Upload
ca-technologies
View
17
Download
3
Embed Size (px)
Citation preview
Make Security a Competitive Advantage
Mordecai (Mo) Rosen
SECURITY
SECURITY
General Manager, SecurityCA Technologies
General ManagerCA Veracode
Sam King
2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Eliminate Barriers Between Ideas and Outcomes
CREATE AN AGILE BUSINESS
BUILD BETTER APPS FASTER
MAKE SECURITY A COMPETITIVE ADVANTAGE
MAXIMIZE APPLICATION PERFORMANCE
3 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
HOME AUTOMATION
PHYSICAL SECURITY
EHEALTH DEVICES
WEARABLES
SMART METERS
SHIPPING LOGISTICS
PROPERTY MANAGEMENT
ECOLOGY
FACTORY AUTOMATION
SMART PHONES
TABLETS
CAMERAS
PHONES
TELEVISIONS
AUTOMOBILES
THERMOSTATS
WWW
CHAT & IM
APISERVICES
CLOUDSERVICES
First a Brief History ofTHE EXPANDING DIGITAL EXPERIENCE
4 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
THE DIGITAL EXPERIENCE Is Between Users and Applications
HOME AUTOMATION
PHYSICAL SECURITY
EHEALTH DEVICES
WEARABLES
SMART METERS
SHIPPING LOGISTICS
PROPERTY MANAGEMENT
ECOLOGY
FACTORY AUTOMATION
SMART PHONES
TABLETS
CAMERAS
PHONES
TELEVISIONS
AUTOMOBILES
THERMOSTATS
WWW
CHAT & IM
APISERVICES
CLOUDSERVICES
5 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
MAKES EVERY COMPANY A SOFTWARE COMPANYAPPLICATIONEXPLOSION
CONSUMERIZEDIT
CONNECTEDENTERPRISESDIGITAL
MARKETPLACES
DIGITALWORKPLACES
CONNECTEDIOT
The Application Economy
6 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
The Application EconomyREQUIRES NEW THINKING ON SECURITY
FIREWALLIDS/IPS
WEB PROXYANTI-VIRUS
ANTI-MALWARE
100%INEFFECTIVE
USERS & APPSUNDER ATTACK
SHADOW IT30% Of all attacks will be in
shadow IT resources
APP DEFECTS90% Of breaches caused
by application defects
3RD PARTY RISK70% Of attacks targeted a
secondary source
IDENTITY FRAUD80% Of breaches used lost
stolen & weak credentials
CREDIT FRAUD42% Of all data stolen is
credit card data FireEye Study of 6 Months of Penetration Testing
7 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
A QUESTION OF TRUST
USERS
INTERACTIONS
APPLICATIONS
Security Becomes
8 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CA Security Strategy To SECURING THE APPLICATION ECONOMY
TRUSTEDUSERS &
APPLICATIONS
PREVENTATIVE DETECTION &RESPONSIVE
INSIGHT ANALYTICS &INTELLIGENCE
FRICTIONLESS SECURITY &EXPERIENCE
CORE PRINCIPLES
9 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
IDENTITY &ACCESS
APPLICATIONSECURITY
APISECRUITY
PAYMENTSECURITY
PRODUCT PORTFOLIO
CA Security Strategy To SECURING THE APPLICATION ECONOMY
10 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
LINES OF CODE SCANNED6 TRILLION
1400 CUSTOMERS 400KAPPLICATION SECURITY ADVISORY HOURS
35.5M SECURITY FLAWS FIXED
4X GARTNERMQ LEADER
24 LANGUAGES77 FRAMEWORKS
APPLICATIONSECURITY
CA VERACODE
11 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
EnsuringGREAT SOFTWARE IS SECURE SOFTWARE
EMPOWERDEVELOPERS TO SECURE CODE
INTEGRATED INTOCONTINUOUS DELIVERY
EARLY DETECTTO REDUCE COST
AUTOMATED TO REDUCE MTTR
12 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CODE\COMMIT BUILD
TEST
RELEASE OPERATE
SECURITY INTO CONTINUOUS DELIVERY
TEST TEST
DevSecOps
SECURE SOFTWARE DEVELOPENT
SECURITY ASSURANCE
OPERATIONAL APPLICATION SECURITY
Merging
13 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CODE\COMMIT BUILD
TEST
RELEASE OPERATE
SECURE SOFTWARE DEVELOPENT
SECURITY ASSURANCE
OPERATIONAL APPLICATION SECURITY
DevSecOps
TEST TEST
CA Veracode Greenlight CA Veracode Static Analysis
CA Veracode Web Application Scanning
CA Veracode Runtime Protection
CA Veracode Software Composition Analysis
CA Veracode Integrations, APIs
CA Veracode eLearning
14 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Securing Applications With NEXT GENERATION IDENTITY MANAGEMENT
80%of all data breaches exploit lost, stolen & weak credentials
HYBRIDCLOUD
DEVELOPERAPIs
BEHAVIORANALYTICS
15 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
API ENABLED
HIGH SCALE APPLIANCE
HYBRIDCLOUD
SECURE CONTINUOUSDELIVERY
PRIVILEGEDGOVERNANCE
Central Authentication
Credential Vault
Policy Enforcement
Role - Based Access
Federated Identity Session Recording
CA Privileged Access Manager
PROTECTING PRIVILEGED IDENTITY
16 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
ENABLINGAPP TO APPTRUST
User & App Authentication API
Mobile Authentication API
Secure Server Communications
Context BasedRisk Analysis
CA Rapid App Security
Risk Based Analytics
17 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
RISKANALYTICSWORKS
EMPIRICALLY
18 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Digital Payments Fraud
Directory
Identity Management
Privileged Access Management
Single Sign-‐on
Identity Governance
Risk Based Authentication
Orchestrating Identity & AccessEmployees &
Administrators
Customers & Partners
Internet of Things
Developers
Cloud Services
On Premise Apps
Mobile
Web
API
CA Security & Identity Management Portfolio
19 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CONTROLLING PRIVILEGED ACCESS
IN A WORLD ON TIME
20 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CONTROLLING PRIVILEGED ACCESS
IN A WORLD ON TIME
21 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CONTROLLING PRIVILEGED ACCESS
IN A WORLD ON TIME
22 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CONTROLLING PRIVILEGED ACCESS
IN A WORLD ON TIME
23 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CONTROLLING PRIVILEGED ACCESS
IN A WORLD ON TIME
24 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
APPLICATIONSECURITYTESTING
FRICTIONLESS
25 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
APPLICATIONSECURITYTESTING
FRICTIONLESS
26 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
APPLICATIONSECURITYTESTING
FRICTIONLESS
27 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
ARTHURWONG
Interview With
SVP & GMDXC Security
28 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
ARTHURWONG
Interview With
SVP & GMDXC Security
29 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
ARTHURWONG
Interview With
SVP & GMDXC Security
30 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
ARTHURWONG
Interview With
SVP & GMDXC Security
31 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
BREAKING BARRIERS AWARD
Mo AhddoudFirst UK critical infrastructure company running 100% in the cloud
Todd OxfordEnabled disaster recovery access to comply with FEMA first & second line response regulations
Mark MerkowIntegrating app security testing into SDLC for 500+ developer organization
32 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
BREAKING BARRIERS AWARD
Mo AhddoudFirst UK critical infrastructure company running 100% in the cloud
Todd OxfordEnabled disaster recovery access to comply with FEMA first & second line response regulations
Mark MerkowIntegrating app security testing into SDLC for 500+ developer organization
33 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
BREAKING BARRIERS AWARD
Mo AhddoudFirst UK critical infrastructure company running 100% in the cloud
Todd OxfordEnabled disaster recovery access to comply with FEMA first & second line response regulations
Mark MerkowIntegrating app security testing into SDLC for 500+ developer organization
34 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
BREAKING BARRIERS AWARD
Mo AhddoudFirst UK critical infrastructure company running 100% in the cloud
Todd OxfordEnabled disaster recovery access to comply with FEMA first & second line response regulations
Mark MerkowIntegrating app security testing into SDLC for 500+ developer organization
35 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CA World ’17
See the latest innovation in the demo area
Immerse in all of the customer case studies on stage
Meet with our product teams at the executive center
36 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Thank you.
Stay connected at communities.ca.com
& community.veracode.com
37 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Security and DevSecOps
For more information on Security,please visit: http://cainc.to/CAW17-Security
For more information on DevSecOps,please visit: http://cainc.to/CAW17-DevSecOps
For more information on Veracode,please visit: http://community.veracode.com