SlideShare a Scribd company logo

Cloud Security: What you need to know about IBM SmartCloud Security

IBM Security
IBM Security

Safeguarding the cloud with IBM Security solutions - Maintain visibility and control with proven security solutions for public, private and hybrid clouds.

1 of 39
Downloaded 144 times
ยฉ 2012 IBM Corporation IBM Security Systems SmartCloud Security Overview Gretchen Marx, Program Manager, Portfolio Strategy IBM Security Division
ยฉ 2013 IBM Corporation IBM Security Systems 2 Agenda ยง๏‚งโ€ฏ Cloud security landscape ยง๏‚งโ€ฏ IBM SmartCloud Security offerings ยง๏‚งโ€ฏ SmartCloud Security demo
ยฉ 2013 IBM Corporation IBM Security Systems 3 Cloud computing is hot and growing fast Rest of IT Rest of IT WW IT Spend ($B) Source: IBM Market Insights Cloud Phase 2 assessment, Feb 2011 What organizations like about cloud computing: ยง๏‚งโ€ฏ Elastic capacity โ€“โ€ฏ Resource can be elastically provisioned to quickly scale out and rapidly released to quickly scale in ยง๏‚งโ€ฏ Fast provisioning โ€“โ€ฏ Automated provisioning / deprovisioning of resources as needed ยง๏‚งโ€ฏ Self-service requests โ€“โ€ฏ User request services via a web portal ยง๏‚งโ€ฏ Low cost, pay-as-you-go โ€“โ€ฏ Users pay for what they use Cloud Non-Cloud Traditional IT 3% CAGR 25% CAGR
ยฉ 2013 IBM Corporation IBM Security Systems 4 The Cloud security market is growing PrivatePublic Cloud Security is estimated to be 10.6% of total security spending in 2013, growing to 13.9% in 2015 2013 โ€“ 2016 Worldwide Cloud Security Opportunity ($B) Worldwide Public and Private Cloud Security Product Share by Subcategory, 2011 19% 24% Source: IDC, December 2012
ยฉ 2013 IBM Corporation IBM Security Systems 5 Cloud environments present new challenges
ยฉ 2013 IBM Corporation IBM Security Systems 6 Security remains #1 inhibitor to broad scale cloud adoption Source: 2012 Cloud Computing โ€“ Key Trends and Future Effects โ€“ IDG
ยฉ 2013 IBM Corporation IBM Security Systems 7 Self-Service Highly Virtualized Location Independence Workload Automation Rapid Elasticity Standardization Cloud computing tests the limits of security operations and infrastructure People and Identity Application and Process Network, Server and Endpoint Data and Information Physical Infrastructure Governance, Risk and Compliance Security and Privacy Domains Multiple logins, onboarding issues Multi-tenancy, data separation Audit silos, compliance controls Provider controlled, lack of visibility Virtualization, network isolation External facing, quick provisioning To the Cloud In a cloud environment, access expands, responsibilities change, control shifts, and the speed of provisioning resources and applications increases - greatly affecting all aspects of IT security
ยฉ 2013 IBM Corporation IBM Security Systems 8 Cloud computing changes the way we think about security . Private cloud Public cloudHybrid IT โ€ขโ€ฏ High multi-tenancy and data separation โ€ขโ€ฏ Image management and compliance โ€ขโ€ฏ Security of the virtual / hypervisor layer โ€ขโ€ฏ Virtual network visibility โ€ขโ€ฏ Need for Service level agreements (SLAs) โ€ขโ€ฏ Provider responsibility for infrastructure โ€ขโ€ฏ Customization of security controls โ€ขโ€ฏ Visibility into day-to-day operations โ€ขโ€ฏ Access to logs and policies โ€ขโ€ฏ Applications and data are publically exposed Changes in Security and Privacy While security concerns are often shared across the different cloud models, the responsibility changes from consumer to provider which can present unique challenges
ยฉ 2013 IBM Corporation IBM Security Systems 9 Security is a crucial part of the IBM SmartCloud strategy Build Clouds securely โ€“ lBMโ€™s industry leading security solutions and professional services enable an integrated set of capabilities to build secure clouds, whether for private clouds or cloud delivery platforms for cloud service providers Deliver Cloud services securely โ€“ ensure IBM SmartCloud Services are delivered securely, addressing governance, identity, data, and physical security Use Cloud to deliver Security-as-a-Service โ€“ provide immediate access to cloud-delivered security services, including vulnerability scanning, web and email security Security for Private Clouds Security for SCE / SCE+ Security-as-a-Service Cloud Enablement Technologies Enables private / hybrid cloud service delivery and management Cloud Computing as a Service Cloud platform and/or infrastructure as a service Software as a Service Business Solutions Pre-built Cloud SaaS business applications and solutions Focus for this conversation
ยฉ 2013 IBM Corporation IBM Security Systems 10 1. Manage the registration and control the access of thousands or even millions of Cloud users in a cost- effective way 2. Ensure the safety and privacy of critical enterprise data in Cloud environments without disrupting operations 3. Provide secure access to applications in the Cloud 4. Manage patch requirements for virtualized systems 5. Provide protection against network threat and vulnerabilities in the Cloud 6. Protect virtual machines 7. Achieve visibility and transparency in Cloud environments to find advanced threats and meet regulatory and compliance requirements Key customer Cloud security concerns
ยฉ 2013 IBM Corporation IBM Security Systems 11 IBM Security Systems IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework ยง๏‚งโ€ฏ IBM Security Framework built on the foundation of COBIT and ISO standards ยง๏‚งโ€ฏ End-to-end coverage of the security domains ยง๏‚งโ€ฏ Managed and Professional Services to help clients secure the enterprise
ยฉ 2013 IBM Corporation IBM Security Systems 12 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
ยฉ 2013 IBM Corporation IBM Security Systems 13 Cost-effective and standards-based registration and access control of Cloud users External users need identity and access controls Internal users need easy and secure access to Cloud applications Compliance and audit controls need to cover all the users and services External users Internal users Application Application Internal Applications External Applications When millions of users need access to cloud- based resources, user provisioning (and de- provisioning) must be simple, efficient and scalable Need to protect against threats that can lead to data loss and web fraud Organizations need the ability to tie cloud-based applications together with internal applications and enable users to access them easily with single sign-on 1 Identity Enterprise Single Sign On Federated Identity Management Custodians of the Cloud
ยฉ 2013 IBM Corporation IBM Security Systems 14 Security Event and Log Mgt. Vulnerability Mgt. Service Cost-effective user registration and access control of Cloud users Addressing compliance requirements, reducing operational costs, enhancing security posture and developing operational efficiencies Requirement Capability Full life-cycle identity management (โ€œcradle-to- graveโ€) for cloud-based users ยง๏‚งโ€ฏ Federated single sign-on to multiple web-based and cloud applications with a single ID and password for employees, customers, BPs, vendors ยง๏‚งโ€ฏ User self-service for identity creation and password reset ยง๏‚งโ€ฏ Securely provision, manage, automate and track privileged access to critical enterprise resources Access, authorization control, and fraud prevention for applications and data in the cloud ยง๏‚งโ€ฏ Automated management and risk-based enforcement of access control policies across every application, data source, operating system and even company boundaries ยง๏‚งโ€ฏ Role-based identity and access management aligns usersโ€™ roles to their access capabilities, simplifies management and compliance Ability to track and log user activities, report violations, and prove compliance ยง๏‚งโ€ฏ Security incident and event management for compliance reporting and auditing of users and their activitiesโ€”in both cloud and traditional environments ยง๏‚งโ€ฏ The ability to monitor, control, and report on privileged identities (e.g., systems and database administrators) for cloud-based administrators 1 Identity
ยฉ 2013 IBM Corporation IBM Security Systems 15 Know who can access the cloud Single access method for users into workload aware Cloud Getting started on ramp for the Cloud with Federated SSO Federated Access / Identity Management 15 Identity Federation enables web single sign on across applications โ€ขโ€ฏ Access controls on cloud applications โ€ขโ€ฏ Provide users with the ability to single sign on to multiple Web-based cloud applications with disparate user IDs/passwords โ€ขโ€ฏ Self service identity registration, validation and processing user credentials IBM Security Access Manager for Cloud and Mobile IBM Security Identity Manager 1 Identity
ยฉ 2013 IBM Corporation IBM Security Systems 16 Beyond the basics: Next steps in IAM for Cloud security Summary: Improve visibility and securely connect users to the workload aware Cloud; enforce auditable access and enable secure collaboration Cloud Use Case: Federated SSO to SaaS / Cloud; self-service identity provisioning, validation and processing user credentials Deployment Scenario: Hosted, managed and deployed as a Cloud Computing Infrastructure SystemsStorage Network Service Requestor 3rd Party Cloud Service Provider Service Management IAA Add Identity and Access Assurance to manage identities, entitlements, access control and auditing Add full Identity and Access Assurance solutions โ€ขโ€ฏ Build on access and authorization control โ€ขโ€ฏ Full life-cycle user / identity management โ€ขโ€ฏ Role-based identity and access management โ€ขโ€ฏ Privileged identity management โ€ขโ€ฏ Security Information & Event Management (SIEM) IBM Security Identity and Access Assurance Know who can access the cloud Single access method for users into workload aware Cloud FIM Systems & Image Management 1 Identity
ยฉ 2013 IBM Corporation IBM Security Systems 17 Use Case: Prevent fraudulent access to Cloud applications and services using risk-based access policy and strong authentication User attempts high- value transaction Transaction completes Strong authentication challenge IBM Security Access Manager for Cloud and Mobile Transactions < $100 Allowed with no additional authentication Attempt to transfer >= $100 Requires strong authentication 1 Identity
ยฉ 2013 IBM Corporation IBM Security Systems 18 Privileged Identity Management: Centralized management of privileged and shared identities IBM security solution IBM Security Privileged Identity Management Track and audit activities of privileged users (e.g., root, financial app administrators) for effective governance Business challenge Addressing insider threat with privileged users access management Key solution highlights New Privileged Identity Management (PIM) solution providing complete identity management and enterprise single sign-on capabilities for privileged users DatabasesID Check in / check out using secure credential vault Control shared access to sensitive user IDs Request, approve and re- validate privileged access Reduce risk, enhance compliance Track usage of shared identities Provide increased accountability and audit trail Automated password management Automated checkout of IDs, hide password from requesting employee, automate password reset to eliminate password theft 1 Identity
ยฉ 2013 IBM Corporation IBM Security Systems 19 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
ยฉ 2013 IBM Corporation IBM Security Systems 20 Old approaches to data protection are not efficient for Cloud and virtualization ยง๏‚งโ€ฏ Multi-tenancy raises security concerns in Cloud environments ยง๏‚งโ€ฏ Lack of visibility over DB access in Cloud environments ยง๏‚งโ€ฏ Security alerts not real time ยง๏‚งโ€ฏ No separation of duties as required by auditors ยง๏‚งโ€ฏ Inconsistent policies enterprise-wide ยง๏‚งโ€ฏ Native logging causes high performance impact on DBMS 2 Data โ€œA data security strategy should include database auditing and monitoring, patch management, data masking, access control, discovery / classification, and change management.โ€ -- Why Enterprise Database Security Strategy Has Become Critical, Forrester Research, Inc, July 13, 2011
ยฉ 2013 IBM Corporation IBM Security Systems 21 Assess database vulnerabilities De-identify confidential data in non-production environments Define policies & metrics Audit and report for compliance Protect enterprise data from authorized & unauthorized access Four steps to data security in the Cloud Define policies & metrics De-identify confidential data in non-production environments Assess database vulnerabilities Classify & define data types Fully redacted unstructured data Monitor and enforce review of policy exceptions Protect enterprise data from authorized & unauthorized access A data security strategy should include database auditing and monitoring, patch management, data masking, access control, discovery/classification, and change management. -- Why Enterprise Database Security Strategy Has Become Critical, Forrester Research, Inc., July 13, 2011 Define policies & metrics Classify & define data types Define policies & metrics Classify & define data types Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types Fully redacted unstructured data Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types De-identify confidential data in non-production environments Fully redacted unstructured data Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types Assess database vulnerabilities De-identify confidential data in non-production environments Fully redacted unstructured data Define policies and metrics Classify & define data types Monitor and enforce review of policy exceptions Fully redact unstructured data Classify and define data types Audit and report for compliance Protect enterprise data from authorized and unauthorized access Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides โ€œ โ€ Monitor and Audit 3 Secure and Protect 2 Understand and Define 1 Enterprise Security intelligence4
ยฉ 2013 IBM Corporation IBM Security Systems 22 Key Themes Reduced Total Cost of Ownership Expanded support for databases and unstructured data, automation, handling and analysis of large volumes of audit records, and new preventive capabilities Enhanced Compliance Management Enhanced Database Vulnerability Assessment (VA) and Database Protection Subscription Service (DPS) with improved update frequency, labels for specific regulations, and product integrations Dynamic Data Protection Data masking capabilities for databases (row level, role level) and for applications (pattern based, form based) to safeguard sensitive and confidential data Data security for the Cloud Across Multiple Deployment Models QRadar Integration 2 Data
ยฉ 2013 IBM Corporation IBM Security Systems 23 Application security challenge: manage risk ยง๏‚งโ€ฏ 76% of CEOs feel reducing security flaws within business-critical applications is the most important aspect of their data protection programs ยง๏‚งโ€ฏ 79% of compromised records used Web Apps as the attack pathway ยง๏‚งโ€ฏ 81% of breached organizations subject to PCI were found to be non- compliant 3 Applications Web Application Vulnerabilities As a Percentage of All Disclosures in 2012 Web Applications: 43 percent Others: 57 percent Source: IBM X-Forceยฎ 2012 Full-Year Trend and Risk Report Web application vulnerabilities up 14% in 2012
ยฉ 2013 IBM Corporation IBM Security Systems 24 Scan applications Analyze (identify issues) Automate Application Security Testing Report (detailed and actionable) Finding and fixing application vulnerabilities ยง๏‚งโ€ฏ During coding ยง๏‚งโ€ฏ During production ยง๏‚งโ€ฏ Web vulnerabilities ยง๏‚งโ€ฏ PII use and security ยง๏‚งโ€ฏ Remediation steps ยง๏‚งโ€ฏ Compliance 3 Applications
ยฉ 2013 IBM Corporation IBM Security Systems 25 Key Themes Coverage for Cloud and mobile apps & new threats Identify and reduce risk by expanding scanning capabilities to new platforms such as Cloud and mobile using next generation dynamic analysis scanning and glass box testing Simplified interface and accelerated ROI Improve time to value and consumability with out-of-the-box scanning, static analysis templates and ease of use features Security Intelligence integration Automatically adjust threat levels based on knowledge of application vulnerabilities by integrating and analyzing scan results with SiteProtector and the QRadar Security Intelligence Platform AppScan security for Cloud environments
ยฉ 2013 IBM Corporation IBM Security Systems 26 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
ยฉ 2013 IBM Corporation IBM Security Systems 27 Optimizing the patch cycle and help ensure the security of both traditional and Cloud computing assets Customer Pain Points ยง๏‚งโ€ฏ Time required to patch all enterprise physical, virtual, distributed, and cloud assets ยง๏‚งโ€ฏ Lack of control over deployed and dormant virtual systems OS patch levels and related security configurations Distributed Endpoints Web App DB Virtual ServersPhysical Servers + + 4 Patch Management Capability ยง๏‚งโ€ฏ Automatically manage patches for multiple OSs and applications across physical and virtual servers ยง๏‚งโ€ฏ Reduce security and compliance risk by slashing remediation cycles from weeks to hours ยง๏‚งโ€ฏ Patch running / offline / dormant VMs ยง๏‚งโ€ฏ Continuously monitor and enforce endpoint configuration
ยฉ 2013 IBM Corporation IBM Security Systems 28 ยง๏‚งโ€ฏ Patch as fast as you can provision with rapid patching, configuration and policy deployment across thousands of endpoints regardless of location, connection type or status ยง๏‚งโ€ฏ Reduce security risk by slashing remediation cycles from weeks to days or hours ยง๏‚งโ€ฏ Gain greater visibility into patch compliance with flexible, real-time monitoring and reporting from a single management console ยง๏‚งโ€ฏ Efficiently deploy patches, even over low- bandwidth or globally distributed networks reducing labor requirements by over 75% ยง๏‚งโ€ฏ Patch endpoints on or off the network-- including roaming devices using Internet connections providing over 98.5% first pass patch compliance Enforce Evaluate PublishReport Enhanced Security and Patch Management with SmartCloud Patch Stay in Control and Prove it SmartCloud Patch
ยฉ 2013 IBM Corporation IBM Security Systems 29 The challenging state of network security Social media sites present productivity, privacy and security risks including new threat vectors SOCIAL NETWORKING Limited visibility into traffic patterns or types of traffic traversing the network LIMITED NETWORK VISIBILITY Point solutions are siloed with minimal integration or data sharing POINT SOLUTIONSURL Filtering โ€ข IDS / IPS IM / P2P โ€ข Web App Protection Vulnerability Management Increasingly sophisticated attacks are using multiple attack vectors and increasing risk exposure SOPHISTICATED ATTACKS Stealth Bots โ€ข Targeted Attacks Worms โ€ข Trojans โ€ข Designer Malware 5 Network Protection
ยฉ 2013 IBM Corporation IBM Security Systems 30 Network intrusion protection is a primary building block in Cloud security Firewall Datacenter Network Intrusion Prevention ยง๏‚งโ€ฏ Protect both applications and network from being exploited ยง๏‚งโ€ฏ Control protocols and applications ยง๏‚งโ€ฏ Monitor traffic for anomalous traffic patterns ยง๏‚งโ€ฏ Protect users from being attacked (e.g., through malicious documents) ยง๏‚งโ€ฏ Prove compliance with regulation requirements (e.g., PCI) ยง๏‚งโ€ฏ Enforce corporate policy with employees and 3rd parties (e.g., consultants) ยง๏‚งโ€ฏ Monitor network traffic for sensitive information leaving the company ยง๏‚งโ€ฏ Prevent data from being stolen from databases via web applications 5 Network Protection
ยฉ 2012 IBM Corporation IBM Security Systems 31 IBM Internal and Business Partner Use Only IBM Security Network Protection XGS 5000 IBM XGS 5000: Extensible, 0-Day protection powered by X-Forceยฎ โ€ขโ€ฏ Vulnerability modeling and algorithms โ€ขโ€ฏ Stateful packet inspection โ€ขโ€ฏ Port variability โ€ขโ€ฏ Port assignment โ€ขโ€ฏ Port following โ€ขโ€ฏ Protocol tunneling โ€ขโ€ฏ Shellcode heuristics โ€ขโ€ฏ Application layer pre- processing โ€ขโ€ฏ Context field analysis โ€ขโ€ฏ RFC compliance โ€ขโ€ฏ Statistical analysis โ€ขโ€ฏ TCP reassembly and flow reassembly โ€ขโ€ฏ Host response analysis โ€ขโ€ฏ Port probe detection โ€ขโ€ฏ Pattern matching โ€ขโ€ฏ Custom signatures โ€ขโ€ฏ Injection logic engine โ€ขโ€ฏ IPv6 tunnel analysis โ€ขโ€ฏ SIT tunnel analysis โ€“โ€ฏ 15 years+ of vulnerability research and development โ€“โ€ฏ Trusted by the worldโ€™s largest enterprises and government agencies โ€“โ€ฏ True protocol-aware intrusion prevention, not reliant on signatures โ€“โ€ฏ Backed by X-Force ยฎ โ€“โ€ฏ Specialized engines โ€ขโ€ฏ Exploit Payload Detection โ€ขโ€ฏ Web Application Protection โ€ขโ€ฏ Content and File Inspection โ€œWhen we see these attacks coming in, it will shut them down automatically.โ€ โ€“ Melbourne IT ยง๏‚งโ€ฏ Next Generation IPS powered by X-Forceยฎ Research protects weeks or even months โ€œahead of the threatโ€ ยง๏‚งโ€ฏ Full protocol, content and application aware protection goes beyond signatures ยง๏‚งโ€ฏ Expandable protection modules defend against emerging threats such as malicious file attachments and Web application attacks [The IBM Threat Protection Engine] โ€œdefended an attack against a critical government network another protocol aware IPS missedโ€ โ€“ Government Agency IBM Security Threat Protection Ability to protect against the threats of today and tomorrow
ยฉ 2013 IBM Corporation IBM Security Systems 32 Why virtualization security? 6 Protect VMs
ยฉ 2013 IBM Corporation IBM Security Systems 33 Summary of virtualization system security challenges ยง๏‚งโ€ฏ Migration of VMs for load balancing can make them more difficult to secure ยง๏‚งโ€ฏ Ease of addition of VMs increases likelihood that insecure systems will go online ยง๏‚งโ€ฏ Malicious insiders can inflict massive damage very quickly Increased flexibility can increase security risk ยง๏‚งโ€ฏ Virtual endpoints have same security challenges as their physical counterparts ยง๏‚งโ€ฏ Virtualization management systems provide new attack vector ยง๏‚งโ€ฏ Hypervisor itself is an attack vector Larger attack surface ยง๏‚งโ€ฏ 259 new virtualization vulnerabilities over the last 5 years ยง๏‚งโ€ฏ New attack types (e.g., Hyperjacking, hypervisor escape, VM attacks) New vulnerabilities1 2 3 6 Protect VMs
ยฉ 2013 IBM Corporation IBM Security Systems 3434 Virtual Server Protection increases ROI of the virtual infrastructure, while reducing risk ยง๏‚งโ€ฏ Automated protection as each VM comes online โ€“โ€ฏ Automatic discovery โ€“โ€ฏ Automated vulnerability assessment โ€“โ€ฏ Simplified patch management ยง๏‚งโ€ฏ Non-intrusive โ€“โ€ฏ No reconfiguration of the virtual network โ€“โ€ฏ No presence in the guest OS รผ๏ƒผโ€ฏImproved stability รผ๏ƒผโ€ฏMore CPU / memory available for workloads รผ๏ƒผโ€ฏReduced attack surface ยง๏‚งโ€ฏ Protection for any guest OS โ€“โ€ฏ Reduction in security agents for multiple OSs 6 Protect VMs VMware vCloud
ยฉ 2013 IBM Corporation IBM Security Systems 35 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware
ยฉ 2013 IBM Corporation IBM Security Systems 36 Security Intelligence: Integrating across IT silos 7 Security Intelligence
ยฉ 2013 IBM Corporation IBM Security Systems 37 Supplemented with Security-as-a-Service offerings
ยฉ 2013 IBM Corporation IBM Security Systems 38 Cloud Auditing Data Federation (CADF) WG ISO JTC 1/SC 27: IT Security Techniques IETF OAuth 2.0 Driving client-focused open standards and interoperability Customer security standards guidance Open source cloud computing infrastructure (IaaS focus)
ยฉ 2013 IBM Corporation IBM Security Systems 3939 Thank you
Ad

Recommended

Cloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and TechniquesCloud Security Engineering - Tools and Techniques
Cloud Security Engineering - Tools and Techniques
Gokul Alex
ย 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
ย 
Cloud Security
Cloud Security Cloud Security
Cloud Security
Giovanni Mazzeo
ย 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
ย 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
ย 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
ย 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
ย 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
Wen-Pai Lu
ย 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
ย 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
ย 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
ย 
7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure
Abdul Khan
ย 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
ย 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
Reza Pahlava
ย 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
ย 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
Symantec
ย 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
ุฃุญู„ุงู… ุงู†ุตุงุฑู‰
ย 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security Rules
Kai Roer
ย 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
Bryan Starbuck
ย 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
ย 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
ย 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
ClubHack
ย 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
Moshe Ferber
ย 
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and AuditSukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak
ย 
Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azureCloud security comparisons between aws and azure
Cloud security comparisons between aws and azure
Abdul Khan
ย 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
ย 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
xKinAnx
ย 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Ashish Patel
ย 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
Glenn Ambler
ย 
Ad

More Related Content

What's hot (19)

Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
ย 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
ย 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
ย 
7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure
Abdul Khan
ย 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
ย 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
Reza Pahlava
ย 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
ย 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
Symantec
ย 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
ุฃุญู„ุงู… ุงู†ุตุงุฑู‰
ย 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security Rules
Kai Roer
ย 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
Bryan Starbuck
ย 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
ย 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
ย 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
ClubHack
ย 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
Moshe Ferber
ย 
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and AuditSukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak
ย 
Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azureCloud security comparisons between aws and azure
Cloud security comparisons between aws and azure
Abdul Khan
ย 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
ย 
Cloud security privacy- org
Cloud security privacy- orgCloud security privacy- org
Cloud security privacy- org
Dharmalingam S
ย 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
ย 
Cloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption ExplainedCloud Security & Cloud Encryption Explained
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
ย 
7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure7 Ways To Cyberattack And Hack Azure
7 Ways To Cyberattack And Hack Azure
Abdul Khan
ย 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
ย 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
Reza Pahlava
ย 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
Keet Sugathadasa
ย 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
Symantec
ย 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
ุฃุญู„ุงู… ุงู†ุตุงุฑู‰
ย 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security Rules
Kai Roer
ย 
Cloud Privacy & Security compliance
Cloud Privacy & Security complianceCloud Privacy & Security compliance
Cloud Privacy & Security compliance
Bryan Starbuck
ย 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
ย 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
ย 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
ย 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
ClubHack
ย 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
Moshe Ferber
ย 
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and AuditSukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak-Detailed-Cloud Risk Management and Audit
Sukumar Nayak
ย 
Cloud security comparisons between aws and azure
Cloud security comparisons between aws and azureCloud security comparisons between aws and azure
Cloud security comparisons between aws and azure
Abdul Khan
ย 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
ย 

Similar to Cloud Security: What you need to know about IBM SmartCloud Security (20)

Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
xKinAnx
ย 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Ashish Patel
ย 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
Glenn Ambler
ย 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
IBM India Smarter Computing
ย 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
Arun Gopinath
ย 
Ast 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_securityAst 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_security
Accenture
ย 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Stefaan Van daele
ย 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
Sweta Kumari Barnwal
ย 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
ย 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
Revital Lapidot
ย 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
Revital Lapidot
ย 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
TheInevitableCloud
ย 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
ย 
legal and ethical.ppt
legal and ethical.pptlegal and ethical.ppt
legal and ethical.ppt
Adhisthangurung
ย 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
Revathiparamanathan
ย 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
IBM Security
ย 
Cloud Security Network โ€“ Definition and Best Practices.pdf
Cloud Security Network โ€“ Definition and Best Practices.pdfCloud Security Network โ€“ Definition and Best Practices.pdf
Cloud Security Network โ€“ Definition and Best Practices.pdf
qualysectechnology98
ย 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
ย 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
Francisco Gonzรกlez Jimรฉnez
ย 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET Journal
ย 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
xKinAnx
ย 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Ashish Patel
ย 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
Glenn Ambler
ย 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
IBM India Smarter Computing
ย 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
Arun Gopinath
ย 
Ast 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_securityAst 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_security
Accenture
ย 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Stefaan Van daele
ย 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
Sweta Kumari Barnwal
ย 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
ย 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
Revital Lapidot
ย 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risks
Revital Lapidot
ย 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
TheInevitableCloud
ย 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
DataSpace Academy
ย 
legal and ethical.ppt
legal and ethical.pptlegal and ethical.ppt
legal and ethical.ppt
Adhisthangurung
ย 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
Revathiparamanathan
ย 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
IBM Security
ย 
Cloud Security Network โ€“ Definition and Best Practices.pdf
Cloud Security Network โ€“ Definition and Best Practices.pdfCloud Security Network โ€“ Definition and Best Practices.pdf
Cloud Security Network โ€“ Definition and Best Practices.pdf
qualysectechnology98
ย 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
ย 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
Francisco Gonzรกlez Jimรฉnez
ย 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET Journal
ย 
Ad

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
ย 
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
IBM Security
ย 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
ย 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
ย 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
ย 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
ย 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
ย 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
ย 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
ย 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
ย 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
ย 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
ย 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
ย 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
ย 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
ย 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
ย 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
IBM Security
ย 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
IBM Security
ย 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
IBM Security
ย 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
ย 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
ย 
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Instituteโ€™s Study on...
IBM Security
ย 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
ย 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
ย 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
ย 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
ย 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
ย 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
ย 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
ย 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
ย 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
ย 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
ย 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
ย 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
ย 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
ย 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
ย 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
IBM Security
ย 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
IBM Security
ย 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
IBM Security
ย 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
ย 
Ad

Recently uploaded (20)

Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
ย 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
ย 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
ย 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
ย 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
ย 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
ย 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
ย 
Drupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Drupalcamp Finland โ€“ Measuring Front-end Energy ConsumptionDrupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Drupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Exove
ย 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
ย 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
ย 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
ย 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
ย 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
ย 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
ย 
Build Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For DevsBuild Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For Devs
Brian McKeiver
ย 
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
ย 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
ย 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
ย 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
ย 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
ย 
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
ย 
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...
Impelsys Inc.
ย 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
ย 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
ย 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
ย 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
ย 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
ย 
Drupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Drupalcamp Finland โ€“ Measuring Front-end Energy ConsumptionDrupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Drupalcamp Finland โ€“ Measuring Front-end Energy Consumption
Exove
ย 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
ย 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
ย 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
ย 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
ย 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
ย 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
ย 
Build Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For DevsBuild Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For Devs
Brian McKeiver
ย 
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything โ€“ Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
ย 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
ย 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
ย 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
ย 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
ย 

Cloud Security: What you need to know about IBM SmartCloud Security

  • 1. ยฉ 2012 IBM Corporation IBM Security Systems SmartCloud Security Overview Gretchen Marx, Program Manager, Portfolio Strategy IBM Security Division
  • 2. ยฉ 2013 IBM Corporation IBM Security Systems 2 Agenda ยง๏‚งโ€ฏ Cloud security landscape ยง๏‚งโ€ฏ IBM SmartCloud Security offerings ยง๏‚งโ€ฏ SmartCloud Security demo
  • 3. ยฉ 2013 IBM Corporation IBM Security Systems 3 Cloud computing is hot and growing fast Rest of IT Rest of IT WW IT Spend ($B) Source: IBM Market Insights Cloud Phase 2 assessment, Feb 2011 What organizations like about cloud computing: ยง๏‚งโ€ฏ Elastic capacity โ€“โ€ฏ Resource can be elastically provisioned to quickly scale out and rapidly released to quickly scale in ยง๏‚งโ€ฏ Fast provisioning โ€“โ€ฏ Automated provisioning / deprovisioning of resources as needed ยง๏‚งโ€ฏ Self-service requests โ€“โ€ฏ User request services via a web portal ยง๏‚งโ€ฏ Low cost, pay-as-you-go โ€“โ€ฏ Users pay for what they use Cloud Non-Cloud Traditional IT 3% CAGR 25% CAGR
  • 4. ยฉ 2013 IBM Corporation IBM Security Systems 4 The Cloud security market is growing PrivatePublic Cloud Security is estimated to be 10.6% of total security spending in 2013, growing to 13.9% in 2015 2013 โ€“ 2016 Worldwide Cloud Security Opportunity ($B) Worldwide Public and Private Cloud Security Product Share by Subcategory, 2011 19% 24% Source: IDC, December 2012
  • 5. ยฉ 2013 IBM Corporation IBM Security Systems 5 Cloud environments present new challenges
  • 6. ยฉ 2013 IBM Corporation IBM Security Systems 6 Security remains #1 inhibitor to broad scale cloud adoption Source: 2012 Cloud Computing โ€“ Key Trends and Future Effects โ€“ IDG
  • 7. ยฉ 2013 IBM Corporation IBM Security Systems 7 Self-Service Highly Virtualized Location Independence Workload Automation Rapid Elasticity Standardization Cloud computing tests the limits of security operations and infrastructure People and Identity Application and Process Network, Server and Endpoint Data and Information Physical Infrastructure Governance, Risk and Compliance Security and Privacy Domains Multiple logins, onboarding issues Multi-tenancy, data separation Audit silos, compliance controls Provider controlled, lack of visibility Virtualization, network isolation External facing, quick provisioning To the Cloud In a cloud environment, access expands, responsibilities change, control shifts, and the speed of provisioning resources and applications increases - greatly affecting all aspects of IT security
  • 8. ยฉ 2013 IBM Corporation IBM Security Systems 8 Cloud computing changes the way we think about security . Private cloud Public cloudHybrid IT โ€ขโ€ฏ High multi-tenancy and data separation โ€ขโ€ฏ Image management and compliance โ€ขโ€ฏ Security of the virtual / hypervisor layer โ€ขโ€ฏ Virtual network visibility โ€ขโ€ฏ Need for Service level agreements (SLAs) โ€ขโ€ฏ Provider responsibility for infrastructure โ€ขโ€ฏ Customization of security controls โ€ขโ€ฏ Visibility into day-to-day operations โ€ขโ€ฏ Access to logs and policies โ€ขโ€ฏ Applications and data are publically exposed Changes in Security and Privacy While security concerns are often shared across the different cloud models, the responsibility changes from consumer to provider which can present unique challenges
  • 9. ยฉ 2013 IBM Corporation IBM Security Systems 9 Security is a crucial part of the IBM SmartCloud strategy Build Clouds securely โ€“ lBMโ€™s industry leading security solutions and professional services enable an integrated set of capabilities to build secure clouds, whether for private clouds or cloud delivery platforms for cloud service providers Deliver Cloud services securely โ€“ ensure IBM SmartCloud Services are delivered securely, addressing governance, identity, data, and physical security Use Cloud to deliver Security-as-a-Service โ€“ provide immediate access to cloud-delivered security services, including vulnerability scanning, web and email security Security for Private Clouds Security for SCE / SCE+ Security-as-a-Service Cloud Enablement Technologies Enables private / hybrid cloud service delivery and management Cloud Computing as a Service Cloud platform and/or infrastructure as a service Software as a Service Business Solutions Pre-built Cloud SaaS business applications and solutions Focus for this conversation
  • 10. ยฉ 2013 IBM Corporation IBM Security Systems 10 1. Manage the registration and control the access of thousands or even millions of Cloud users in a cost- effective way 2. Ensure the safety and privacy of critical enterprise data in Cloud environments without disrupting operations 3. Provide secure access to applications in the Cloud 4. Manage patch requirements for virtualized systems 5. Provide protection against network threat and vulnerabilities in the Cloud 6. Protect virtual machines 7. Achieve visibility and transparency in Cloud environments to find advanced threats and meet regulatory and compliance requirements Key customer Cloud security concerns
  • 11. ยฉ 2013 IBM Corporation IBM Security Systems 11 IBM Security Systems IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework ยง๏‚งโ€ฏ IBM Security Framework built on the foundation of COBIT and ISO standards ยง๏‚งโ€ฏ End-to-end coverage of the security domains ยง๏‚งโ€ฏ Managed and Professional Services to help clients secure the enterprise
  • 12. ยฉ 2013 IBM Corporation IBM Security Systems 12 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
  • 13. ยฉ 2013 IBM Corporation IBM Security Systems 13 Cost-effective and standards-based registration and access control of Cloud users External users need identity and access controls Internal users need easy and secure access to Cloud applications Compliance and audit controls need to cover all the users and services External users Internal users Application Application Internal Applications External Applications When millions of users need access to cloud- based resources, user provisioning (and de- provisioning) must be simple, efficient and scalable Need to protect against threats that can lead to data loss and web fraud Organizations need the ability to tie cloud-based applications together with internal applications and enable users to access them easily with single sign-on 1 Identity Enterprise Single Sign On Federated Identity Management Custodians of the Cloud
  • 14. ยฉ 2013 IBM Corporation IBM Security Systems 14 Security Event and Log Mgt. Vulnerability Mgt. Service Cost-effective user registration and access control of Cloud users Addressing compliance requirements, reducing operational costs, enhancing security posture and developing operational efficiencies Requirement Capability Full life-cycle identity management (โ€œcradle-to- graveโ€) for cloud-based users ยง๏‚งโ€ฏ Federated single sign-on to multiple web-based and cloud applications with a single ID and password for employees, customers, BPs, vendors ยง๏‚งโ€ฏ User self-service for identity creation and password reset ยง๏‚งโ€ฏ Securely provision, manage, automate and track privileged access to critical enterprise resources Access, authorization control, and fraud prevention for applications and data in the cloud ยง๏‚งโ€ฏ Automated management and risk-based enforcement of access control policies across every application, data source, operating system and even company boundaries ยง๏‚งโ€ฏ Role-based identity and access management aligns usersโ€™ roles to their access capabilities, simplifies management and compliance Ability to track and log user activities, report violations, and prove compliance ยง๏‚งโ€ฏ Security incident and event management for compliance reporting and auditing of users and their activitiesโ€”in both cloud and traditional environments ยง๏‚งโ€ฏ The ability to monitor, control, and report on privileged identities (e.g., systems and database administrators) for cloud-based administrators 1 Identity
  • 15. ยฉ 2013 IBM Corporation IBM Security Systems 15 Know who can access the cloud Single access method for users into workload aware Cloud Getting started on ramp for the Cloud with Federated SSO Federated Access / Identity Management 15 Identity Federation enables web single sign on across applications โ€ขโ€ฏ Access controls on cloud applications โ€ขโ€ฏ Provide users with the ability to single sign on to multiple Web-based cloud applications with disparate user IDs/passwords โ€ขโ€ฏ Self service identity registration, validation and processing user credentials IBM Security Access Manager for Cloud and Mobile IBM Security Identity Manager 1 Identity
  • 16. ยฉ 2013 IBM Corporation IBM Security Systems 16 Beyond the basics: Next steps in IAM for Cloud security Summary: Improve visibility and securely connect users to the workload aware Cloud; enforce auditable access and enable secure collaboration Cloud Use Case: Federated SSO to SaaS / Cloud; self-service identity provisioning, validation and processing user credentials Deployment Scenario: Hosted, managed and deployed as a Cloud Computing Infrastructure SystemsStorage Network Service Requestor 3rd Party Cloud Service Provider Service Management IAA Add Identity and Access Assurance to manage identities, entitlements, access control and auditing Add full Identity and Access Assurance solutions โ€ขโ€ฏ Build on access and authorization control โ€ขโ€ฏ Full life-cycle user / identity management โ€ขโ€ฏ Role-based identity and access management โ€ขโ€ฏ Privileged identity management โ€ขโ€ฏ Security Information & Event Management (SIEM) IBM Security Identity and Access Assurance Know who can access the cloud Single access method for users into workload aware Cloud FIM Systems & Image Management 1 Identity
  • 17. ยฉ 2013 IBM Corporation IBM Security Systems 17 Use Case: Prevent fraudulent access to Cloud applications and services using risk-based access policy and strong authentication User attempts high- value transaction Transaction completes Strong authentication challenge IBM Security Access Manager for Cloud and Mobile Transactions < $100 Allowed with no additional authentication Attempt to transfer >= $100 Requires strong authentication 1 Identity
  • 18. ยฉ 2013 IBM Corporation IBM Security Systems 18 Privileged Identity Management: Centralized management of privileged and shared identities IBM security solution IBM Security Privileged Identity Management Track and audit activities of privileged users (e.g., root, financial app administrators) for effective governance Business challenge Addressing insider threat with privileged users access management Key solution highlights New Privileged Identity Management (PIM) solution providing complete identity management and enterprise single sign-on capabilities for privileged users DatabasesID Check in / check out using secure credential vault Control shared access to sensitive user IDs Request, approve and re- validate privileged access Reduce risk, enhance compliance Track usage of shared identities Provide increased accountability and audit trail Automated password management Automated checkout of IDs, hide password from requesting employee, automate password reset to eliminate password theft 1 Identity
  • 19. ยฉ 2013 IBM Corporation IBM Security Systems 19 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
  • 20. ยฉ 2013 IBM Corporation IBM Security Systems 20 Old approaches to data protection are not efficient for Cloud and virtualization ยง๏‚งโ€ฏ Multi-tenancy raises security concerns in Cloud environments ยง๏‚งโ€ฏ Lack of visibility over DB access in Cloud environments ยง๏‚งโ€ฏ Security alerts not real time ยง๏‚งโ€ฏ No separation of duties as required by auditors ยง๏‚งโ€ฏ Inconsistent policies enterprise-wide ยง๏‚งโ€ฏ Native logging causes high performance impact on DBMS 2 Data โ€œA data security strategy should include database auditing and monitoring, patch management, data masking, access control, discovery / classification, and change management.โ€ -- Why Enterprise Database Security Strategy Has Become Critical, Forrester Research, Inc, July 13, 2011
  • 21. ยฉ 2013 IBM Corporation IBM Security Systems 21 Assess database vulnerabilities De-identify confidential data in non-production environments Define policies & metrics Audit and report for compliance Protect enterprise data from authorized & unauthorized access Four steps to data security in the Cloud Define policies & metrics De-identify confidential data in non-production environments Assess database vulnerabilities Classify & define data types Fully redacted unstructured data Monitor and enforce review of policy exceptions Protect enterprise data from authorized & unauthorized access A data security strategy should include database auditing and monitoring, patch management, data masking, access control, discovery/classification, and change management. -- Why Enterprise Database Security Strategy Has Become Critical, Forrester Research, Inc., July 13, 2011 Define policies & metrics Classify & define data types Define policies & metrics Classify & define data types Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types Fully redacted unstructured data Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types De-identify confidential data in non-production environments Fully redacted unstructured data Protect enterprise data from authorized & unauthorized access Define policies & metrics Classify & define data types Assess database vulnerabilities De-identify confidential data in non-production environments Fully redacted unstructured data Define policies and metrics Classify & define data types Monitor and enforce review of policy exceptions Fully redact unstructured data Classify and define data types Audit and report for compliance Protect enterprise data from authorized and unauthorized access Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides Discover where sensitive data resides โ€œ โ€ Monitor and Audit 3 Secure and Protect 2 Understand and Define 1 Enterprise Security intelligence4
  • 22. ยฉ 2013 IBM Corporation IBM Security Systems 22 Key Themes Reduced Total Cost of Ownership Expanded support for databases and unstructured data, automation, handling and analysis of large volumes of audit records, and new preventive capabilities Enhanced Compliance Management Enhanced Database Vulnerability Assessment (VA) and Database Protection Subscription Service (DPS) with improved update frequency, labels for specific regulations, and product integrations Dynamic Data Protection Data masking capabilities for databases (row level, role level) and for applications (pattern based, form based) to safeguard sensitive and confidential data Data security for the Cloud Across Multiple Deployment Models QRadar Integration 2 Data
  • 23. ยฉ 2013 IBM Corporation IBM Security Systems 23 Application security challenge: manage risk ยง๏‚งโ€ฏ 76% of CEOs feel reducing security flaws within business-critical applications is the most important aspect of their data protection programs ยง๏‚งโ€ฏ 79% of compromised records used Web Apps as the attack pathway ยง๏‚งโ€ฏ 81% of breached organizations subject to PCI were found to be non- compliant 3 Applications Web Application Vulnerabilities As a Percentage of All Disclosures in 2012 Web Applications: 43 percent Others: 57 percent Source: IBM X-Forceยฎ 2012 Full-Year Trend and Risk Report Web application vulnerabilities up 14% in 2012
  • 24. ยฉ 2013 IBM Corporation IBM Security Systems 24 Scan applications Analyze (identify issues) Automate Application Security Testing Report (detailed and actionable) Finding and fixing application vulnerabilities ยง๏‚งโ€ฏ During coding ยง๏‚งโ€ฏ During production ยง๏‚งโ€ฏ Web vulnerabilities ยง๏‚งโ€ฏ PII use and security ยง๏‚งโ€ฏ Remediation steps ยง๏‚งโ€ฏ Compliance 3 Applications
  • 25. ยฉ 2013 IBM Corporation IBM Security Systems 25 Key Themes Coverage for Cloud and mobile apps & new threats Identify and reduce risk by expanding scanning capabilities to new platforms such as Cloud and mobile using next generation dynamic analysis scanning and glass box testing Simplified interface and accelerated ROI Improve time to value and consumability with out-of-the-box scanning, static analysis templates and ease of use features Security Intelligence integration Automatically adjust threat levels based on knowledge of application vulnerabilities by integrating and analyzing scan results with SiteProtector and the QRadar Security Intelligence Platform AppScan security for Cloud environments
  • 26. ยฉ 2013 IBM Corporation IBM Security Systems 26 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware IBM SmartCloud Security Intelligence IBM Security QRadar SIEM and VFlow Collectors IBM SmartCloud Security Identity Protection IBM SmartCloud Security Data and Application Protection IBM SmartCloud Security Threat Protection 13-04-02
  • 27. ยฉ 2013 IBM Corporation IBM Security Systems 27 Optimizing the patch cycle and help ensure the security of both traditional and Cloud computing assets Customer Pain Points ยง๏‚งโ€ฏ Time required to patch all enterprise physical, virtual, distributed, and cloud assets ยง๏‚งโ€ฏ Lack of control over deployed and dormant virtual systems OS patch levels and related security configurations Distributed Endpoints Web App DB Virtual ServersPhysical Servers + + 4 Patch Management Capability ยง๏‚งโ€ฏ Automatically manage patches for multiple OSs and applications across physical and virtual servers ยง๏‚งโ€ฏ Reduce security and compliance risk by slashing remediation cycles from weeks to hours ยง๏‚งโ€ฏ Patch running / offline / dormant VMs ยง๏‚งโ€ฏ Continuously monitor and enforce endpoint configuration
  • 28. ยฉ 2013 IBM Corporation IBM Security Systems 28 ยง๏‚งโ€ฏ Patch as fast as you can provision with rapid patching, configuration and policy deployment across thousands of endpoints regardless of location, connection type or status ยง๏‚งโ€ฏ Reduce security risk by slashing remediation cycles from weeks to days or hours ยง๏‚งโ€ฏ Gain greater visibility into patch compliance with flexible, real-time monitoring and reporting from a single management console ยง๏‚งโ€ฏ Efficiently deploy patches, even over low- bandwidth or globally distributed networks reducing labor requirements by over 75% ยง๏‚งโ€ฏ Patch endpoints on or off the network-- including roaming devices using Internet connections providing over 98.5% first pass patch compliance Enforce Evaluate PublishReport Enhanced Security and Patch Management with SmartCloud Patch Stay in Control and Prove it SmartCloud Patch
  • 29. ยฉ 2013 IBM Corporation IBM Security Systems 29 The challenging state of network security Social media sites present productivity, privacy and security risks including new threat vectors SOCIAL NETWORKING Limited visibility into traffic patterns or types of traffic traversing the network LIMITED NETWORK VISIBILITY Point solutions are siloed with minimal integration or data sharing POINT SOLUTIONSURL Filtering โ€ข IDS / IPS IM / P2P โ€ข Web App Protection Vulnerability Management Increasingly sophisticated attacks are using multiple attack vectors and increasing risk exposure SOPHISTICATED ATTACKS Stealth Bots โ€ข Targeted Attacks Worms โ€ข Trojans โ€ข Designer Malware 5 Network Protection
  • 30. ยฉ 2013 IBM Corporation IBM Security Systems 30 Network intrusion protection is a primary building block in Cloud security Firewall Datacenter Network Intrusion Prevention ยง๏‚งโ€ฏ Protect both applications and network from being exploited ยง๏‚งโ€ฏ Control protocols and applications ยง๏‚งโ€ฏ Monitor traffic for anomalous traffic patterns ยง๏‚งโ€ฏ Protect users from being attacked (e.g., through malicious documents) ยง๏‚งโ€ฏ Prove compliance with regulation requirements (e.g., PCI) ยง๏‚งโ€ฏ Enforce corporate policy with employees and 3rd parties (e.g., consultants) ยง๏‚งโ€ฏ Monitor network traffic for sensitive information leaving the company ยง๏‚งโ€ฏ Prevent data from being stolen from databases via web applications 5 Network Protection
  • 31. ยฉ 2012 IBM Corporation IBM Security Systems 31 IBM Internal and Business Partner Use Only IBM Security Network Protection XGS 5000 IBM XGS 5000: Extensible, 0-Day protection powered by X-Forceยฎ โ€ขโ€ฏ Vulnerability modeling and algorithms โ€ขโ€ฏ Stateful packet inspection โ€ขโ€ฏ Port variability โ€ขโ€ฏ Port assignment โ€ขโ€ฏ Port following โ€ขโ€ฏ Protocol tunneling โ€ขโ€ฏ Shellcode heuristics โ€ขโ€ฏ Application layer pre- processing โ€ขโ€ฏ Context field analysis โ€ขโ€ฏ RFC compliance โ€ขโ€ฏ Statistical analysis โ€ขโ€ฏ TCP reassembly and flow reassembly โ€ขโ€ฏ Host response analysis โ€ขโ€ฏ Port probe detection โ€ขโ€ฏ Pattern matching โ€ขโ€ฏ Custom signatures โ€ขโ€ฏ Injection logic engine โ€ขโ€ฏ IPv6 tunnel analysis โ€ขโ€ฏ SIT tunnel analysis โ€“โ€ฏ 15 years+ of vulnerability research and development โ€“โ€ฏ Trusted by the worldโ€™s largest enterprises and government agencies โ€“โ€ฏ True protocol-aware intrusion prevention, not reliant on signatures โ€“โ€ฏ Backed by X-Force ยฎ โ€“โ€ฏ Specialized engines โ€ขโ€ฏ Exploit Payload Detection โ€ขโ€ฏ Web Application Protection โ€ขโ€ฏ Content and File Inspection โ€œWhen we see these attacks coming in, it will shut them down automatically.โ€ โ€“ Melbourne IT ยง๏‚งโ€ฏ Next Generation IPS powered by X-Forceยฎ Research protects weeks or even months โ€œahead of the threatโ€ ยง๏‚งโ€ฏ Full protocol, content and application aware protection goes beyond signatures ยง๏‚งโ€ฏ Expandable protection modules defend against emerging threats such as malicious file attachments and Web application attacks [The IBM Threat Protection Engine] โ€œdefended an attack against a critical government network another protocol aware IPS missedโ€ โ€“ Government Agency IBM Security Threat Protection Ability to protect against the threats of today and tomorrow
  • 32. ยฉ 2013 IBM Corporation IBM Security Systems 32 Why virtualization security? 6 Protect VMs
  • 33. ยฉ 2013 IBM Corporation IBM Security Systems 33 Summary of virtualization system security challenges ยง๏‚งโ€ฏ Migration of VMs for load balancing can make them more difficult to secure ยง๏‚งโ€ฏ Ease of addition of VMs increases likelihood that insecure systems will go online ยง๏‚งโ€ฏ Malicious insiders can inflict massive damage very quickly Increased flexibility can increase security risk ยง๏‚งโ€ฏ Virtual endpoints have same security challenges as their physical counterparts ยง๏‚งโ€ฏ Virtualization management systems provide new attack vector ยง๏‚งโ€ฏ Hypervisor itself is an attack vector Larger attack surface ยง๏‚งโ€ฏ 259 new virtualization vulnerabilities over the last 5 years ยง๏‚งโ€ฏ New attack types (e.g., Hyperjacking, hypervisor escape, VM attacks) New vulnerabilities1 2 3 6 Protect VMs
  • 34. ยฉ 2013 IBM Corporation IBM Security Systems 3434 Virtual Server Protection increases ROI of the virtual infrastructure, while reducing risk ยง๏‚งโ€ฏ Automated protection as each VM comes online โ€“โ€ฏ Automatic discovery โ€“โ€ฏ Automated vulnerability assessment โ€“โ€ฏ Simplified patch management ยง๏‚งโ€ฏ Non-intrusive โ€“โ€ฏ No reconfiguration of the virtual network โ€“โ€ฏ No presence in the guest OS รผ๏ƒผโ€ฏImproved stability รผ๏ƒผโ€ฏMore CPU / memory available for workloads รผ๏ƒผโ€ฏReduced attack surface ยง๏‚งโ€ฏ Protection for any guest OS โ€“โ€ฏ Reduction in security agents for multiple OSs 6 Protect VMs VMware vCloud
  • 35. ยฉ 2013 IBM Corporation IBM Security Systems 35 SmartCloud Security Capabilities Administer, secure, and extend identity and access to and from the cloud Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics ยง๏‚งโ€ฏ IBM Security Identity and Access Management Suite ยง๏‚งโ€ฏ IBM Security Federated Identity Manager - Business Gateway ยง๏‚งโ€ฏ IBM Security Privileged Identity Manager ยง๏‚งโ€ฏ IBM InfoSphere Guardium ยง๏‚งโ€ฏ IBM Security AppScan Suite ยง๏‚งโ€ฏ IBM AppScan OnDemand (hosted) ยง๏‚งโ€ฏ IBM Security Key Life Cycle Manager ยง๏‚งโ€ฏ IBM SmartCloud Patch ยง๏‚งโ€ฏ IBM Security Network IPS and Virtual IPS ยง๏‚งโ€ฏ IBM Security Virtual Server Protection for VMware
  • 36. ยฉ 2013 IBM Corporation IBM Security Systems 36 Security Intelligence: Integrating across IT silos 7 Security Intelligence
  • 37. ยฉ 2013 IBM Corporation IBM Security Systems 37 Supplemented with Security-as-a-Service offerings
  • 38. ยฉ 2013 IBM Corporation IBM Security Systems 38 Cloud Auditing Data Federation (CADF) WG ISO JTC 1/SC 27: IT Security Techniques IETF OAuth 2.0 Driving client-focused open standards and interoperability Customer security standards guidance Open source cloud computing infrastructure (IaaS focus)
  • 39. ยฉ 2013 IBM Corporation IBM Security Systems 3939 Thank you