vulnerability and workload protection in the cloud era · 2018-09-11 · protection in the cloud...

SERGIO LOUREIRO, PhD, CEO and Founder

sergio@secludit.com

SEOUL- JULY 5TH, 2017

VULNERABILITY AND WORKLOAD

PROTECTION IN THE CLOUD ERA

SECURING ENTERPRISES MIGRATION TO THE CLOUD

• Founding member of the Cloud Security Alliance and co-author of the first guidelines in 2009

• Mission is to automate elimination of low hanging fruit to hackers

• 2 patents and multiple technologic awards

• Pioneer of the Cloud Workload Security Market in 2011

• First deep security analysis of Amazon EC2 in 2011

• First product on the AWS marketplace in 2012

WORLDWIDE SELECTED REFERENCES

Copyright 2017

RECOGNIZED EXPERTISE BY MULTIPLE AWARDS

Copyright 2017

MAJOR TECHNOLOGICAL PARTNERSHIPS

Copyright 2017

WHY CYBERSECURITY IS A MUST?

Copyright 2017

Are you ready to loose 700 000€?

38% of compromised companies closed

In France 20 000 attacks in 2017

(+51% than in 2015)

1st cause: 53% of successful

attacks exploit vulnerabilities

Firewalls and AV are not enough

Manage your vulnerabilities too!

VULNERABILITY MANAGEMENT: A NIGHTMARE?

Copyright 2017

Time for:

- Collecting

- Detecting

- Analyzing

- Fixing

Sources?

- Many technologies

- Many Patches

- Many Best practices

- Constant evolution

Obstacles:

- Human Errors

- Hackers are faster

- Lack of expertise

- Lack of budget

- Lack of time

Audits:

- Costly

- Compliance only

- One shot

- No guaranties

30 New vulnerabilities published everyday!!

ELASTIC DETECTOR DOES THE HEAVY LIFTING FOR YOU

• Collect: Real time Automated inventory of servers and software

• Verify: Exposure to cyberattacks continuously

• Mitigate: Insights to the right people

• Optimize TCO

• Optimize the time of resources

• Automate to avoid human errors

• Reduce compliance costs

• Get budget buy-in by the C-Suite

New servers

Changes on IT

Shadow IT

Dormant

New vulns

New attacks

New practices

Action plans

Reporting for

CIO/CSO/CEO

ROI after 1 month

Reduce Risk /2

ELASTIC DETECTOR: NEXT GENERATION SCANNER

FOCUSING ON OPERATIONAL RISK (NOT VULNS)

• C-level risk analytics

• Operational risk for CISO and CIO

• Priorities and remediation solutions for the IT team

• Immediate alerts if critical

• Giving visibility and service value to customers

Copyright 2017

MORE: CLOUD ADOPTION IS RISING FAST

NEW SHARED RESPONSIBILITY IN IAAS

Copyright 2017

Infrastructure Services

Compute DatabaseNetworkStorage

Enterprises

Network

Security

Network

Security

Identity &

Access Control

Identity &

Access Control

Inventory &

Configuration

Inventory &

Configuration

Data

Encryption

Data

Encryption

Data, Applications and WorkloadsData, Applications and Workloads

Cloud

Provider

CONFIDENTIAL DATA FOUND ON 22% OF SERVERS

Source: Gartner Market Guide Cloud Workload Protection Platform 2016

SECURITY AUTOMATION IS MANDATORY FOR DEVOPS

• Auto-Discovery by API

• Auto-Diagnostic launched since server boot, zero configuration

• Agentless

• Autonomous

• Adapts to DevOps agile methodology

Copyright 2017

CLONE&SCAN TECHNOLOGY AKA THE CLONE WARS

• No risk or impact on production applications

• Deepest diagnostic and risk analysis

• Elastic Detector can see stopped servers and work on images

• Clone stays on enterprise premises

• 1 server instance for 1 hour costs cents

Copyright 2017

CLOUD, HYBRID, DOCKER AND HADOOP

• Major hypervisors and clouds supported

• Security Best Practices implemented (CIS, OWASP, PCI-DSS)

• Support of AWS, Azure, GCE, Vmware, Openstack, Docker…

• Works on legacy networks and with physical servers as well

• Best Practices for Hadoop and Big Data Use cases

Copyright 2017

NEW REVENUES AND OPPORTUNITIES FOR PARTNERS

• New Security Services

• Audit and assessments

• Outsourcing and managed services

• Cloud workload protection

• Subscription

• Upsell remediation and consulting services

• Technologic differentiator in a fast growing market

• Integration within a broader offer of SOC (Security Operations Center)

MAJOR INNOVATIONS BROUGHT TO MARKET

• Automation in cloud infrastructures (US and European Patent)

• Key Risk Indicators

• Clone&Scan Technology (Patent pending)

• Pioneer in the security of Cloud IaaS, Docker and Hadoop

Copyright 2017

https://secludit.com

Twitter @SecludIT

Try now at https://elastic-detector.secludit.com

THANK YOU!