leveraging host -based security for your cloud journey · | #cloudsec leveraging host -based...
TRANSCRIPT
![Page 1: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/1.jpg)
![Page 2: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/2.jpg)
www.cloudsec.com | #CLOUDSEC
Leveraging Host-Based Security for your Cloud JourneyPaul HidalgoTrend [email protected]
![Page 3: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/3.jpg)
Copyright 2016 Trend Micro Inc.3
Evolution of IT Cloud
PhysicalServers
PublicCloud
Virtual Servers
Virtual Desktops Hybrid Environments
![Page 4: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/4.jpg)
Copyright 2016 Trend Micro Inc.4
Shared Responsibility: BeforeYou
Physical
Infrastructure
Network
Virtualization
Operating System
Applications
Data
Service Configuration
![Page 5: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/5.jpg)
Copyright 2016 Trend Micro Inc.5
Shared Responsibility: AfterAWS
Physical
Infrastructure
Network
Virtualization
You
Operating System
Applications
Data
Service Configuration
![Page 6: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/6.jpg)
Network-Based Defense
![Page 7: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/7.jpg)
Copyright 2016 Trend Micro Inc.7
Standard
![Page 8: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/8.jpg)
Copyright 2016 Trend Micro Inc.8
Network IPS Architecture
![Page 9: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/9.jpg)
Copyright 2016 Trend Micro Inc.9
Network Based Security is Great
• It can be really expensive in the beginning of operations
• Throughput is capped by appliance
• Network Re-Configuration is required
![Page 10: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/10.jpg)
Why Host-based Security
![Page 11: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/11.jpg)
Copyright 2016 Trend Micro Inc.11
Standard
![Page 12: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/12.jpg)
Copyright 2016 Trend Micro Inc.12
Host Based Protection
![Page 13: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/13.jpg)
Copyright 2016 Trend Micro Inc.13
East-West Traffic80% of Network Traffic is East-West
![Page 14: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/14.jpg)
Copyright 2016 Trend Micro Inc.14
East-West Traffic
![Page 15: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/15.jpg)
Copyright 2016 Trend Micro Inc.15
East-West Traffic
![Page 16: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/16.jpg)
Security During Operations
![Page 17: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/17.jpg)
Copyright 2016 Trend Micro Inc.17
Auto-Scale without a Worry
• Automated Provisioning, Policy assignment and Cleanup
• Network throughput will depend on Instance Network Performance
• Integration with Cloud Management tools
![Page 18: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/18.jpg)
Copyright 2016 Trend Micro Inc.18
Context-based Security
• Get an accurate Security Rules based on OS and application
• Increase Performance by reducing unnecessary rules
• Leave the Policy creation to the experts
![Page 19: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/19.jpg)
Copyright 2016 Trend Micro Inc.19
Virtual Patching
Average time to Patch176 Days
RecommendationUse instance Replacement
when patching
Plan ProperlyBuy Time to
resolve issues when patching
![Page 20: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/20.jpg)
Copyright 2016 Trend Micro Inc.20
How does Virtual Patching Work
![Page 21: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/21.jpg)
Copyright 2016 Trend Micro Inc.21
How does Virtual Patching Work
![Page 22: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/22.jpg)
Copyright 2016 Trend Micro Inc.22
How does Virtual Patching Work
![Page 23: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/23.jpg)
Copyright 2016 Trend Micro Inc.23
How does Virtual Patching Work
![Page 24: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/24.jpg)
Copyright 2016 Trend Micro Inc.24
How does Virtual Patching Work
![Page 25: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/25.jpg)
Copyright 2016 Trend Micro Inc.25
Prevent Ransomware
C&C Traffic DetectionDetect and alert on ransomware-specific command & control traffic
Vulnerability ShieldingVirtually patches server software until it can be patched, shielding servers against vulnerability exploits
Suspicious Action MonitoringDetect suspicious activity on file servers related to ransomware and stops it
Malware ScanningScan for malicious software and stop it
Stop ransomware from impacting your most critical data on your servers, whether physical, virtual or in the cloud.
![Page 26: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/26.jpg)
Copyright 2016 Trend Micro Inc.26
Get the complete picture• Pick up Important security
Alerts• Registry Changes• Brute Force Alerts• Configuration File Changes• Login Issues
• Comprehensive audit trail fore the entire entire infrastructure
CloudTrail& AWS Config
Security Tools
![Page 27: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/27.jpg)
The ProductDeep Security
![Page 28: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/28.jpg)
Regulatory compliance & Auditing
Zero-day vulnerability(Heartbleed & Shellshock)
Web Application Vulnerabilities
(OWASP Top 10, SQL Injections, XSS, )
Denial of Service & Network Attacks
Malware Protection Harmful External Servers
![Page 29: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/29.jpg)
Log Protection and File Integrity Monitoring
Virtual Patching Intrusion Prevention Host Firewall
Anti Malware Web Reputation
![Page 30: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/30.jpg)
Copyright 2016 Trend Micro Inc.30
How it Works
![Page 31: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/31.jpg)
Why NotCommon Objections
![Page 32: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/32.jpg)
Copyright 2016 Trend Micro Inc.32
Integration
AWSConfig
Amazon Inspector
AWS WAF AmazonSNS
AWSLambda
AWS CodeDeploy
AWSCloudFormation
Auto Scaling
AWS Elastic Beanstalk
AWSOpsWorks
https://github.com/deep-security
![Page 33: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/33.jpg)
Copyright 2016 Trend Micro Inc.33
Can affect Instance performanceRecommendation Scan• Scan OS and Applications for:
• Intrusion Prevention• File Integrity Monitoring• Log Inspection
• Automate• Scanning• Application of Rules
![Page 34: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/34.jpg)
Copyright 2016 Trend Micro Inc.34
Is it a WAF?• Same IP and Heuristic
Based blocking• Except DDOS• But with Layer 1-7
Works with AWS WAF• XSS / SQLi Rules• IP Lists
![Page 35: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/35.jpg)
Copyright 2016 Trend Micro Inc.35
It’s Expensive
![Page 36: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/36.jpg)
1c/hrmicro,small,
medium
3c/hrlarge
6c/hrxlarge and above
Available on AWS Marketplace
400 /year
any size
*Per Instance
![Page 37: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/37.jpg)
Change your thinking
![Page 38: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/38.jpg)
Be a DevSecOps Company• Gain more visibility inside EC2
Instances without instance access
• Enforce Security Baseline to within your company
• Integrate security in your SDLC• Reduce tools needed to secure
your environment
![Page 39: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/39.jpg)
Design a workload-centric security architecture
![Page 40: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/40.jpg)
Patch Zero Day without restarts
![Page 41: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/41.jpg)
Automate Security, Not Bolt In
![Page 42: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/42.jpg)
Improve visibility of AWS and hybrid environments
![Page 43: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/43.jpg)
Gartner Best Practices
Best Practices for Securing Workloads in Amazon Web Services
http://bit.ly/1pxaFTL
![Page 44: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com](https://reader036.vdocuments.us/reader036/viewer/2022062223/5ec962389c4c5121401a2058/html5/thumbnails/44.jpg)
Paul Hidalgo@peeweeh+65 98368252