codeless security for the apps you buy & build on aws

Codeless Security for the Apps You Buy & Build on AWS

Russell MillerDirector, Product Marketing

Ari LeedsSenior Product Manager

1

Continuing Professional Education (CPE) Credits

Claim your CPE credit for attending this webinarhttps://www.isc2.org/

For more information or questions please contact usinfo@cloudlock.com

2

Agenda

02

SaaS & IaaS Markets: Why are we here?

Security Requirements for IaaS

01

3

03

The CloudLock Approach to IaaS & AWS Security

“ 2016 Market Growth:● SaaS: 20.3%● IaaS: 38.4%

“IaaS continues to be the strongest-growing segment as enterprises move away from data center build-outs and move their infrastructure needs to the public cloud.”

4

SaaS vs. IaaS Market Growth

http://www.gartner.com/newsroom/id/3188817

- Sid Nag, Gartner Research Director

"Forecast: Public Cloud Services, Worldwide, 2013-2019, 4Q15 Update"

IaaS spending is skyrocketing

5

© Statista 2016

Apps on IaaS MORE critical than SaaS Apps

6

1. Internal & Partner-facing IaaS apps2. Customer-facing IaaS apps

Platformas a Service (PaaS)

People

Data

Applications

Runtime

Middleware

Operating System

Virtual Network

Hypervisor

Servers

Storage

Physical Network

Cloud Shared Responsibility - SaaS/PaaS/IaaS

7Gartner, Mind the SaaS Security Gaps, Craig Lawson and Sid Deshpande, May 19, 2016

Infrastructureas a Service (IaaS)

Hypervisor

Servers

Storage

Physical Network

SaaS

People

Data

Applications

Runtime

Middleware

Operating System

Virtual Network

Hypervisor

Servers

Storage

Physical Network

CSPResponsibility

CustomerResponsibility

People

Data

Applications

People

Data

Applications

People

Data

Applications

Runtime

Middleware

Operating System

Virtual Network

Amazon’s View: “The Shared Responsibility Model”

8Source: https://aws.amazon.com/compliance/shared-responsibility-model/

Let’s Talk About Bees (No Birds Needed)

9Source: http://www.ForestWander.com

Connections in AWS

EC2 Instance

S3 Bucket

User

App

10

Connections in AWS

EC2 Instance

S3 Bucket

S3 Bucket

Log File Log File Log File Log File

S3 Bucket

S3 Bucket

S3 Bucket

Employee

Customer AttackerPartner Admin

11

03 The CloudLock Approach to IaaS & AWS Security

12

CloudLock Coverage & Use Cases

Admin Console

Custom Apps

Data Loss PreventionCompliance

Forensics

Configuration Security

Visibility & User Behavior Analytics

13

AWS Use Case #1: Forensics

14

AWS Use Case #2A: Visibility & Behavior (Sec Admin)

15

AWS Use Case #2B: Suspicious Behavior (AWS Admin)

**********

16

AWS Use Case #3: Data Compliance & Auditing

17

AWS Use Case #4: Data Leak Protection (DLP)

18

AWS Use Case #5: Configuration Security

19

CloudLock Platform

Protect the usage of business apps in

the cloud

CASB for SaaS

Protect the usage of critical infrastructure

in the cloud

CASB for IaaS/PaaS

Include the cloud in security workflows

Cloud Security Orchestration

20

CloudLock Platform

DLP User

Behavior Analytics

CentralAuditing

Configuration

SecurityEncryption

ManagementApps

Firewall

Protect the usage of business apps in

the cloud

Protect the usage of critical infrastructure

in the cloud

CASB for SaaS

CASB for IaaS/PaaS

Include the cloud in security workflows

Cloud Security Orchestration

21

Where is the threat in your environment?

http://bit.ly/CL-aws-demo

22

Questions

Russ MillerDirector, Product Marketing

Ari LeedsSenior Product Manager

23