webinar simeio palerra_feb2015_v4-2
TRANSCRIPT
![Page 1: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/1.jpg)
Security Playbook:
Setting Up a Game Plan
![Page 2: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/2.jpg)
The Presenters
Darren Calman
VP Business Development
Simeio Solutions
Upa Hazarika
Sr. Dir. Marketing & Strategy
Palerra
2
![Page 3: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/3.jpg)
Webinar Overview
Simeio Solutions and Palerra discuss how to:
• Develop a layered defense strategy for today’s modern enterprise
• Proactively protect your enterprise applications along with your cloud
footprint
• Detect and remediate incidents in the cloud
• Automate the workflow to ensure a gap-free security architecture
3
![Page 4: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/4.jpg)
World’s Biggest Data Breaches
4
![Page 5: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/5.jpg)
The new workforce. The new reality.
• 90% of workers in the US use personal smartphones for work purposes
• 10B personal mobile devices estimated to be in use in five years
• Gartner predicts that enterprise data will grow 650 percent in the next five years
5
![Page 6: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/6.jpg)
Thousands of Applications
• The average enterprise has > 500 applications being used by their employees and customers
• Applications are being adopted directly by lines of business – not always going through IT
6
![Page 7: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/7.jpg)
Technologies Exist….
7
![Page 8: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/8.jpg)
.…but resources are scarce
• “…the demand for cybersecurity professionals began to overtake supply in 2007…”
• Processes aren’t always well documented
• Security configurations sometimes left at default parameters» …..or the application owner is not sure what impact a change in
a configuration will have
• Monitoring?
8
![Page 9: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/9.jpg)
Putting it all together….
9
![Page 10: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/10.jpg)
Building a Security Playbook
Essential Plays:
1. Proactively protect your enterprise footprint with identity management
2. Continuous monitoring of security configurations
3. Automated analytics to detect or predict threats
4. Automated incident response
10
![Page 11: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/11.jpg)
Play#1: Identity Management
Transform the way you view and manage identity in a changing world
• More easily meet privacy and compliance requirements
• Reduce cost and complexity
• Increase security
• Increase reliability and productivity
• Improve user satisfaction and self-sufficiency
• Respond more nimbly to rapidly-changing business demands
• Seize new business opportunities by collaborating with partners/suppliers
11
![Page 12: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/12.jpg)
SECURITY PLAYBOOK /// FEB 2015
Play#2: Continuous Monitoring for the Cloud
Continuous monitoring is important to:
Free up staff from labor-intensive manual monitoring methods
Eliminate any human errors resulting from manual monitoring methods
Maintain a compliant security posture by preventing configuration drift
Three parts to continuous monitoring:
1. The initial definition and setting security configurations for a cloud service
2. Ongoing monitoring of these configurations
3. Reverting any changes in case of drift from the predefined configurations
Automation of monitoring is necessary for compliance
![Page 13: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/13.jpg)
SECURITY PLAYBOOK /// FEB 2015
Example: Continuous Monitoring of Password Configurations
1. Define security configurations for
Box and set the password
requirements to include 2 numbers.
2. Automatic monitoring begins and
detects that requirement was
changed to 1 number.
3. Automatically revert the
configuration to require 2 numbers.
![Page 14: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/14.jpg)
SECURITY PLAYBOOK /// FEB 2015
Play#3: Threat Analytics for the Cloud
Challenges with performing threat analytics for cloud services
Static threat models cannot be applied to on-demand cloud infrastructure
Non-uniform transparency across cloud providers for event logs and security metadata
Consolidation of security data across SaaS, PaaS and IaaS is required for a holistic view
Correlation of data across all cloud services is challenging due to the sheer volume of cloud usage
A combination of approaches to threat analytics is required Detection: Define static rules and baselines to match known threats
Prediction: Use data science and machine learning to discover unknown threats
Automation of threat detection and prediction is necessary to keep up with the rapidly evolving threat landscape
Chase breach affects 76 million accounts, raises questions about detection failureSC Magazine – Oct 3, 2014
![Page 15: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/15.jpg)
SECURITY PLAYBOOK /// FEB 2015
Example: Detecting an Insider Threat in the Cloud
1. User downloaded confidential
files from Box
1. Uses Office 365 to email files
to a person with a competitive
email domain
1. Insider threat is automatically
detected
![Page 16: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/16.jpg)
SECURITY PLAYBOOK /// FEB 2015
Example: Predicting an APT
1. Monitoring detects large
number of failed logins to
Salesforce in combination with
mass record deletes and
transfers.
1. Advanced Persistent
Threat (APT) is predicted.
![Page 17: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/17.jpg)
SECURITY PLAYBOOK /// FEB 2015
Play#4: Incident Response for the Cloud
Comprehensive incident response entails Logging: ensures that all incidents are tracked
Remediation: ensures that all incidents are addressed
Two approaches to remediation Changes are made directly to the cloud service
Changes are made via integrations with existing IT investments
Automation of incident response is necessary to ensure that no incidents are lost in the shuffle
Target did not respond to FireEye security alerts prior to breach, according to reportSC Magazine – March 13, 2014
![Page 18: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/18.jpg)
SECURITY PLAYBOOK /// FEB 2015
Example: Automated Incident Response
1. Incident is automatically
logged.
1. Incident is remediated:
a. By directly disabling the
user’s account in the
cloud service
b. Or, by integrating with
an external tool which
disables the user’s
account
![Page 19: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/19.jpg)
SECURITY PLAYBOOK /// FEB 2015
Meet LORIC™: The Cloud Security Automation Platform
Continuously monitor and
enforce security
configurations to ensure
compliance
Threat detection using
security baselines, behavior
patterns, and real-time threat
intelligence feeds
Threat prediction using
machine learning and
modeling techniques to
evaluate risks across
hundreds of threat vectors
Automated forensics, incident
management, orchestration
and remediation
Continuous MonitoringThreat Detection Predictive Analytics Incident Response
SaaS platform with Public and Private Cloud Options - NO hardware, software or agents
![Page 20: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/20.jpg)
SECURITY PLAYBOOK /// FEB 2015
Rest Easy with LORIC
Gap-free protection across SaaS, PaaS and IaaS
Cost savings resulting from automation of security lifecycle
Compliance through continuous monitoring and enforcement
![Page 21: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/21.jpg)
SECURITY PLAYBOOK /// FEB 2015
About Palerra
• Automating threat detection to incident response for cloud services
• Launched in 2014
• Technology partners include Microsoft Office 365, AWS, Box, Salesforce and GitHub
• Solution provider partners include Simeio
• Cloud Security Alliance corporate member
Company
Investors AccoladesThe 10 Coolest Security Startups Of 2014
AlwaysOn Global 100 Companies to Watch
![Page 22: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/22.jpg)
SECURITY PLAYBOOK /// FEB 2015
Leading Provider of IAM and IT Security Solutions
• Identity & Access Management / Governance
• IT Governance, Risk and Compliance
• Global Reach
Recognized by Leading Analysts
• Referenced in or co-authored dozens of publications
100’s of Project Successes and over 17 Million Identities Managed
About Simeio Solutions
22
![Page 23: Webinar simeio palerra_feb2015_v4-2](https://reader034.vdocument.in/reader034/viewer/2022042817/55a78eb31a28aba0318b4655/html5/thumbnails/23.jpg)
23
Resources
Simeio Customer Testimonials
https://www.simeiosolutions.com/home/testimonials.html
Simeio Additional Resources
https://www.simeiosolutions.com/home/resources.html
Palerra Evaluating Cloud Security Solutions Buyer’s Guide
https://palerra.com/locked_item/buyers-guide
www.palerra.com /// [email protected] /// @palerrainc
www.simeiosolutions.com /// [email protected] /// @simeio