Upload
others
View
19
Download
0
Embed Size (px)
Citation preview
QUALYS SECURITY CONFERENCE 2020
Securing Cloud & Container Securing Cloud & Container Workloads
Badri RaghunathanDirector, Product Management, Qualys, Inc.
Security Challenges in the Cloud
Lack of visibility or control on cloud resources
Misconfiguration of cloud services
Multi cloud environment magnifies security challenges
Lack of a unified security toolset/controls for on-prem & cloud workloads
February 25, 2020Qualys Security Conference San Francisco2
Cloud Workload Security with Qualys
4
!""#
$""#
Vulnerability Management% Vulnerability Management
(Internal & Perimeter)% Threat Protection% Indicators of Compromise% Patch Management
Policy Compliance% Policy Compliance (incl. Secure
Configuration Assessment)% File Integrity Monitoring
Application Security% Web Application Scanning
(WebApps and REST APIs)% Web Application Firewall% API Security*
* Upcoming feature
February 25, 2020Qualys Security Conference San Francisco
Rich Visibility with CloudViewVisibility into your cloud resources
Identify public facing/perimeter resources
Resource usage by regions/accounts.
View associations to identify the blast radius
February 25, 2020Qualys Security Conference San Francisco5
Compliance AssessmentIdentify misconfigured resources
Detect resources that are non-compliant against standards such as CIS Benchmark
Identify top failed controls/account for prioritizing the remediation efforts
February 25, 2020Qualys Security Conference San Francisco6
Correlate with Vulnerability Data
Identify vulnerable instances with public IP and associated with the misconfigured security groups
Use vulnerability information for cloud instances to prioritize threats better
February 25, 2020Qualys Security Conference San Francisco7
Serverless Visibility
Serverless Visibility –Inventory support for AWS Lambda functions
Best practices policy for identifying misconfigurations
!"#
February 25, 2020Qualys Security Conference San Francisco8
Built-in Security with Cloud Providers
Send findings into Azure, AWS, GCP Security Hubs
Access & investigate findings from within the Cloud Provider Security console
Native integration of vulnerability assessment of hosts, containers (MSFT Azure - Powered by Qualys) !"#$%&'()*+&',-.#/'0-1#"$1&+'23"11$14'56-7&+&8'9:';*"<:.=
!"#
February 25, 2020Qualys Security Conference San Francisco9
Visibility into Container Infrastructure
Inventory for all your container infrastructure (Included with VMDR)
Visibility into containers via Scanner, Cloud Agent, Container Sensor
Tracking DockerHub official images
Upgrade for security across DevOps pipeline
!"#
February 25, 2020Qualys Security Conference San Francisco11
Correlating with Vulnerability Data
Search based on all attributes
% Image info% Registry info% Containers
for this image
% Vulnerability posture?
% Easy drill down for complete inventory
February 25, 2020Qualys Security Conference San Francisco12
Detecting Runtime Drift
February 25, 2020Qualys Security Conference San Francisco13
Identify potential breaches in containers
“Drift” Containers, differ from their parent Images by vulnerability, software package composition,
behavior, etc
Detection, Response for Containers
Breach
!"#$%&'()*+",(-##*.'+($"%&%'()*+,+-./'#012)&0/3
-//(0123"&*4525#5"+$"%&%'4567-8'9223
67(7".1&5#8(9%2"+$"%&%':0;-'<)5/3
:3,5.*#%&+(%;(<%=/&%=5+"
$0%&%'=+*0>'!06?-;@'9,6+A+65'06,3
;*"<:.'<":&+'>-+'0-1#"$1&+'?*1#$@&'
2&3*+$#:
February 25, 2020Qualys Security Conference San Francisco14
Container Runtime Security
Integrated into Qualys Platform
Function level firewall for containers
Granular security policies to control file, network, process behavior
Built-in policies from Qualys Threat Research
February 25, 2020Qualys Security Conference San Francisco15
Docker Engine
Host
Co
ntainer
Co
ntainer
Co
ntainer
Co
ntainer
!"#
Towards Seamless Visibility
Across application stack (Hosts, Kubernetes Pods, Containers, Serverless)
Correlate cloud inventory data with containers
February 25, 2020Qualys Security Conference San Francisco19
BC'D.,@06>'B0,.;+65'E;-.2>'!06?-;@'B0,.;+65'E;-.2>'B6-;)&0'D*-1/>'F-)G'D)*)8,0;/>'=+;0?)**'H.*0/
<2%1,(:3;&*+#&1.#1&"
:**7 >**7 7**7
H<B>'9I.;0'BJF'<)6)1)/0>'"*)/6+,'D0)8'B6)*@>'K-86)+80;/
E--&*0'B.+60>'LMM+,0'CNO
B))B'B0,.;+65'$9)G5)3
"KP'Q8/6)8,0>'9I.;0'R(>'EK4'Q8/6)8,0
Securing Your Cloud Deployments
February 25, 2020Qualys Security Conference San Francisco20
PC VM FIM
IOC
TP WASPM WAF
PC WAS WAFCS
CI CSA