Upload
riverbed-technology
View
1.988
Download
2
Embed Size (px)
DESCRIPTION
The dramatic growth of online business along with the rise of cloud technologies has been accompanied by a burst of innovative ways to engage customers and drive new business models. It has also brought new security challenges as more customers and transactions are processed through online portals. The focus of IT security is increasingly moving away from the network and IT infrastructure to the application and software architecture itself, which means IT organizations need to adapt to new security challenges.
Citation preview
www.riverbed.com ©2013 Riverbed Technology
Securing Cloud Applications with a
Distributed Web Application Firewall
Primary Target of Attack Shifting from Networks and Infrastructure to Applications
©2013 Riverbed Technology | www.riverbed.com
NETWORKS INFRASTRUCTURE APPLICATIONS
Cloud Applications Are Exposed to New Threats
©2013 Riverbed Technology | www.riverbed.com
Designing for dramatically larger number of users shifts
focus towards performance and away from security
Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities
Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud
Cloud
There is a Real Cost of Not Securing Applications
©2013 Riverbed Technology | www.riverbed.com
3 Months offline
$10,000,000 fined for
security breach
500,000 replacement credit
cards issued
40,000,000+ credit card details
lost
$94,000,000 in remediation
costs
Global headlines. Real business impact.
Beyond $$: Other Business Drivers for Application Security
©2013 Riverbed Technology | www.riverbed.com
Compliance
Revenue & Reputation
Best Practices
! Regulatory Pressures
! PCI DSS, HIPAA, etc.
! Data Privacy Act
! Opportunity cost of remediation
! Brand and reputation damage
! Loss of income
! Security Governance
! Cross-business collaboration
! Delegation of responsibility ! Understand changing risk
profiles of your application ! Due Diligence
Changing Risk Profiles Make it Harder to Secure Cloud Applications
©2013 Riverbed Technology | www.riverbed.com
For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/
Cross-site scripting (XSS)
Malicious requests (e.g. SQL-injection)
Vulnerable third-party software components
Cross-site request forgery (CSRF)
Authentication and session attacks
URL manipulation
Traditional Web Application Firewalls are Not Effective in Cloud Environments
©2013 Riverbed Technology | www.riverbed.com
Increased capital costs
Decreased provisioning agility in a dynamic, virtualized environment
Increased management costs without levels of delegation for administration
TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment
A Distributed Web Application Firewall Purpose-built for Cloud Security
REQUIRED:
The Web Application Firewall Must be Massively Scalable & Portable
©2013 Riverbed Technology | www.riverbed.com
! Across CPU, computer, server rack and data center boundaries
! Across multiple applications at a time (e.g. cloud bursting)
! Available as virtual appliance and a plug-in
! Start small, but allow scale up without changes to security solution
! Across private, hybrid or public clouds, and small or large traditional data centers
Public Private
Data Center
Local Machine
Available as virtual appliance
and a plug-in
Can live in a wide variety of components effectively
Flexible, Portable Across Platforms
©2013 Riverbed Technology | www.riverbed.com
Mixes traditional and virtual technologies
Fits into existing infrastructures and processes
Distributed and Delegated Management
©2013 Riverbed Technology | www.riverbed.com
Public Private
Easy, central management with a simple web-based management UI
Granular configuration settings for each application and each customer
Fits into any – existing or planned – application delivery infrastructure.
Multi administrator privileges to handle diverse security policy schemes
1 2 3 4
Proactive Monitoring – tuned for each application
Securing Cloud Applications with a Distributed Web Application Firewall
www.riverbed.com©2013 ©2013 Riverbed Technology
Follow Us :
Download the Complete Whitepaper from www.riverbed.com/s2ngray-‐appsec