Upload File

leveraging host -based security for your cloud journey · | #cloudsec leveraging host -based...

  • Home
  • Documents
  • Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. [email protected]
44

Upload: others

Post on 22-May-2020

19 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com
Page 2: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

www.cloudsec.com | #CLOUDSEC

Leveraging Host-Based Security for your Cloud JourneyPaul HidalgoTrend [email protected]

Page 3: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.3

Evolution of IT Cloud

PhysicalServers

PublicCloud

Virtual Servers

Virtual Desktops Hybrid Environments

Page 4: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.4

Shared Responsibility: BeforeYou

Physical

Infrastructure

Network

Virtualization

Operating System

Applications

Data

Service Configuration

Page 5: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.5

Shared Responsibility: AfterAWS

Physical

Infrastructure

Network

Virtualization

You

Operating System

Applications

Data

Service Configuration

Page 6: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Network-Based Defense

Page 7: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.7

Standard

Page 8: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.8

Network IPS Architecture

Page 9: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.9

Network Based Security is Great

• It can be really expensive in the beginning of operations

• Throughput is capped by appliance

• Network Re-Configuration is required

Page 10: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Why Host-based Security

Page 11: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.11

Standard

Page 12: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.12

Host Based Protection

Page 13: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.13

East-West Traffic80% of Network Traffic is East-West

Page 14: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.14

East-West Traffic

Page 15: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.15

East-West Traffic

Page 16: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Security During Operations

Page 17: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.17

Auto-Scale without a Worry

• Automated Provisioning, Policy assignment and Cleanup

• Network throughput will depend on Instance Network Performance

• Integration with Cloud Management tools

Page 18: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.18

Context-based Security

• Get an accurate Security Rules based on OS and application

• Increase Performance by reducing unnecessary rules

• Leave the Policy creation to the experts

Page 19: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.19

Virtual Patching

Average time to Patch176 Days

RecommendationUse instance Replacement

when patching

Plan ProperlyBuy Time to

resolve issues when patching

Page 20: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.20

How does Virtual Patching Work

Page 21: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.21

How does Virtual Patching Work

Page 22: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.22

How does Virtual Patching Work

Page 23: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.23

How does Virtual Patching Work

Page 24: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.24

How does Virtual Patching Work

Page 25: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.25

Prevent Ransomware

C&C Traffic DetectionDetect and alert on ransomware-specific command & control traffic

Vulnerability ShieldingVirtually patches server software until it can be patched, shielding servers against vulnerability exploits

Suspicious Action MonitoringDetect suspicious activity on file servers related to ransomware and stops it

Malware ScanningScan for malicious software and stop it

Stop ransomware from impacting your most critical data on your servers, whether physical, virtual or in the cloud.

Page 26: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.26

Get the complete picture• Pick up Important security

Alerts• Registry Changes• Brute Force Alerts• Configuration File Changes• Login Issues

• Comprehensive audit trail fore the entire entire infrastructure

CloudTrail& AWS Config

Security Tools

Page 27: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

The ProductDeep Security

Page 28: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Regulatory compliance & Auditing

Zero-day vulnerability(Heartbleed & Shellshock)

Web Application Vulnerabilities

(OWASP Top 10, SQL Injections, XSS, )

Denial of Service & Network Attacks

Malware Protection Harmful External Servers

Page 29: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Log Protection and File Integrity Monitoring

Virtual Patching Intrusion Prevention Host Firewall

Anti Malware Web Reputation

Page 30: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.30

How it Works

Page 31: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Why NotCommon Objections

Page 32: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.32

Integration

AWSConfig

Amazon Inspector

AWS WAF AmazonSNS

AWSLambda

AWS CodeDeploy

AWSCloudFormation

Auto Scaling

AWS Elastic Beanstalk

AWSOpsWorks

https://github.com/deep-security

Page 33: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.33

Can affect Instance performanceRecommendation Scan• Scan OS and Applications for:

• Intrusion Prevention• File Integrity Monitoring• Log Inspection

• Automate• Scanning• Application of Rules

Page 34: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.34

Is it a WAF?• Same IP and Heuristic

Based blocking• Except DDOS• But with Layer 1-7

Works with AWS WAF• XSS / SQLi Rules• IP Lists

Page 35: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Copyright 2016 Trend Micro Inc.35

It’s Expensive

Page 36: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

1c/hrmicro,small,

medium

3c/hrlarge

6c/hrxlarge and above

Available on AWS Marketplace

400 /year

any size

*Per Instance

Page 37: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Change your thinking

Page 38: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Be a DevSecOps Company• Gain more visibility inside EC2

Instances without instance access

• Enforce Security Baseline to within your company

• Integrate security in your SDLC• Reduce tools needed to secure

your environment

Page 39: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Design a workload-centric security architecture

Page 40: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Patch Zero Day without restarts

Page 41: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Automate Security, Not Bolt In

Page 42: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Improve visibility of AWS and hybrid environments

Page 43: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Gartner Best Practices

Best Practices for Securing Workloads in Amazon Web Services

http://bit.ly/1pxaFTL

Page 44: Leveraging Host -Based Security for your Cloud Journey · | #CLOUDSEC Leveraging Host -Based Security for your Cloud Journey Paul Hidalgo Trend Micro. paul_hidalgo@trendmicro.com

Paul Hidalgo@peeweeh+65 98368252


LEVERAGING NIBP

Leveraging Road Safety Through Bloomberg …pubdocs.worldbank.org/en/445721534530430577/GRSF...Summer 2018 – No. 1 Host˜d B˚ THE INTERNATIONAL DONOR˜FUNDED PARTNERSHIP MAXIMIZING

Now iOS has been compromised to Suspected Ransomware · [email protected], [email protected] . 1.Abstract . As we all know, WannayCry has caused terrible disturbance

DEMAND GENERATION CAMPAIGNS - Business Reporter · Lead Generation Campaigns: Leveraging both our global business audience and partnership network, we can host your own gated content

YOUR HOST!YOUR HOST!YOUR HOST!YOUR HOST! HOSTSHOSTSHOSTSHOSTS NAMENAMENAMENAME

Leveraging Substantive Consolidation, Piercing the …media.straffordpub.com/products/leveraging-substantive... · Leveraging Substantive Consolidation, Piercing the Veil, and Alter

Leveraging PowerPivot

Accelerate and Strengthen Your Impact - Leveraging Impactrleeconsulting.com/.../Leveraging-Impact-Overview.pdf · Leveraging Impact TM Accelerate and Strengthen Your Impact Leveraging

Brand leveraging

Strategic Leveraging

Leveraging Complexity

LEVERAGING A MEGA-EVENT WHEN NOT THE HOST ......LEVERAGING A MEGA-EVENT WHEN NOT THE HOST CITY 1 Chapter 1 INTRODUCTION Around the world today, sport is viewed to be a valuable instrument

Leveraging GoSeeOregon.com

Host Name Resolution. Overview Name resolution Name resolution Addressing a host Addressing a host Host names Host names Host name resolution Host name

InterScan Messaging Security Solutions Filip Demianiuk Technical Channel Manager Poland & Baltic Countries [email protected]

Leveraging Amazon Web Services to Host MSDN Licenses

Wirksamer Schutz für virtuelle, physische und cloud-basierte …...Wirksamer Schutz für virtuelle, physische und cloud-basierte IT-Umgebungen [email protected] Dipl.-Inform.,

Leveraging Video

Host specificity, host specialization and host jump of

Leveraging Technology

Kamal Sharma – Technical Consultant [email protected]

RESEARCH HIGHLIGHTS Leveraging DevSecOps to Secure Cloud ... · Fundamental changes to application architectures and the infrastructure platforms that host them is antiquating existing

Leveraging the Trademark Clearinghouse: Protecting …media.straffordpub.com/products/leveraging-the-trademark... · Leveraging the Trademark Clearinghouse: Protecting Marks Under

Matt Hubbard Regional Product Marketing [email protected] Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud With a Smart Protection

Leveraging Technology.Final

Leveraging social media - DrugInfo seminar - Leveraging social media

 · (zonealarm.com), Panda Software (pandasoftware.com), Symantec (symantec.com) or Trend Micro (trendmicro.com).You may need ad hoc scanners like Lavasoft Ad- Aware (lavasoft.com)

Leveraging LinkedIn

5 InternalInvestigations · 2014-09-03 · [email protected] • Confidentiality during the investigatory interview – Requiring confidentiality vs employees’ “right”

Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant [email protected] Classification 8/27/2015 1

Matt Hubbard Regional Product Marketing [email protected] Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud Confidential | Copyright

Abel Leveraging

Leveraging Paraguay’s Hydropower for Sustainable Economic ...ccsi.columbia.edu/.../Leveraging-Paraguays...CCSI.pdf · Leveraging Paraguay’s Hydropower for Sustainable Economic

Leveraging information

Microservice Networking Leveraging VRF on the Host · Docker network = none Networking for container “manually” created after start /32 route added to VRF in host /32 addresss