02. Plenair Tom Welling Dharminder Debisarun

Transcription

02. Plenair Tom Welling Dharminder Debisarun
6/24/2016
Dharminder Debisarun
Cloud Security Lead EMEA
Tom Welling
Pre-Sales Global Accounts
Legal disclaimer
Please do not rely on this information as I am a cyber security
practitioner and NOT a legal expert…..otherwise this disclaimer
would be longer with many words I would struggle
to pronounce correctly….
1
6/24/2016
Tectonic shifts create the perfect storm
SaaS
Social + consumerization
Mobility + BYOD
Cloud + virtualization
Datacenter Evolution
Software as a Service
Public Cloud
•
Shift to dynamic, scalable, selfprovisioned compute infrastructure
•
Eliminate compute silos and restrictions
of where a workload can run
•
Using off-the-shelf SaaS applications
Private Cloud
2
6/24/2016
Extending Security into the Cloud
Wildfire
Aperture
Software as a Service
Private Cloud
Public Cloud
•
Shift to dynamic, scalable, selfprovisioned compute infrastructure
•
Eliminate compute silos and restrictions
of where a workload can run
•
Using off-the-shelf SaaS applications
•
Extending Security into the Cloud
Wildfire Analysis = Data Processing
Stage I
Suspicious files
collected by all
security platforms
Stage II
Filter Benign
Known files
Trusted sources
Stage III
Static analysis of PDF,
Microsoft Office, Java and
Android APKs
Embedded files
Stage IV
Dynamic analysis
Analysis with execution
Network traffic
…
…
Embedded code
File activity
Anomalies in structure
Process & services activity
Submission policy is
configurable.
Embedded shell-code
Registry changes
Submitted samples may include
PII data.
Scale analysis without
execution
Filter out known good
Hybrid or on-premise analysis
when required.
Discover unknown threats
based on malicious behaviors
Develop protections for all
customers worldwide
3
6/24/2016
Wildfire Metadata
Security: A Shared Responsibility
Customer content
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Encryption Key
Management
Client & Server
Encryption
Network Traffic
Protection
Cloud Infrastructure & Services
Compute
Storage
Database
Customers are
responsible for their
security IN the cloud
Networking
Cloud provider looks
after security OF the
cloud
4
6/24/2016
Relevant (Legal) Developments
•
Introduction of new legislation in the EU that will increase the burden on
companies (GDPR, NIS);
•
•
What will be the effect on cloud deals? Will legislation slow down technological
developments?
A growing divide between the EU and US on data privacy/data protection;
•
Will this make it more difficult for US companies to operate in the EU?
THANK YOU!
ddebisarun@paloaltonetworks.com
+31 (0) 6 57 34 85 94
twelling@paloaltonetworks.com
+31(0) 6 22 56 02 34
10 | © 2016, Palo Alto Networks. Confidential and Proprietary.
5