SlideShare uma empresa Scribd logo

Mohammed Al Mulla - Best practices to secure working environments

Transferir como PPTX, PDF
N
nooralmousa
Tecnologia
1 de 27
Best Practices to Secure Working Environments Mohammed Almulla Kuwait University
Executive Summary Recent changes in computing architecture from dedicated servers in datacenters to virtualization and Cloud Computing suggest that we rethink our IT security methodologies. The focus is on database security, as well as on securing most enterprise applications.
Table of Contents Limitations of existing database security approaches. Security considerations when deploying virtualization. How distributed monitoring best fits virtual and Cloud Computing environments.
Securing Information in Virtualization Many enterprises future plan is to move some applications to Cloud Computing. How does this affect their IT security methodologies?
Recent Requirements Working environments are centered around two major technological requirements: Very High Performance Networks (VHPN) Complex applications.
Market Response To meet these requirements, security companies introduced a range of network appliances. Network Appliances: machines positioned somewhere in the network, to inspect the traffic for either protocol violations, malicious code, viruses malware or spams.
Types of Security Solutions ,[object Object],Network-based system
Winning the Battle In this era, solutions that depend on host-based software are neglected. Network-based IDS and IPS won the battle against host-based solutions. The concept of simply placing an appliance in a rack and attaching it to a switch is very attractive, especially when resources available for security are limited.
Recent Trend Today, many distributed applications have been leading to the adoption of host-based solutions, in conjunction with network appliances, specially when the enterprises are concerned with insider transactions.
Network-based Isn’t Enough The new databases are dynamically appearing in new locations. Question1: Will the network appliance approach be relevant when many transactions will not make it to the network Question2: Is the network monitoring approach efficient when the application network moves from LAN to WAN.
Before & After Previously, databases were not monitored or protected. Now monitoring DBs must cover local and intra-db attacks. Because of database breaches, customers are now investing time and effort in securing their databases.
Today’s Solutions Recently, appliance vendors have added local agents to their solutions, making many of today’s network-based solutions a hybrid of network appliance and host-based solution.
Solution Analysis The hybrid approach is not ideal, but as long as most applications run on the network in plain sight of the appliance, some enterprises were willing to accept the risks.
Disadvantages These hybrid solutions introduce complex implementation requirements such as kernel-level installation of the agent, for example, requiring reboots to the DB server. They still miss the sophisticated attacks generated from within the database itself. They also fail to address several technical challenges when implemented in either a virtual environments, or in the cloud.
Challenge #1 – Visibility Into VM-to-VM Transactions ,[object Object],[object Object]
In such a case, there is little or no network traffic as the transactions between the application and the database occur from VM-to-VM within the server.
Network monitoring appliances will not see these transactions.,[object Object]
Challenge #2 – The Dynamic System Environments If virtual security appliances are not ideal solutions for virtual machines, they are even less applicable in cloud-based applications, where networks are dynamic.
Solution The only solution that works in all environments, including Cloud environment is a solution that is based on sensors that run side by side with the database on every machine that hosts one database or more.
Challenge #3 – Performance Over WAN ,[object Object]
Cloud Computing prevents you from co-locating a server close to your databases – you simply won’t know where they are.
This will slow down network performance, and prevents timely interruption of malicious activity.,[object Object]
For Cloud Computing, make sure that the system supports wide area network (WAN) topologies.
To limit exposure of sensitive data, encrypt all traffic between the management console and sensors, and for optimum performance, compression techniques should be implemented so that policy updates and alerts are efficiently transmitted.,[object Object]
The Ultimate Challenge The challenge is to create host-based solutions that do not suffer the same drawbacks that made old host-based solutions irrelevant namely: Intrusive implementations, Performance issues Quickly adapt to new and volatile environments.
Next-generation Solutions Next generation solutions must be lightweight, easily added to the virtual machine where needed, and installed in parallel to the first database that is installed on a machine.
Promoting Stability Adding a layer of security does not require changes in architecture and does not rely on the virtualization technology in use.

Recomendados

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
The Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksThe Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksWestbase.io
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 
Aruba Rightsizing Your Network
Aruba Rightsizing Your NetworkAruba Rightsizing Your Network
Aruba Rightsizing Your Networkhypknight
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affairGeorge Delikouras
 
Cloud computing
Cloud computingCloud computing
Cloud computingperfectican
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 

Recomendados

Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
New Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderNew Model for IT: Cloud Service Provider
New Model for IT: Cloud Service ProviderVMware
 
The Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksThe Importance of Cloud Management for Networks
The Importance of Cloud Management for NetworksWestbase.io
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 
Aruba Rightsizing Your Network
Aruba Rightsizing Your NetworkAruba Rightsizing Your Network
Aruba Rightsizing Your Networkhypknight
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affairGeorge Delikouras
 
Cloud computing
Cloud computingCloud computing
Cloud computingperfectican
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMUG IT
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...webhostingguy
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computingSweta Kumari Barnwal
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overviewhal2005
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan Holt
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationSchneider Electric
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYShivananda Rai
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overviewRifaHaryadi
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computingSweta Kumari Barnwal
 
G0314043
G0314043G0314043
G0314043iosrjournals
 
Cloud computings
Cloud computingsCloud computings
Cloud computingsGopal Jogdand
 
Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wstawill4468
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wstawill4468
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATIONwill4468
 

Mais conteúdo relacionado

Mais procurados

VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMUG IT
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...webhostingguy
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overviewhal2005
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan Holt
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationSchneider Electric
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYShivananda Rai
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Nadeem Khan
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overviewRifaHaryadi
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 

Mais procurados (18)

VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529
 
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
Server Virtualization and Cloud Computing: Four Hidden Impacts on ...
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computing
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
 
Nakina NOS Overview
Nakina NOS OverviewNakina NOS Overview
Nakina NOS Overview
 
Ryan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_PresentationRyan_Holt_MS_Thesis_Project_Presentation
Ryan_Holt_MS_Thesis_Project_Presentation
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startups
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building Automation
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITY
 
Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)Network Management System (Contact: info@exceleron-communications.com)
Network Management System (Contact: info@exceleron-communications.com)
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
 
Dimension data cloud_security_overview
Dimension data cloud_security_overviewDimension data cloud_security_overview
Dimension data cloud_security_overview
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computing
 
G0314043
G0314043G0314043
G0314043
 

Semelhante a Mohammed Al Mulla - Best practices to secure working environments

Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wstawill4468
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wstawill4468
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATIONwill4468
 
10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-ITIdan Hershkovich
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computingKumayl Rajani
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computingneirew J
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computingijccsa
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  dannyijwest
 
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...IIJSRJournal
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 

Semelhante a Mohammed Al Mulla - Best practices to secure working environments (20)

Cloud computings
Cloud computingsCloud computings
Cloud computings
 
Presentation Wsta
Presentation WstaPresentation Wsta
Presentation Wsta
 
Presentation wsta
Presentation wstaPresentation wsta
Presentation wsta
 
WSTA PRESENTATION
WSTA PRESENTATIONWSTA PRESENTATION
WSTA PRESENTATION
 
10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT10-ways-the-dissolving-perimeter-kills-IT
10-ways-the-dissolving-perimeter-kills-IT
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
 
Sdn primer pdf
Sdn primer pdfSdn primer pdf
Sdn primer pdf
 
cc.doc
cc.doccc.doc
cc.doc
 
Introduction to Cloud computing
Introduction to Cloud computingIntroduction to Cloud computing
Introduction to Cloud computing
 
Q&A: Why cloud-native apps are better?
Q&A: Why cloud-native apps are better?Q&A: Why cloud-native apps are better?
Q&A: Why cloud-native apps are better?
 
Cloud computing by Bhavesh
Cloud computing by BhaveshCloud computing by Bhavesh
Cloud computing by Bhavesh
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computing
 
Implementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud ComputingImplementation of the Open Source Virtualization Technologies in Cloud Computing
Implementation of the Open Source Virtualization Technologies in Cloud Computing
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 
Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  Ant colony Optimization: A Solution of Load balancing in Cloud  
Ant colony Optimization: A Solution of Load balancing in Cloud  
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
Methodologies for Enhancing Data Integrity and Security in Distributed Cloud ...
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Mais de nooralmousa

Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testingnooralmousa
 
Mr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsMr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsnooralmousa
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...nooralmousa
 
Mr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securityMr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securitynooralmousa
 
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...nooralmousa
 
Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.nooralmousa
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelnooralmousa
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsnooralmousa
 
Ahmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatAhmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatnooralmousa
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Pradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisoPradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisonooralmousa
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metricsnooralmousa
 
Khaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysKhaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysnooralmousa
 
Hisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudHisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudnooralmousa
 
Ghassan farra it security a cio perspective
Ghassan farra it security a cio perspectiveGhassan farra it security a cio perspective
Ghassan farra it security a cio perspectivenooralmousa
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudnooralmousa
 

Mais de nooralmousa (17)

Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
 
Mr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovationsMr. Bulent Teksoz - Security trends and innovations
Mr. Bulent Teksoz - Security trends and innovations
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
 
Mr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it securityMr. Khalid Shaikh - emerging trends in managing it security
Mr. Khalid Shaikh - emerging trends in managing it security
 
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...Mr. Andrey Belenko - secure password managers and military-grade encryption o...
Mr. Andrey Belenko - secure password managers and military-grade encryption o...
 
Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.Mr. Burhan Khalid - secure dev.
Mr. Burhan Khalid - secure dev.
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity model
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
 
Ahmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threatAhmed Al Barrak - Staff information security practices - a latent threat
Ahmed Al Barrak - Staff information security practices - a latent threat
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governance
 
Pradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for cisoPradeep menon how to influence people and win top management buy0in for ciso
Pradeep menon how to influence people and win top management buy0in for ciso
 
Nabil Malik - Security performance metrics
Nabil Malik - Security performance metricsNabil Malik - Security performance metrics
Nabil Malik - Security performance metrics
 
Khaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keysKhaled al amri using fingerprints as private and public keys
Khaled al amri using fingerprints as private and public keys
 
Hisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloudHisham Dalle - Zero client computing - taking the desktop into the cloud
Hisham Dalle - Zero client computing - taking the desktop into the cloud
 
Ghassan farra it security a cio perspective
Ghassan farra it security a cio perspectiveGhassan farra it security a cio perspective
Ghassan farra it security a cio perspective
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 

Último

Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 

Último (20)

Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 

Mohammed Al Mulla - Best practices to secure working environments

  • 1. Best Practices to Secure Working Environments Mohammed Almulla Kuwait University
  • 2. Executive Summary Recent changes in computing architecture from dedicated servers in datacenters to virtualization and Cloud Computing suggest that we rethink our IT security methodologies. The focus is on database security, as well as on securing most enterprise applications.
  • 3. Table of Contents Limitations of existing database security approaches. Security considerations when deploying virtualization. How distributed monitoring best fits virtual and Cloud Computing environments.
  • 4. Securing Information in Virtualization Many enterprises future plan is to move some applications to Cloud Computing. How does this affect their IT security methodologies?
  • 5. Recent Requirements Working environments are centered around two major technological requirements: Very High Performance Networks (VHPN) Complex applications.
  • 6. Market Response To meet these requirements, security companies introduced a range of network appliances. Network Appliances: machines positioned somewhere in the network, to inspect the traffic for either protocol violations, malicious code, viruses malware or spams.
  • 7.
  • 8. Winning the Battle In this era, solutions that depend on host-based software are neglected. Network-based IDS and IPS won the battle against host-based solutions. The concept of simply placing an appliance in a rack and attaching it to a switch is very attractive, especially when resources available for security are limited.
  • 9. Recent Trend Today, many distributed applications have been leading to the adoption of host-based solutions, in conjunction with network appliances, specially when the enterprises are concerned with insider transactions.
  • 10. Network-based Isn’t Enough The new databases are dynamically appearing in new locations. Question1: Will the network appliance approach be relevant when many transactions will not make it to the network Question2: Is the network monitoring approach efficient when the application network moves from LAN to WAN.
  • 11. Before & After Previously, databases were not monitored or protected. Now monitoring DBs must cover local and intra-db attacks. Because of database breaches, customers are now investing time and effort in securing their databases.
  • 12. Today’s Solutions Recently, appliance vendors have added local agents to their solutions, making many of today’s network-based solutions a hybrid of network appliance and host-based solution.
  • 13. Solution Analysis The hybrid approach is not ideal, but as long as most applications run on the network in plain sight of the appliance, some enterprises were willing to accept the risks.
  • 14. Disadvantages These hybrid solutions introduce complex implementation requirements such as kernel-level installation of the agent, for example, requiring reboots to the DB server. They still miss the sophisticated attacks generated from within the database itself. They also fail to address several technical challenges when implemented in either a virtual environments, or in the cloud.
  • 15.
  • 16. In such a case, there is little or no network traffic as the transactions between the application and the database occur from VM-to-VM within the server.
  • 17.
  • 18. Challenge #2 – The Dynamic System Environments If virtual security appliances are not ideal solutions for virtual machines, they are even less applicable in cloud-based applications, where networks are dynamic.
  • 19. Solution The only solution that works in all environments, including Cloud environment is a solution that is based on sensors that run side by side with the database on every machine that hosts one database or more.
  • 20.
  • 21. Cloud Computing prevents you from co-locating a server close to your databases – you simply won’t know where they are.
  • 22.
  • 23. For Cloud Computing, make sure that the system supports wide area network (WAN) topologies.
  • 24.
  • 25. The Ultimate Challenge The challenge is to create host-based solutions that do not suffer the same drawbacks that made old host-based solutions irrelevant namely: Intrusive implementations, Performance issues Quickly adapt to new and volatile environments.
  • 26. Next-generation Solutions Next generation solutions must be lightweight, easily added to the virtual machine where needed, and installed in parallel to the first database that is installed on a machine.
  • 27. Promoting Stability Adding a layer of security does not require changes in architecture and does not rely on the virtualization technology in use.
  • 28.
  • 29. They realized that the complexity of ensuring adequate data security is an obstacle.
  • 30. But, the movement towards these technologies is inevitable.
  • 31.