ApplicationProtectionFramework
Natthapon Thepchalerm (Por)Product Manager – Exclusive Networks
Lift & Shift• Enabling the move from
existing methodology and topology
• On-premises VMs move to AWS EC2 or Azure VMs
• IaaS
“Hybrid” Cloud Services• Supporting clients as they seek
agility & operational efficiencies• PaaS• RDS, Azure SQL• APIs, containers, micro services• Embracing DevOps
Cloud-native• Offering developer-focused
functionality• Automation-first• Self-service, low touch
We All Are Going
22
Situation At-A-Glance
1%
of organizations report
that they will not be
adopting cloud over
the next two years.
- eWEEK
13%
The mean number of
applications in use
today at an organization is
expected to increase over
13% the next two years.
- DATALINK
Situation At-A-Glance
18%
The number of
cyber attacks across the world
increased by 18% year
on year.
- SONICWALL
#1 Challenge
Keeping up with the volume
of security alerts.
- ESG Research
Most of your software isn’t yours
Operating Systems
Containers
Virtual Machines
Application Runtimes
Application Servers
Databases
Open Source Components
Methods Waterfall Agile DevOps
Architecture Monolithic Tiers Microservices
Servers Physical Virtual Containers
Infrastructure Datacenter Hosted Cloud
Software is getting more complex
Impact of Changing
Proprietary and confidential. Do not distribute.7
54%
of security alerts
are ignored1
21%
of cloud budgets
are spent on
hybrid technologies2
1/3of website visitors
are bad bots3
58%
of organizations
that use one cloud
provider plan to
expand to multiple
cloud platforms4
70%
of CISOs’ #1
concern in 2018:
Lack of competent
in-house staff5
Free up Time and Resources
Secure CriticalApplications
Act on Critical Insights
Manage Multiple Environments
Have SecurityConfidence
1. Security Operations Challenges, Priorities, and Strategies, ESG, 2017
2. Hybrid Cloud: Where the Mountains Touch the Clouds, Citi Research, 2018
3. Imperva Bot Traffic Report, 2017
4. Why It's a Mistake to Rely on Cloud Providers for All Data Protection, 2017
5. What CiSOs Worry About in 2018, Ponemon Institute, January 2018
8 Proprietary and confidential. Do not distribute.
Application Security: The Risk Compromise
Framework
9 Proprietary and confidential. Do not distribute.
AWS / Azure / GCP
Co-location / ISP
Own Data Center
Thai / Global / China
LocationTypeVisitor
Internal / External
Human / Robot
UI / API
New / Old Service
Traditional / DevOp
Linear / Spike
Staff
Depth / Utilities
Resource
10
Imperva Vision for Application Security
Where What How
Context-Aware, Centrally-Managed, API First
WAF, RASP, APIs, Anti-Bot
DDoS & Secure CDN
Actionable Insights
Leading Research Team
AI Layer with Actionable Insights
Network of Nano Security Sensorsby Imperva and 3rd party
As a Service,at the Edge
In the App
On-Premises
Imperva’s 3-Year Outlook
Connecting Apps with Data and User Behavior
Framework
11 Proprietary and confidential. Do not distribute.
AWS / Azure / GCP
Co-location / ISP
Own Data Center
Thai / Global / China
LocationTypeVisitor
Internal / External
Human / Robot
UI / API
New / Old Service
Traditional / DevOp
Linear / Spike
Staff Just Me
Depth / Utilities
Resource
Cloud Application Security + API Security + LB and GSLB
+ Analytics
Use Case 1
Thai website - Immediately Save Cost and Expanding Business.
AWS CloudFront data transfer rate/cost is very high compare to visitor number.
No promotion but spike.
Have promotion went down.
Auto scaling group is not allowed due to uncontrollable cost.
Complaint on social media.
Put a cloud web security in front of AWS.
20% from Thailand.
80% is bot.
Under DDoS attack.
Attack to /api/v2/query-page/
80% catchable by CDN.
Automate response if something wrong.
Via single real-time dashboard.
12 Proprietary and confidential. Do not distribute.
IMPERVA’S CLOUD SECURITY PLATFORM
13 Proprietary and confidential. Do not distribute.
BANGKOK
Use Case 1
80.4% is Bot traffic
14 Proprietary and confidential. Do not distribute.
Use Case 1
Threats to Website
15 Proprietary and confidential. Do not distribute.
Use Case 1
16 Proprietary and confidential. Do not distribute.
CPU 60% Saved!
Packet 10 times Saved!
Use Case 1
Save Bandwidth
17 Proprietary and confidential. Do not distribute.
From 30 GB/DayTo 1 GB/Day
On-Prem Hybrid Cloud
DATA APIs
APPs
Outside theOrganization
ExternalPartners
Customers
Contractors
Bad bots
Hackers
Inside theOrganization
Trusted
InternalPartners
Malicious
Careless
Compromised
App & Data Security
WAF (Cloud and On-
Prem)
RASP
CDN & LB
DDoS
Bot Protection
API Security
App & Data Security
WAF On-Prem
RASP
DAM/DBF
*API Security
Machine Learning & Analytics
Machine Learning& Analytics
SIEM
*Internal API Security is planned for 2020
Broad Security Defense
18
Streamline Application Security Framework
App Security + Delivery
- Cloud-WAF- DDoS- Bot Management - Secure CDN- Load Balancer- Analytics
EDGE
Advanced
WAF
- Industry Leading WAF
NETWORK
RASP + API SECURITY
- App Protect Itself- East-West Scale- Secure API
APPs/APIs
Data Security
and Compliance
- Relational DB- Big Data- Mainframe- Insider Threat- GDPR, SOX, PCI
DATA
19
The Best WAF, DDoS, BOT and RASPA
bili
ty to
Execute
Completeness of
Vision
RUUT Data Flow
21 Proprietary and confidential. Do not distribute.
Unleashing Visibility
Edge Application Data Insights
Human using device k5x1g9m34orunning MobileAppfrom 43.23.1.4which is a Tor exit node…
…logged in with user Cornelius ran ‘SELECT * from
customers_data’ and which returned 10m
records…
…Cornelius has never accessed this before, other users
normally access 100 records
…that are sensitive
business data and are PCI-regulated…
HTTP Headers SQL Queries Logs
Key Consider
Cloud First
On-prem still required
Quick
Automation
Ai + Machine Learning
Response
Micro-protection
Low-touch
Confident
3 years outlook
Vision and TCO
Investment
22 Proprietary and confidential. Do not distribute.
Thank You
23 Proprietary and confidential. Do not distribute.