1 / 27

Reducing Cyber Exposure for the Modern Attack Surface

Reducing Cyber Exposure for the Modern Attack Surface. Alexander Crepas, Channel SE. Welcome. TOPICS. Today’s IT is creating a cyber exposure gap Who’s affected? Reducing the cyber exposure gap. Today’s IT is Creating a Cyber Exposure Gap. Digital Transformation is Accelerating

dunne
Télécharger la présentation

Reducing Cyber Exposure for the Modern Attack Surface

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Reducing Cyber Exposure for the Modern Attack Surface Alexander Crepas, Channel SE

  2. Welcome TOPICS • Today’s IT is creating a cyber exposure gap • Who’s affected? • Reducing the cyber exposure gap

  3. Today’s IT is Creating a Cyber Exposure Gap

  4. Digital Transformation is Accelerating • Every organization is transforming into an information organization • Putting pressure on every function to innovate and operate faster • “Bold, tightly integrated digital strategies will be the biggest differentiator between companies that win and companies that don’t.” • – McKinsey & Co.

  5. How Are You • Responding? • What is the organization’sdigital strategy? • How is Security enabling thatstrategy?

  6. Creating Massive Exposure for Every Organization IoT Cloud Container Laptop Server Desktop Virtual Machine Network Infrastructure Cloud Enterprise IoT Industrial IoT ICS / SCADA Web App Mobile IT

  7. Legacy Approaches Cannot Keep Pace • The result is aCyber Exposure gap

  8. Why? Discovering Short-Lived Assets is Hard Request Deploy Patch Retire

  9. Why? Assessing State of Cloud Environments is Hard Visibility 8% • ...companies that know the scope of shadow IT at their organizations, according to a survey by the Cloud Security Alliance Compliance • 48% • ...of organizations store some sensitive data, like employee records, in the cloud according to a SANS Security in the Cloud report Consistency • 31% • … of respondents in the same SANS report found poor configuration practices in place due to applications being spun up quickly

  10. Why? Maintaining Application Security is Hard Sources: • TechRepublic, “Report: 99.7% of web apps have at least one vulnerability,” June 20, 2017 • White Hat Security, “2017 Application Security Statistics Report,” July 2017

  11. Who’s Affected?

  12. New stakeholders and asset owners will impact an organization’s Cyber Exposure Container Cloud OT / IoT OT Manager, Engineer Line of Business DevOps OT assets are becoming an expansive attack surface Shadow IT and cloud assets are creating a huge blind spot DevOps velocity requires new security approaches

  13. Security teams need to provide strategic insight and manage risk across the organization • Reduce risk across a growing modern attack surface Security Director OT Manager, Engineer DevOps Line of Business • Increase SOC efficiency • Maintain regulatory compliance • Secure DevOps processes • Decrease costs to fix defects • Protect brand equity • Gain strategic decision support on risk

  14. Reduce the Cyber Exposure Gap

  15. The Operational Lifecycle DISCOVER Identify and map every asset across any environment. From here you can baseline the current and desired operational state. ASSESS With every change, automatically assess the current state against the baseline state of the environment, including misconfigurations, vulnerabilities and other key indicators of security health, such as out of date antivirus or high risk users. FIX Prioritize which exposures to fix first, if at all, and select the appropriate remediation technique, whether it’s a temporary security control or a complete fix. ANALYZE Add context to the asset’s exposure to prioritize remediation based on the asset’s business criticality and the severity of the vulnerability.

  16. Discover Every Asset container mobile virtual public cloud web app desktop laptop server

  17. Active Scanning + Additional Data Sensors Agent Scanning Endpoint Networks Active Scanning Intelligent Connectors Web Cloud Mobile Image Registry Continuous Monitoring Containers Virtual

  18. Assess the Current State, Including Misconfigurations • Various sources such as CIS, DISA, USGBC, and vendor supplied best practice guides • Examples: • https://www.cisecurity.org/benchmark/amazon_web_services/ • https://www.cisecurity.org/benchmark/docker/ • Educate other stakeholders • Review regularly

  19. Assessment extends beyond CVEs to include application vulnerabilities The OWASP Top 10 A1 A2 A3 A4 A5 XSS INJECTION (SQL, XXE & LDAP) BROKEN AUTH AND SESSION MANAGEMENT CROSS SITE SCRIPTING (XSS) BROKEN ACCESS CONTROL SECURITY MISCONFIGURATION A6 A7 A8 A9 A10 API CSRF SENSITIVE DATA EXPOSURE INSUFFICIENT ATTACK PROTECTION CROSS SITE REQUEST FORGERY COMPONENT VULNERABILITIES UNDERPROTECTED API

  20. Analyze to Prioritize Remediation Based on Context: Cloud Services Example • All cloud services are not created equal • Cloud data or sensitive data? • What data could be shared? Visible? • What’s interacting with the cloud service? What subnets is it connecting to? • Configuration issues?

  21. Prioritize What to Fix Why reduce cyber exposure? • Attack surface hardening • Asset inventory • Patch auditing

  22. Prevent vulnerabilities by fixing vulnerabilities prior to deployment Integrate security into the DevOps toolchain Identify and remediate vulnerabilities before they are exploitable Ensure all assets are secure and compliant before production

  23. Summary • Modern computing today is made up of both traditional and modern assets • Don’t let either increase your cyber exposure • Follow an operational security Discover – Assess – Analyze – Fix lifecycle

  24. Why Tenable • Technology Leadership • Creator of Nessus and relentless innovator advancing modern cybersecurity – from IT to cloud to IoT and OT • Singular Vision • #1 Vulnerability Management technology in the world, pioneering Cyber Exposure to help customers measure & reduce cybersecurity risk – from operations to the CXO • Customer Commitment Complete dedication to our customers’ success – every day, in all we do

  25. Tenable at a Glance • Founded in 2002 • Exploded with the widespread adoptionof Nessus and later, SecurityCenter • Released Tenable.io in 2017 to introduce the first cyber exposure platform and evolve vulnerability management • Relentless innovator:“Tenable has [massive] brand equity with Nessus, yet [is] one of the most forward-thinking companies in VM.” – Forrester, 2017 23,000+ Customers 1.6M Global Users 800+ Employees 50% 100% 80% Top 10 US Financial Institutions Fortune 500 Top 10 US Tech Companies

More Related