1 / 12

Securing Cloud Applications with Stingray Application Firewa

Download the Whitepaper from www.riverbed.com/stingray-appsecAn increasing number of enterprises are now adopting the Cloud technologies that help them to conduct data exchanges and customer transactions faster than ever before. But, with the growth they face a host of challenges like protecting IT security, application security that threaten to extract sensitive data which could lead to serious repercussions like monetary loss, penalty etc.Read this presentation to learn how distributed web applications firewall, purpose-built for Cloud security is required to protect critical web applications.

Riverbed_Technology
Télécharger la présentation

Securing Cloud Applications with Stingray Application Firewa

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Cloud Applications witha Distributed Web Application Firewall • www.riverbed.com • ©2013 Riverbed Technology

  2. Primary Target of Attack Shifting from Networks and Infrastructure to Applications APPLICATIONS INFRASTRUCTURE NETWORKS ©2013 Riverbed Technology | www.riverbed.com

  3. Cloud Applications Are Exposed to New Threats Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud Vulnerabilities exposed when applicationsdesigned for in-house data centers migrate to the cloud ©2013 Riverbed Technology | www.riverbed.com

  4. There is a Real Cost of Not Securing Applications Global headlines. Real business impact. $10,000,000 fined for security breach $94,000,000 in remediation costs 3 Months offline 40,000,000+ credit card details lost 500,000 replacement credit cards issued ©2013 Riverbed Technology | www.riverbed.com

  5. Beyond $$: Other Business Drivers for Application Security Regulatory Pressures PCI DSS, HIPAA, etc. Data Privacy Act Compliance Best Practices Revenue & Reputation Security Governance Cross-business collaboration Delegation of responsibility Understand changing risk profiles of your application Due Diligence Opportunity cost of remediation Brand and reputation damage Loss of income ©2013 Riverbed Technology | www.riverbed.com

  6. Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Cross-site request forgery (CSRF) Authentication and session attacks Malicious requests (e.g. SQL-injection) URL manipulation Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities,see OWASP Top Ten Projects at https://www.owasp.org/ ©2013 Riverbed Technology | www.riverbed.com

  7. Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAFOne WAF per deployment • Increasedcapital costs • Decreased provisioning agility in a dynamic, virtualized environment • Increased management costs without levels of delegation for administration ©2013 Riverbed Technology | www.riverbed.com

  8. REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security

  9. The Web Application Firewall Must be Massively Scalable & Portable • Across CPU, computer, server rack and data center boundaries Private Public Across multiple applications at a time (e.g. cloud bursting) Across private, hybrid or public clouds, and small or large traditional data centers Available as virtual appliance and a plug-in Start small, but allow scale up without changes to security solution Data Center Local Machine ©2013 Riverbed Technology | www.riverbed.com

  10. Flexible, Portable Across Platforms Fits into existing infrastructures and processes Can live in a wide variety of components effectively Available as virtual appliance and a plug-in Mixes traditional and virtual technologies ©2013 Riverbed Technology | www.riverbed.com

  11. Distributed and Delegated Management Private Public 1 2 3 4 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Proactive Monitoring – tuned for each application Multi administrator privileges to handle diverse security policy schemes Fits into any – existing or planned – application delivery infrastructure. ©2013 Riverbed Technology | www.riverbed.com

  12. Securing Cloud Applications with a Distributed Web Application Firewall Download the Complete Whitepaper from www.riverbed.com/stingray-appsec Follow Us : • www.riverbed.com©2013 • ©2013 Riverbed Technology

More Related