@krol_valencia Security in Cloud Carol Valencia

@krol_valencia Carol Valencia Solution Architect in in/carolgv krol3 @krol_valencia 2

@krol_valencia New scenery after Covid “work-from-home isn’t an option for us” “we aren’t interested in shifting operations to the cloud.” “The pandemic drove a massive shift towards remote work. "it was a case of ‘do or die.’ 3

@krol_valencia Trends in Cyber Security 1. Common cyber-threats (phishing, ransomware, trojans, etc) 2. Fileless Attacks 3. Cloud and Remote Service Attacks (Server applications, containers and cloud storage) 4. Business Process Compromises 5. Customized Payloads 4 https://www.infosecurity-magazine.com/blogs/five-cyber-threats-2021/

@krol_valencia 1. Data Breaches 2. Misconfiguration 3. Lack of cloud security architecture and strategy 4. Insufficient identity, credential, access and key management 5. Account hijacking 6. Insider threat 7 Insecure interfaces and APIs 8. Weak control plane 9. Metastructure and applistructure failures 10. Limited cloud usage visibility 11. Abuse and nefarious use of cloud services Cloud Security Alliance (CSA) Top threats 5

@krol_valencia Security Responsability in the Cloud 6

@krol_valencia 7 https://blog.ine.com/13-effective-security-controls-in-microsoft-azure-for-iso-27001-compliance

@krol_valencia 8 https://blog.aquasec.com/cloud-workload-protection-cwpp-vm-security

@krol_valencia https://blog.ine.com/what-is-the-goal-of-azure-security Data Protection Threat Modeling Services & App

@krol_valencia https://blog.ine.com/what-is-the-goal-of-azure-security 10 Confidentiality - CIA

@krol_valencia NIST Encryption Key Lifecycle 11 https://blog.ine.com/confidentiality-securing-your-keys-in-azure

@krol_valencia 12 Protect data-at-rest Protect data-in-transit Encrypt all customer data https://cryptosense.com/cloud-cryptography-comparison/

@krol_valencia https://blog.ine.com/what-is-the-goal-of-azure-security 13 Integrity - CIA

@krol_valencia https://blog.ine.com/what-is-the-goal-of-azure-security 14 Availability - CIA

@krol_valencia 15 https://holisticsecurity.io/2020/02/10/security-along-the-container-based-sdlc Secure SDLC

@krol_valencia Misconfigured Cloud Resources 16

@krol_valencia 17 Static Code Analysis for Infrastructure as Code

@krol_valencia 18 Salesforce/policy_sentry cloudsplaining Least Privilege Using Infrastructure as Code

@krol_valencia CIS Benchmark OS - Configuration - Updates - Filesystem integrity - Boot settings Docker docker/docker- bench-security Kubernetes aquasecurity/kub e-bench aquasecurity/kub e-hunter 19

@krol_valencia CASB, CSPM, CWPP emerge as future of cloud security 20 https://searchcloudsecurity.techtarget.com/feature/CASB-CSPM-CWPP-emerge-as-future-of-cloud- security

“ @krol_valencia There is synergy in combining CWPP and CSPM capabilities. 21 www.gartner.com

@krol_valencia There is synergy in combining CWPP and CSPM capabilities… that scans workloads and configurations in development and protect workloads and configurations at runtime CSPM DevSecOps CWPP 22 2020 Market Guide for CWPP, Apr. 2020, by Neil MacDonald and Tom Croll

“ @krol_valencia CWPPs should provide consistent visibility and control for physical machines, virtual machines (VMs), containers and serverless workloads, regardless of location. 23 Gartner, Market Guide for Cloud Workload Protection Platforms, Published 14 April 2020

@krol_valencia 24

@krol_valencia 25 https://github.com/aquasecurity/cloudsploit Cloud Secure Posture Management

@krol_valencia Resources - https://docs.microsoft.com/en-us/azure/cloud- adoption-framework/ - https://blog.aquasec.com/docker-1.11-and-cis- benchmark-whats-new-in-security - https://blog.aquasec.com/cloud-workload- protection-cwpp-vm-security - https://searchcloudsecurity.techtarget.com/featu re/CASB-CSPM-CWPP-emerge-as-future-of- cloud-security 27

@krol_valencia Obrigada! Perguntas? 28 in/carolgv krol3 @krol_valencia