Download - Nimbo/Alert Logic - Azure in the Cloud
![Page 1: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/1.jpg)
Alert Logic – Azure Cloud Security
Johnathan NormanCloud Solutions Architect
![Page 2: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/2.jpg)
Agenda
• Key Findings: Cloud Security Report, Spring 2014- Alert Logic Customer Data- Honeypot Research
• Common Azure Security & Compliance Issues• Alert Logic for Azure
- Log Manager
- Threat Manager
- Web Security Manager
![Page 3: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/3.jpg)
Cloud Adoption is Gaining Momentum
• Major Public cloud vendors predicted to eclipse $10B in revenue by 2015
• Oracle Cloud bookings increased by 35% in 2013
• Gartner predicts 60% of banking institutions to migrate to the cloud
• Healthcare is expected to adopt cloud computing at a 21% year over year rate through 2017
• VDI (Desktop as a Service) market reached $13.4 billion in 2013
![Page 4: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/4.jpg)
Over 2,800 Organizations Worldwide Trust Alert Logic
Millions of devices secured
3.7 Petabytesof log data under
management
8.5 Millionsecurity events
correlated per day
40,000incidents identified
and reviewedper month
![Page 5: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/5.jpg)
Threats in the Cloud are Increasing With Adoption
• Increase in attack frequency
• Traditional on-premises threats are now moving to the
cloud
• Majority of cloud incidents were related to web
application attacks, brute force attacks, and
vulnerability scans
• Brute force attacks and vulnerability scans are now
occurring at near-equivalent rates
in both cloud and on-premises
environments
• Malware/Botnet is increasing year
over year
![Page 6: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/6.jpg)
Global Honeypot Network
Why Honeypots?
•Honeypots give us a unique data set
•Simulates vulnerable systems without the risk of real data loss
•Gives the ability to collect intelligence from malicious attackers
•Allows for collection of variousdifferent attacks based on system
•Helps identify what industry specific targets are out there
![Page 7: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/7.jpg)
Honeypot Findings
https://www.alertlogic.com/wp-content/uploads/2014/08/alertlogic-HoneypotFindings2014-infographic.pdf
![Page 8: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/8.jpg)
Common Azure Compliance & Security Issues
Secure your code
Know your scope
Instance Isolation
Shared Responsibility
Storage Key Management
1234567
![Page 9: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/9.jpg)
1- Secure Your Code – Implement SDL
![Page 10: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/10.jpg)
1- Secure Your Code – Sharing is bad…
![Page 11: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/11.jpg)
2- Know Your Scope
Web Traffic
Web Role
Web Role
Azure Website
Azure Website
Azure Storage
Azure Storage
Traffic Manager
![Page 12: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/12.jpg)
2 – Know your scope
![Page 13: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/13.jpg)
3 – Instance Isolation
worker rolesweb rolesservice endpoint
service endpoint
Virtual NetworkVirtual Network
Web Traffic
![Page 14: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/14.jpg)
4 - Storage Key Management
storage blob
Azure Mobile Services
1. Upload()
2. Path = http://blah.storage.azure.com/public/xyz/foo.jpg
3. UploadToPath(Path);
![Page 15: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/15.jpg)
4 - Storage Key Management
storage blob
Azure Mobile Services
1. Upload()
2.) Return SAS (write/expires 5 min) and Path
3.) Authenticate & Upload
![Page 16: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/16.jpg)
5 - Security in the Cloud is a Shared Responsibility
CustomerResponsibili
ty
FoundationServices
Hosts
• Logical network segmentation• Perimeter security services• External DDoS, spoofing, and scanning
prevented
• Hardened hypervisor• System image library• Root access for customer
• Access management• Patch management• Configuration hardening• Security monitoring• Log analysis
Apps
• Secure coding and best practices
• Software and virtual patching• Configuration management
• Access management• Application level attack
monitoring
• Network threat detection
• Security monitoringNetworks
CloudService Provider
Responsibility
Compute
Storage
DB Network
http://azure.microsoft.com/en-us/support/trust-center/compliance/
![Page 17: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/17.jpg)
Alert Logic –Security Solutions
![Page 18: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/18.jpg)
Security and Compliance is Challenging
Skilled security resources are in high demand and
hard to find
Moving to cloud and hybrid IT environments brings
different threats and complexities
Maintaining continuous security and compliance
is expensive
![Page 19: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/19.jpg)
Applications
Systems
Networks
Building a Security and Compliance Solution
IDS
Vulnerability Scanning
Web Application Firewall
Log ManagementThreat
IntelligenceFeeds
SIEM
Staff capable of:
•Provisioning
•Monitoring
•Configuration and tuning
•Researching incidents, emerging threats, and defining remediation steps
Big Data Analytics
ProductsAutomated Correlation
and AnalyticsPeople & Process
![Page 20: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/20.jpg)
Alert Logic Solutions
Alert LogicThreat Manager™
Alert LogicWeb Security Manager™
Alert LogicLog Manager™
Alert Logic Unified Web User Interface
Intrusion Detection & Vulnerability Scanning
Log Management & Compliance Reporting
Active Protection for Web Applications
![Page 21: Nimbo/Alert Logic - Azure in the Cloud](https://reader030.vdocuments.us/reader030/viewer/2022032618/55b3534bbb61eb9a568b4613/html5/thumbnails/21.jpg)
Thank you.