21
QUALYS SECURITY CONFERENCE 2020 Securing Cloud & Container Workloads Badri Raghunathan Director, Product Management, Qualys, Inc.

Securing Cloud & Container Workloads...Securing Cloud & Container Workloads Badri Raghunathan Director, Product Management, Qualys, Inc. Security Challenges in the Cloud Lack of visibility

  • Upload
    others

  • View
    18

  • Download
    0

Embed Size (px)

Citation preview

QUALYS SECURITY CONFERENCE 2020

Securing Cloud & Container Securing Cloud & Container Workloads

Badri RaghunathanDirector, Product Management, Qualys, Inc.

Security Challenges in the Cloud

Lack of visibility or control on cloud resources

Misconfiguration of cloud services

Multi cloud environment magnifies security challenges

Lack of a unified security toolset/controls for on-prem & cloud workloads

February 25, 2020Qualys Security Conference San Francisco2

Cloud Security

Cloud Workload Security with Qualys

4

!""#

$""#

Vulnerability Management% Vulnerability Management

(Internal & Perimeter)% Threat Protection% Indicators of Compromise% Patch Management

Policy Compliance% Policy Compliance (incl. Secure

Configuration Assessment)% File Integrity Monitoring

Application Security% Web Application Scanning

(WebApps and REST APIs)% Web Application Firewall% API Security*

* Upcoming feature

February 25, 2020Qualys Security Conference San Francisco

Rich Visibility with CloudViewVisibility into your cloud resources

Identify public facing/perimeter resources

Resource usage by regions/accounts.

View associations to identify the blast radius

February 25, 2020Qualys Security Conference San Francisco5

Compliance AssessmentIdentify misconfigured resources

Detect resources that are non-compliant against standards such as CIS Benchmark

Identify top failed controls/account for prioritizing the remediation efforts

February 25, 2020Qualys Security Conference San Francisco6

Correlate with Vulnerability Data

Identify vulnerable instances with public IP and associated with the misconfigured security groups

Use vulnerability information for cloud instances to prioritize threats better

February 25, 2020Qualys Security Conference San Francisco7

Serverless Visibility

Serverless Visibility –Inventory support for AWS Lambda functions

Best practices policy for identifying misconfigurations

!"#

February 25, 2020Qualys Security Conference San Francisco8

Built-in Security with Cloud Providers

Send findings into Azure, AWS, GCP Security Hubs

Access & investigate findings from within the Cloud Provider Security console

Native integration of vulnerability assessment of hosts, containers (MSFT Azure - Powered by Qualys) !"#$%&'()*+&',-.#/'0-1#"$1&+'23"11$14'56-7&+&8'9:';*"<:.=

!"#

February 25, 2020Qualys Security Conference San Francisco9

Container Container Security

Visibility into Container Infrastructure

Inventory for all your container infrastructure (Included with VMDR)

Visibility into containers via Scanner, Cloud Agent, Container Sensor

Tracking DockerHub official images

Upgrade for security across DevOps pipeline

!"#

February 25, 2020Qualys Security Conference San Francisco11

Correlating with Vulnerability Data

Search based on all attributes

% Image info% Registry info% Containers

for this image

% Vulnerability posture?

% Easy drill down for complete inventory

February 25, 2020Qualys Security Conference San Francisco12

Detecting Runtime Drift

February 25, 2020Qualys Security Conference San Francisco13

Identify potential breaches in containers

“Drift” Containers, differ from their parent Images by vulnerability, software package composition,

behavior, etc

Detection, Response for Containers

Breach

!"#$%&'()*+",(-##*.'+($"%&%'()*+,+-./'#012)&0/3

-//(0123"&*4525#5"+$"%&%'4567-8'9223

67(7".1&5#8(9%2"+$"%&%':0;-'<)5/3

:3,5.*#%&+(%;(<%=/&%=5+"

$0%&%'=+*0>'!06?-;@'9,6+A+65'06,3

;*"<:.'<":&+'>-+'0-1#"$1&+'?*1#$@&'

2&3*+$#:

February 25, 2020Qualys Security Conference San Francisco14

Container Runtime Security

Integrated into Qualys Platform

Function level firewall for containers

Granular security policies to control file, network, process behavior

Built-in policies from Qualys Threat Research

February 25, 2020Qualys Security Conference San Francisco15

Docker Engine

Host

Co

ntainer

Co

ntainer

Co

ntainer

Co

ntainer

!"#

DEMO

February 25, 2020Qualys Security Conference San Francisco16

The Road Ahead

Towards Automated Remediation

February 25, 2020Qualys Security Conference San Francisco18

Towards Seamless Visibility

Across application stack (Hosts, Kubernetes Pods, Containers, Serverless)

Correlate cloud inventory data with containers

February 25, 2020Qualys Security Conference San Francisco19

BC'D.,@06>'B0,.;+65'E;-.2>'!06?-;@'B0,.;+65'E;-.2>'B6-;)&0'D*-1/>'F-)G'D)*)8,0;/>'=+;0?)**'H.*0/

<2%1,(:3;&*+#&1.#1&"

:**7 >**7 7**7

H<B>'9I.;0'BJF'<)6)1)/0>'"*)/6+,'D0)8'B6)*@>'K-86)+80;/

E--&*0'B.+60>'LMM+,0'CNO

B))B'B0,.;+65'$9)G5)3

"KP'Q8/6)8,0>'9I.;0'R(>'EK4'Q8/6)8,0

Securing Your Cloud Deployments

February 25, 2020Qualys Security Conference San Francisco20

PC VM FIM

IOC

TP WASPM WAF

PC WAS WAFCS

CI CSA

QUALYS SECURITY CONFERENCE 2020

Thank YouBadri Raghunathan

[email protected]