Welcome!

Silverlight Authors: Automic Blog, Michael Kopp, AppDynamics Blog, Kaazing Blog, Steven Mandel

Related Topics: @CloudExpo, Cloud Security, SDN Journal

@CloudExpo: Article

Hybrid Cloud Security: Part 3 | @CloudExpo #SDN #API #SaaS #Cybersecurity

A new approach to threat detection in the cloud

In the first article of this three-part series on hybrid cloud security, we discussed the Shared Responsibility Model, and examined how the most common attack strategies persist, are amplified, or are mitigated as assets move from data centers to the cloud. In part two, we talked about the unique security challenges that are introduced by public cloud environments. In this third and final installment, we'll review why it's essential to approach hybrid cloud security with different methods, tools and best practices than those used in the data center.

Bridging the Silo Between On-Premises and Cloud Environments
For today's resource-constrained IT teams, the explosion of public cloud services has only increased the complexity of securing critical infrastructure. Until recently, it has been a challenge for IT professionals to find security tools that are specifically designed to monitor threats inside cloud environments. As discussed in part two of this series, the reason for this is that many so-called cloud security monitoring tools are, in reality, just retrofits of legacy on-premises security products. They can monitor servers running in the cloud, but they don't really "know" that they're in the cloud. Thus, they're not able to monitor those elements of cloud environments that didn't exist in traditional data centers.

To circumvent this challenge, many companies end up deciding to maintain two separate, siloed security monitoring solutions - one for their public cloud environment and the other for their on-premises infrastructure. This approach is fraught with extra costs, complexity and potential security blind spots.

Fortunately, IT professionals now have a third option - centralizing public cloud, private cloud, virtual and physical on-premises security monitoring via a single, cloud-based, SaaS security solution that is built from the ground up. Cloud-native security monitoring tools take full advantage of cloud architectures, services and APIs in ways that legacy solutions cannot. Additionally, because companies have a single pane of glass to monitor all critical infrastructure, security blind spots are eliminated.

The price is right as well. It's a well-known fact that most applications are more cost-effective for the end user when they are delivered as SaaS solutions, and the same holds true for security products. With the SaaS delivery model, security vendors can build monitoring solutions that are faster to deploy, easier to use and offered at a lower cost - all while delivering the same security essentials required to tackle today's rapidly evolving threats. IT teams can start detecting these threats sooner and at a significantly lower total cost of ownership, and concerns about system upgrades, uptime, scalability and the security of the system itself are eliminated. In summary, centralizing security monitoring with a SaaS solution enables companies to effectively reduce the cost, time, effort and complexity of managing their security posture across multiple IT environments.

Hybrid Cloud Security Best Practices
When it comes to hybrid cloud security, it's not enough to simply change your approach and select different tools for the job; organizational best practices must also evolve. Here are three important ones that you should work toward:

1. Develop Strong Identity and Access Management (IAM) Practices
In part two of this series, we looked at how mismanaging cloud credentials can be a detrimental and expensive mistake. Your cloud security strategy must be built on a solid foundation of IAM practices, which should include both using cloud provider IAM services as well as establishing organizational policies around them. Here are a few tips to keep top of mind:

  • Establish IAM guidelines and policies as well as a routine to ensure that your IAM services are continually configured and working appropriately.
  • Streamline IAM with cloud provider services (e.g., Microsoft Azure AD Connect, Azure AD Federated Services, Amazon Web Services (AWS) Directory Service and AWS AD Connector) that either synchronize, consolidate or federate cloud identity management with your on-premises directory. This can not only reduce administrative overhead, but also decrease the likelihood of mistakes and security breaches.
  • Define IAM groups based on the principle of least privilege (i.e., give users the absolute minimum level of access they need to do their jobs) and regularly review access rights to ensure that the controls in place are still appropriate for users.
  • Remember that IAM is not a "set it and forget it" configuration. Rather, it's important to constantly monitor your hybrid cloud environment for suspicious root account logins, changes in security policies and privileges, and other anomalous account activities.
  • Enable a cloud-native SIEM solution to collect and analyze your cloud access logs and API calls, so you can identify compromised account credentials sooner to prevent or mitigate the damage of a cloud breach.

2. Know What Security Data to Look for in the Cloud and Where to Find It
Cybercriminals use many of the same methods in cloud-based attacks as they do in on-premises attacks, but a new approach is needed to help organizations recognize threats in the cloud and to know where to look for them. Specifically:

  • Log collection in the cloud - To detect threats in your public cloud environments, you first need to know what log data sources are available to you as well as which may be "interesting" or useful from a security standpoint. For example, it is important to identify which users are accessing cloud resources and workloads, where and when they are signing in, what resources are being spun up or down, and if anyone has altered security groups or IAM roles. From there, you must also be able to collect and send the log data to a SIEM solution for correlation and security analysis.
  • Intrusion detection in the cloud - Cloud log management is only one prerequisite for complete hybrid cloud security. After you've gathered your log data, you still need to be able to perform cloud intrusion detection. This will help you correlate and analyze your cloud log data within the context of the latest threat intelligence, enabling you to identify intrusions in your cloud environment. This requires a SIEM that's built to natively perform cloud intrusion detection.

3. Take a Unified Approach 
Traditionally, security operations centers have weaved together multiple point security solutions for asset management, vulnerability scanning, intrusion detection, SIEM and event correlation, behavioral monitoring, and log management within their on-premises networks. However, this approach typically requires an extensive amount of integration, fine-tuning and management to create a single source of threat detection and incident response. Re-creating this type of system in hybrid cloud environments often proves to be too cumbersome and error-prone for most IT teams.

Today, there are security solutions available that replace this piecemeal strategy with a tremendously simplified approach that brings together multiple essential security capabilities into a unified platform. These solutions can typically be launched quickly, cost-effectively and without complex integration requirements - greatly reducing the amount of resources needed (e.g., time, budget, staffing) to monitor security postures across cloud and on-premises infrastructures.

Mastering Cloud Security
Regardless of the environment - cloud or on-premises - the goal of threat detection remains the same: to prevent data loss, financial loss and business disruption. Yet, as environments and infrastructures change, so too must your approach to security, as well as the tools and best practices you utilize.

From recognizing how common attack strategies change in the cloud, to identifying unique challenges introduced by public cloud environments, to knowing the most effective security approaches, tools and strategies to use, I hope this three-part series has provided guidance and insight that will help you along on your journey toward mastering hybrid cloud security.

The World's Largest "Cloud Digital Transformation" Event

@CloudExpo / @ThingsExpo 2017 New York 
(June 6-8, 2017, Javits Center, Manhattan)

@CloudExpo / @ThingsExpo 2017 Silicon Valley
(Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA)

Full Conference Registration Gold Pass and Exhibit Hall ▸ Here

Register For @CloudExpo ▸ Here via EventBrite

Register For @ThingsExpo ▸ Here via EventBrite

Register For @DevOpsSummit ▸ Here via EventBrite

Sponsorship Opportunities

Sponsors of Cloud Expo @ThingsExpo will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35 minute technical session
  • Online targeted advertising in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage
  • Unprecedented Marketing Coverage: Editorial Coverage on ITweetup to over 100,000 plus followers, press releases sent on major wire services to over 500 industry analysts

For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez (@GonzalezCarmen) today by email at events (at) sys-con.com, or by phone 201 802-3021.

Secrets of Sponsors and Exhibitors ▸ Here
Secrets of Cloud Expo Speakers ▸ Here

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo@ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.

Track 1. FinTech
Track 2. Enterprise Cloud | Digital Transformation
Track 3. DevOps, Containers & Microservices 
Track 4. Big Data | Analytics
Track 5. Industrial IoT
Track 6. IoT Dev & Deploy | Mobility
Track 7. APIs | Cloud Security
Track 8. AI | ML | DL | Cognitive Computing

Delegates to Cloud Expo @ThingsExpo will be able to attend 8 simultaneous, information-packed education tracks.

There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.

Join Cloud Expo @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA for three days of intense Enterprise Cloud and 'Digital Transformation' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and (IIoT) Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) Digital Transformation in Vertical Markets.

Financial Technology - or FinTech - Is Now Part of the @CloudExpo Program!

Accordingly, attendees at the upcoming 20th Cloud Expo @ThingsExpo June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA will find fresh new content in a new track called FinTech, which will incorporate machine learning, artificial intelligence, deep learning, and blockchain into one track.

Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.

FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.

More than US$20 billion in venture capital is being invested in FinTech this year. @CloudExpo is pleased to bring you the latest FinTech developments as an integral part of our program, starting at the 20th International Cloud Expo June 6-8, 2017 in New York City and October 31 - November 2, 2017 in Silicon Valley.

@CloudExpo is accepting submissions for this new track, so please visit www.CloudComputingExpo.com for the latest information.

Speaking Opportunities

The upcoming 20th International @CloudExpo@ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA announces that its Call For Papers for speaking opportunities is open.

Submit your speaking proposal today! ▸ Here

Our Top 100 Sponsors and the Leading "Digital Transformation" Companies

(ISC)2, 24Notion (Bronze Sponsor), 910Telecom, Accelertite (Gold Sponsor), Addteq, Adobe (Bronze Sponsor), Aeroybyte, Alert Logic, Anexia, AppNeta, Avere Systems, BMC Software (Silver Sponsor), Bsquare Corporation (Silver Sponsor), BZ Media (Media Sponsor), Catchpoint Systems (Silver Sponsor), CDS Global Cloud, Cemware, Chetu Inc., China Unicom, Cloud Raxak, CloudBerry (Media Sponsor), Cloudbric, Coalfire Systems, CollabNet, Inc. (Silver Sponsor), Column Technologies, Commvault (Bronze Sponsor), Connect2.me, ContentMX (Bronze Sponsor), CrowdReviews (Media Sponsor) CyberTrend (Media Sponsor), DataCenterDynamics (Media Sponsor), Delaplex, DICE (Bronze Sponsor), EastBanc Technologies, eCube Systems, Embotics, Enzu Inc., Ericsson (Gold Sponsor), FalconStor, Formation Data Systems, Fusion, Hanu Software, HGST, Inc. (Bronze Sponsor), Hitrons Solutions, IBM BlueBox, IBM Bluemix, IBM Cloud (Platinum Sponsor), IBM Cloud Data Services/Cloudant (Platinum Sponsor), IBM DevOps (Platinum Sponsor), iDevices, Industrial Internet of Things Consortium (Association Sponsor), Impinger Technologies, Interface Masters, Intel (Keynote Sponsor), Interoute (Bronze Sponsor), IQP Corporation, Isomorphic Software, Japan IoT Consortium, Kintone Corporation (Bronze Sponsor), LeaseWeb USA, LinearHub, MangoApps, MathFreeOn, Men & Mice, MobiDev, New Relic, Inc. (Bronze Sponsor), New York Times, Niagara Networks, Numerex, NVIDIA Corporation (AI Session Sponsor), Object Management Group (Association Sponsor), On The Avenue Marketing, Oracle MySQL, Peak10, Inc., Penta Security, Plasma Corporation, Pulzze Systems, Pythian (Bronze Sponsor), Cosmos, RackN, ReadyTalk (Silver Sponsor), Roma Software, Roundee.io, Secure Channels Inc., SD Times (Media Sponsor), SoftLayer (Platinum Sponsor), SoftNet Solutions, Solinea Inc., SpeedyCloud, SSLGURU LLC, StarNet, Stratoscale, Streamliner, SuperAdmins, TechTarget (Media Sponsor), TelecomReseller (Media Sponsor), Tintri (Welcome Reception Sponsor), TMCnet (Media Sponsor), Transparent Cloud Computing Consortium, Veeam, Venafi, Violin Memory, VAI Software, Zerto

About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).

Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.

More Stories By Jim Hansen

Jim Hansen is vice president of product marketing overseeing all of AlienVault's product development initiatives. He is responsible for providing strategic and tactical direction for the AlienVault Unified Security Management (USM) and Open Threat Exchange (OTX) product lines, as well as introducing new products into the marketplace.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to great conferences, helping you discover new conferences and increase your return on investment.
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.