SaaS - Security as a ServiceSaaS - Security as a Service------------

bullshit bingo … or just a future glimpsebullshit bingo … or just a future glimpse

by Vitor Domingoshttp://vitordomingos.com

Security HistorySecurity History

1.0 – Computer1.0 – Computer

2.0 – Network2.0 – Network

3.0 – Information3.0 – Information

4.0 – Your digital you4.0 – Your digital you

Security Menace HistorySecurity Menace History

1.0 – Virus, Stealing Information

2.0 – Worms, Trojans, Virus

3.0 – DDoS, Trojans, Identity Theft

4.0 – FarmVille, Mafia Wars, Data Theft

Firewall HistoryFirewall History

1 Gen – Packet1 Gen – Packet

2 Gen – Application Layer2 Gen – Application Layer

3 Gen – Stateful3 Gen – Stateful

4 Gen – Semantic4 Gen – Semantic

5 Gen – Personal 5 Gen – Personal

security is about information

security is about informationnow securing

divide and conquer no longer applies

Security as a ServiceSecurity as a Service

- nothing new; more explicit- nothing new; more explicit

- managed security, rented security- managed security, rented security

- outsourcing security infrastructure > cloud- outsourcing security infrastructure > cloud

- auth management- auth management

- secure API's- secure API's

- ongoing tasks (patch, scan, log, defend)- ongoing tasks (patch, scan, log, defend)

SaaS Meh'sSaaS Meh's

- it's the web baby- it's the web baby

- secure web gateways- secure web gateways

- cloud security provider- cloud security provider

- managed security 2.0- managed security 2.0

- trust- trust

- bandwidth- bandwidth

it could workit could work

- not with marketing bullshit- not with marketing bullshit

- XSS, data injection, data leak- XSS, data injection, data leak

- auth, weak password validation- auth, weak password validation

- worm, trojan, bruteforce, DDoS- worm, trojan, bruteforce, DDoS

- secure not the browser, but the pipe- secure not the browser, but the pipe

- social firewall ?- social firewall ?

Vitor Domingos - vd@prt.sc Vitor Domingos - vd@prt.sc