture Authentication

Device Trust:WHERE?

Device Validation via Network Data§  IP§  Geo Location§  Wi-Fi Networks§  SIM ID (Signature Based)§  Serial Number §  Android ID§  MAC §  Network Devices (MDM/Nac)§  Dozens of other Attributes

Nathanael Coffing, CEO / VP Business Developmentncoffing@syntegrity.com | (360) 410-6397

Let’s see it in action!

OrchIS:DEMO

Identity as the Core

Core Business Mandate: Increase Access while Reducing Transactional Risk

§  In a world of excessive options personalization becomes everything..§  Applications require Access§  Sound Security Platforms§  Simplify new feature rollout§  Time to Market

Perimeter-less Federation

Cloud / SaaSBYOD, Mobility

Employees & Partners

Perimeter Federation

Employees

Perimeter

AttributesContext

Stateless

Consumers

Perimeter-less Federation

Cloud / SaaS

SCA

LE

Enterprise

IoT

Consumer

SCOPE

IIAM CAPABILIT

Y

Constrained Expansive

OrchIS:IDENTITY AT THE CORE

IIAM Features: System Optimization and Precision

§  Architected for transactions beyond the perimeter: Cloud, SAAS, BYOD, Mobile.

§  Orchestrated transactional security via Adaptive Access Response.

§  Web-Scale Session Management scales to the billions of users, devices, sessions.

§  Capture access and user behaviour heuristics and enforce security through a fraud prevention risk engine.

§  Business Coordinated Response handling.

Business win: Identity Solutions capture contextual meta-data on user’s what/where/when/how.

Intelligent Security Orchestration