SERGIO LOUREIRO, PhD, CEO and Founder
SEOUL- JULY 5TH, 2017
VULNERABILITY AND WORKLOAD
PROTECTION IN THE CLOUD ERA
SECURING ENTERPRISES MIGRATION TO THE CLOUD
• Founding member of the Cloud Security Alliance and co-author of the first guidelines in 2009
• Mission is to automate elimination of low hanging fruit to hackers
• 2 patents and multiple technologic awards
• Pioneer of the Cloud Workload Security Market in 2011
• First deep security analysis of Amazon EC2 in 2011
• First product on the AWS marketplace in 2012
WORLDWIDE SELECTED REFERENCES
Copyright 2017
RECOGNIZED EXPERTISE BY MULTIPLE AWARDS
Copyright 2017
MAJOR TECHNOLOGICAL PARTNERSHIPS
Copyright 2017
WHY CYBERSECURITY IS A MUST?
Copyright 2017
Are you ready to loose 700 000€?
38% of compromised companies closed
In France 20 000 attacks in 2017
(+51% than in 2015)
1st cause: 53% of successful
attacks exploit vulnerabilities
Firewalls and AV are not enough
Manage your vulnerabilities too!
VULNERABILITY MANAGEMENT: A NIGHTMARE?
Copyright 2017
Time for:
- Collecting
- Detecting
- Analyzing
- Fixing
Sources?
- Many technologies
- Many Patches
- Many Best practices
- Constant evolution
Obstacles:
- Human Errors
- Hackers are faster
- Lack of expertise
- Lack of budget
- Lack of time
Audits:
- Costly
- Compliance only
- One shot
- No guaranties
30 New vulnerabilities published everyday!!
ELASTIC DETECTOR DOES THE HEAVY LIFTING FOR YOU
• Collect: Real time Automated inventory of servers and software
• Verify: Exposure to cyberattacks continuously
• Mitigate: Insights to the right people
• Optimize TCO
• Optimize the time of resources
• Automate to avoid human errors
• Reduce compliance costs
• Get budget buy-in by the C-Suite
New servers
Changes on IT
Shadow IT
Dormant
New vulns
New attacks
New practices
Action plans
Reporting for
CIO/CSO/CEO
ROI after 1 month
Reduce Risk /2
ELASTIC DETECTOR: NEXT GENERATION SCANNER
FOCUSING ON OPERATIONAL RISK (NOT VULNS)
• C-level risk analytics
• Operational risk for CISO and CIO
• Priorities and remediation solutions for the IT team
• Immediate alerts if critical
• Giving visibility and service value to customers
Copyright 2017
MORE: CLOUD ADOPTION IS RISING FAST
NEW SHARED RESPONSIBILITY IN IAAS
Copyright 2017
Infrastructure Services
Compute DatabaseNetworkStorage
Enterprises
Network
Security
Network
Security
Identity &
Access Control
Identity &
Access Control
Inventory &
Configuration
Inventory &
Configuration
Data
Encryption
Data
Encryption
Data, Applications and WorkloadsData, Applications and Workloads
Cloud
Provider
CONFIDENTIAL DATA FOUND ON 22% OF SERVERS
Source: Gartner Market Guide Cloud Workload Protection Platform 2016
SECURITY AUTOMATION IS MANDATORY FOR DEVOPS
• Auto-Discovery by API
• Auto-Diagnostic launched since server boot, zero configuration
• Agentless
• Autonomous
• Adapts to DevOps agile methodology
Copyright 2017
CLONE&SCAN TECHNOLOGY AKA THE CLONE WARS
• No risk or impact on production applications
• Deepest diagnostic and risk analysis
• Elastic Detector can see stopped servers and work on images
• Clone stays on enterprise premises
• 1 server instance for 1 hour costs cents
Copyright 2017
CLOUD, HYBRID, DOCKER AND HADOOP
• Major hypervisors and clouds supported
• Security Best Practices implemented (CIS, OWASP, PCI-DSS)
• Support of AWS, Azure, GCE, Vmware, Openstack, Docker…
• Works on legacy networks and with physical servers as well
• Best Practices for Hadoop and Big Data Use cases
Copyright 2017
NEW REVENUES AND OPPORTUNITIES FOR PARTNERS
• New Security Services
• Audit and assessments
• Outsourcing and managed services
• Cloud workload protection
• Subscription
• Upsell remediation and consulting services
• Technologic differentiator in a fast growing market
• Integration within a broader offer of SOC (Security Operations Center)
MAJOR INNOVATIONS BROUGHT TO MARKET
• Automation in cloud infrastructures (US and European Patent)
• Key Risk Indicators
• Clone&Scan Technology (Patent pending)
• Pioneer in the security of Cloud IaaS, Docker and Hadoop
Copyright 2017
https://secludit.com
Twitter @SecludIT
Try now at https://elastic-detector.secludit.com
THANK YOU!