www.cloudsec.com | #CLOUDSEC
Dynamic Security for Dynamic EnvironmentsSharda Tickoo, Technical HeadTrend Micro India
Copyright 2017 Trend Micro Inc.3
DA
MA
GE
CA
USE
D
Web Threats
2007 2010
TargetedAttacks
2012
MobileAttacks
Intell igentBotnets
2005
Spyware
2004
SpamMass
Mailers
2003
Worm Outbreaks
Vulnerabi l i t ies
2000 Now!
Ransomware + Destructive
Attacks
Threat landscape evolving: Leveraging Broader Attack Surface500,000 new unique threats discovered each dayIn 2016, Ransomware spiked 752% !
Copyright 2017 Trend Micro Inc.4 Source: TrendLabs, Feb 2017
Breach TrendsMajority of Malicious Activity still Originates from External Actors than Internal
Discovery of Insider Misuse Situation takes Longest duration in Network and repercussion still dangerousSource: Verizon DBIR 2017
#CLOUDSEC
Motive for Breach Financial gain still remains the highest motivation for threat actor
On an average 13% users clicked on malicious phishing links
Only 1 User is required to infect the Network
Source: Verizon DBIR 2017
#CLOUDSEC
Percentage Of Breach
Source: Verizon DBIR 2017
Sources: Trend Research, Verizon Data Breach Report, 2016
90%of malware only affects
one device
60%of malicious domains are alive for less than an hour
Only 60 secondsto encrypt endpoints with ransomware
Copyright 2016 Trend Micro Inc.9
Not that straightforward…Not that straightforward…
1 million cybersecurity job openings1 million cybersecurity job openings
Source: “Mitigating the Cybersecurity Skills Shortage. Top Insights and Actions from Cisco Security Advisory Services” Report
Copyright 2017 Trend Micro Inc.10
PublicCloud
Virtual Servers
Virtual Desktops
Modernization of Datacenter ….
PhysicalServers
ContainersServerless
101101000010
AWS Lambda Azure Functions
Copyright 2016 Trend Micro Inc.11
Shifts in IT Infrastructure
Changes in User BehaviorChanges in
User BehaviorChanges in
User BehaviorEmergence ofnew Threats
Extremely dynamic environmentExtremely dynamic environment
Copyright 2017 Trend Micro Inc.
Data Encryption Network Traffic Protection
Platform, Applications
Operating System, Network & Firewall Configuration
Content and Applications
Foundation Services
Compute Storage Database Networking
Global Infrastructure Regions
Domains, Availability Zones
Foundation Services
Compute Storage Database Networking
Global Infrastructure Regions
Domains, Availability ZonesCloud
Provider
Customer!
Shared Responsibility
Copyright 2017 Trend Micro Inc.13
Cloud workloads have different requirements for security than end‐user‐facing endpoints, and the adoption of hybrid private/public cloud computing models compound the differences.
Source: Gartner, “Market Guide for Cloud Workload Protection Platforms”, March 2017 G00300334
Analyst insights & Recommendations
Require vendors to support the security and visibility of workloads that span physical, virtual and multiple public cloud IaaS all from a single policy management framework and console.
Copyright 2017 Trend Micro Inc.14
Protection against advanced threats across environments with ability to auditPerformance without compromising security across legacy and modern architecturesSimplified management and operational efficiency, especially in light of skills shortage
Copyright 2017 Trend Micro Inc.
Intrusion Prevention
Integrity Monitoring
Anti‐Malware & Content Filtering
Sandbox Analysis
BehavioralAnalysis
Application Control
Log Inspection
Host Firewall
Cross‐generational blend of threat defense techniques
Copyright 2017 Trend Micro Inc.
Hybrid Cloud Security Solution
Network Security
Firewall Vulnerability Scanning
Intrusion Prevention
Stop network attacks, shield vulnerable applications & servers
Anti‐Malware
Sandbox Analysis
Malware Prevention
Stop malware & targeted attacks
Behavioral Analysis & Machine Learning
System Security
Lock down systems & detect suspicious activity
Application Control
Integrity Monitoring
Log Inspection
Copyright 2017 Trend Micro Inc.17
Anti‐Malware & Content FilteringIntrusion Prevention (IPS) & Firewall Integrity Monitoring & Log InspectionApplication Control
Safe files & actions allowed
Malicious files & actions blocked
LEGEN
D
Known Good
Known Bad
Unknown
Machine Learning
Behavioral Analysis
Custom Sandbox Analysis
Protect Against Advanced Threats
Copyright 2017 Trend Micro Inc.18
Vulnerabilities don’t stop or go away
2Heartbleed
ShellshockWannaCry Erebus
Copyright 2017 Trend Micro Inc.19
Reduce Operational Impacts
• Reduce operational costs of emergency & ongoing patching
• Protect systems where no patches will be provided
• Secure server and application-level vulnerabilities
Vulnerability disclosed or exploit available
Virtual patch available
Patch Available (if in support)
Test
Begin Deployment
CompletedTime
WannaCry ransomware protection delivered in March, 2017, with enhancements at public disclosure (May 2017)
Continuous protection
Copyright 2017 Trend Micro Inc.20
Hybrid Cloud Security
Remove security complexity
Copyright 2017 Trend Micro Inc.21
Eliminate manual security processes
• Get full visibility across environments• Automatically scale up and down
without gaps• Scan for vulnerabilities & recommend
or apply security based on policy• Install only security controls required
for maximum performance
Copyright 2017 Trend Micro Inc.22
Extend to Docker containers
• Secure the host AND Docker containers running on it
• Get consistent security across all workloads
Amazon ECS
Copyright 2017 Trend Micro Inc.23
Remove platform support issues
Thousands of supported kernels with rapid updates
Copyright 2017 Trend Micro Inc.24
Reduce deployment complexity
Support for leading orchestration tools and automation
PowerShell
Copyright 2017 Trend Micro Inc.25
Streamline information sharing
Copyright 2017 Trend Micro Inc.26
Accelerate compliance
• Multiple controls with central management & reporting
• Protect legacy environments
• Consistent security across the hybrid cloud
800‐53
FERC
#CLOUDSEC
Workload Security on AWS Growth
26 months
8 months
Copyright 2017 Trend Micro Inc.
The MARKET LEADER in server security for 7
straight years
Symantec
Intel
Other
30%
Source: IDC, Securing the Server Compute Evolution: Hybrid Cloud Has Transformed the Datacenter, January 2017 #US41867116
Copyright 2017 Trend Micro Inc.29
Market-leadingVision & Partnerships
First with vShield support
Threat Intelligence
First with Hypervisor‐based protection
Support for next generation networking with file & network security
Visibility across data center ops & security
Deep Security in the private & public cloud
Security available in major cloud marketplaces
Security built into cloud managed service offerings
Securing microservices& Docker Containers
www.cloudsec.com | #CLOUDSEC
THANK YOU
Sharda Tickoo, Technical HeadTrend Micro India