Maturing your organization from DevOps to DevSecOps

1. Maturing Your Organization from DevOps to DevSecOps Varun Badhwar CEO & Co-founder

2. RedLock Confidential & Proprietary About Us Founded 2015 and headquartered in Menlo Park, CA Backed by Dell Technologies Capital, Sierra Ventures, Storm Ventures, and other high profile investors Protecting 5+ million resources for a number of high profile customers Finalist for Most Innovative Startup at RSA 2017 San Francisco

3. RedLock Confidential & Proprietary Cloud Security Learnings from Recent Breaches: Equifax Background: ● Vulnerability in Apache Struts (CVE-2017-5638) ● Apache Struts is used in one of Equifax’s web applications ● Equifax did not upgrade the software in the application ● Hackers scanned the internet for applications running this old software version, found the Equifax server, and compromised it Cloud Security Learnings: ● Vulnerability management tools identify unpatched hosts based on IP addresses ● IP addresses in the cloud are dynamic and constantly changing ● Running periodic scans is ineffective since the IP address of the unpatched hosts may have changed; continuous scanning is required ● Also, unpatched hosts that are exposed to the internet are more vulnerable and should be prioritized * 81% of organizations are not managing host vulnerabilities in the cloud *Cloud Security Trends Report: https://info.redlock.io/cloud-security-trends-oct2017

4. RedLock Confidential & Proprietary Cloud Security Learnings from Recent Breaches: Gemalto, Aviva & Others Background: ● RedLock CSI team discovered hundreds of unpassword protected Kubernetes administrative consoles ● Hackers executing bitcoin mining commands from some of the Kubernetes containers (examples: Aviva, Gemalto, and others) ● RedLock CSI team discovered access keys and secret tokens stored in plaintext in the containers Cloud Security Learnings: ● Monitor resources to detect misconfigurations and auto-remediate issues ● Monitor inbound and outbound network traffic and correlate with resource configurations to spot suspicious activity ● Monitor user activity for suspicious behaviour to detect insider threats or account compromises *Cloud Security Trends Report: https://info.redlock.io/cloud-security-trends-oct2017

5. RedLock Confidential & Proprietary Organizations are Responsible for Security “in” the Cloud The Shared Responsibility Model Resource Configurations User Activities Network Traffic Hosts Applications Responsible for security “in” the cloud Organization Hubs Switches Routers Hypervisor Data Center Responsible for security “of” the cloud Cloud Service Provider

6. RedLock Confidential & Proprietary The Problems You Need to Solve Organization’s Responsibility Network Traffic Real-time network visibility Suspicious traffic detection Incident investigation Hosts Host IDS/IPS Vulnerable host detection Applications Data encryption Data loss prevention Application security monitoring User Activities Account & access key compromise detection Anomalous insider activity detection Privileged activity monitoring Resource Configurations Compliance scanning (CIS, PCI, etc.) Storage, snapshots, & image configuration monitoring VPC, security groups & firewall configuration monitoring IAM configuration monitoring Encryption & key rotation configuration monitoring

7. RedLock Confidential & Proprietary DevSecOps Maturity Model A framework to evaluate where your organization’s cloud security practices are and where they need to go. Cloud Footprint: ● Dozens of workloads ● Few cloud accounts Stage 1 - Adopt Objectives: ● Compliance assurance ● Policy guardrails Security Solutions: ● CloudTrail analysis (SIEM) ● Configuration monitoring tools Cloud Footprint: ● Hundreds of workloads ● Many cloud accounts Stage 2 - Expand Objectives: ● Central visibility ● Threat detection ● Vulnerability management + Stage 1 Objectives Security Solutions: ● None Cloud Footprint: ● Multiple cloud providers ● Thousands of workloads ● Dozens of cloud accounts Stage 3 - Scale Objectives: ● Auto-remediation ● Incident investigation + Stage 2 Objectives Security Solutions: ● None

8. RedLock Confidential & Proprietary ● Control identification (CIS, PCI, etc) ● Resource discovery & profiling ● Monitoring & remediation ● Audit reporting RedLock Enables Cloud Threat Defense Compliance Assurance DevSecOps Enablement SOC Enablement ● Resource visibility ● Policy guardrails ● User attribution ● Remediation ● Vulnerability management ● Advanced threat detection ● Cloud forensics ● Remediation

9. RedLock Confidential & Proprietary RedLock Takes a Holistic Approach 2. CORRELATES DATA USING AI Uses AI to correlate network, user, configuration, and threat intel data. 1. DISCOVERS ENVIRONMENT Ingests data via APIs and automatically discovers resources. No agents, no proxies. CLOUD 360 PLATFORM 3. REMEDIATES RISKS Remediate issues via RedLock or enterprise integrations. ENTERPRISE INTEGRATIONS APIs Resource Configurations User Activity Network Traffic Hosts THIRD PARTY FEEDS APIs

10. Demo

11. RedLock Confidential & Proprietary

12. RedLock Confidential & Proprietary 3 Simple Steps to Security Governance “Get a FREE risk assessment of your public cloud environment Provide RedLock with API access to environment We will set up an account on the RedLock Cloud 360 platform See results immediately 1 2 3

Maturing your organization from DevOps to DevSecOps

Esté a ler uma amostra.

Confira estes a seguir

Maturing your organization from DevOps to DevSecOps

Mais Conteúdo rRelacionado

Diapositivos para si (20)

Quem viu também gostou (16)

Semelhante a Maturing your organization from DevOps to DevSecOps (20)

Mais de Amazon Web Services (20)