Post on 18-Aug-2015
©2015 evident.io I confidential I evident.io2
Introductions
AWS/Security Initiatives. Why Evident.io ?
About Evident.io
Agenda
1
2
3
©2015 evident.io I confidential I evident.io3
Founded: 2013HQ: Dublin, CAEmployees: 30
Evident.io is the pioneer and leader in security and complianceautomation for public cloud.
Investors Partners Industry Alliances
Our DNA
ADVANCED TECHNOLOGY PARTNER
Patent Pending: ESP is a patent pending technology
About Evident.io
©2015 evident.io I confidential I evident.io4
Evident Security Platform for AWS The Evident Security Platform (ESP), helps organizations of all sizes proactively manage security risk and compliance of their entire AWS infrastructure.
Risk Analytics & Threat VisibilityContinuous monitoring and risk-based threat analysis of all AWS Accounts, Services, and Regions.Guided Incident ResponseRapid response and remediation of security incidents detected by ESP.
Continuous ComplianceAdaptively manage compliance and automate Policyenforcement across the entire AWS infrastructure.
©2015 evident.io I confidential I evident.io5
ESP Benefits
!Security Risk
VisibilityContinuous risk-
based visibility of the security and
compliance posture of your entire AWS
cloud.
Rapid Remediation
Simplifies and accelerates response
and remediation
Enables devs to remediate issues at
the source
Continuous Compliance
Enables continuous enforcement of
security and compliance policies
Audit ready reports reduce prep time from
days or weeks to minutes
Scales withYour Cloud
Automatically detects new accounts,
services, regions, and resources enabling
secure and compliant growth of your
business and cloud
©2015 evident.io I confidential I evident.io6
Evident.io Advantages
Full AWS Coverage
Covers all AWS services, accounts,
and regions
Provides full visibility into your AWS cloud
infrastructure.
Agent-less and Proxy-less DesignNo hardware, software,
agents, or proxies
Deployed to even the largest AWS clouds in
minutes.
No performance overhead or in-line point of failure.
Cloud Security Experts
Built by leading cloud security experts who
have secured the leading cloud providers like
Adobe and Netflix.
Extensible And Open
Easy integration with 3rd party systems via
open RESTful API
Native integrations for leading solutions like
Pagerduty, Splunk, and HipChat.
.
AWS
©2015 evident.io I confidential I evident.io7
ESP Architecture
APIs
Dashboards, Reports, Alerts
Threat Detection
Guided Remediati
onCustom
Apps Policy
Enforcement
Audit & Complianc
e
Serv
ices
SD
K -
API
RES
Tfu
l A
PI
3rd P
art
y
Inte
gra
tions
RDS
Direct Connect DynamoDB
S3
Glacier
VPC
EC2 RedShift
Route53
CloudFront ELB
SES SNS
Elasticache
IAM
EvidentSecurity Platform
Continuous Monitoring
Big DataAnalytics
Role-basedAccess Control
CustomSignatures
Apps
All 43 AWS Services!
AWS Control Plane
©2015 evident.io I confidential I evident.io8
Public Cloud Security – What’s the Big Deal?
At no other point in the history of computing have we seen the ability to create and destroy the equivalent of an entire datacenter instantly or programmatically.
–Adrian SanabriaSenior Analyst451 Research
“
”
©2015 evident.io I confidential I evident.io9
How is the Cloud Different?
9
Data Center Cloud
Computing Model
Ownership
Hardware
Architecture
Management
Security Responsibility
Auditing – Compliance
Centralized
IT Dept.
Slow – Static
Servers – Agents
Physical – Manual
100% Company
Annual – Quarterly
Distributed
Engineers / DevOps
Elastic – On Demand
Services – APIs
API – Programmatic
Shared with Provider
Continuous
©2015 evident.io I confidential I evident.io10
Why Legacy Security Fails in the Cloud
Can’t keep up with changes
to Infrastructure
Manual, slow, and
unadaptive to dynamic
environments
Immediately out-of-date in high-velocityand DevOps
environments
Insiders can cause more harm faster so threats must be
detected in the console and at the API level
Legacy solutions too
slow and manual for
agile continuous deployment
environments
Hosts, instances, and VMs
becoming a smaller part
as IaaS services expand
Vulnerability Scans
Risk Assessme
nts
InsiderThreats
Audit &Complianc
eServersPenetratio
n Tests
©2015 evident.io I confidential I evident.io11
DevOps and IT Sec – Diverging Needs
IT Sec
• Governance• Process• Auditability • Compliance• Risk Management
• Speed• Agility • Automation• Rapid Iteration • Continuous
Deployment
DevOps
Endless Possibilities:DevOps can create an infinite loop of release
and feedback
©2015 evident.io I confidential I evident.io12
ESP Features
Security AutomationAutomated detection of
security, policy, and compliance violations for all
AWS accounts, services, and regions
Guided Incident ResponseDetailed step-by-step instructions for conducting rapid response and
remediation
Custom SignaturesCreate custom signatures to
enable enforcement of company specific policy and
compliance requirements
Audit & ComplianceDetailed logging of all security checks and
remediation simplifies the process of preparing compliance reports
Enterprise ManageabilitySupports SSO, MFA, SAML, and
Active Directory via LDAP.
RBAC and hierarchical role-based views ensure separation of duties.
Flexible Deployment SaaS or AMI-based appliance for on-premise deployment.
©2015 evident.io I confidential I evident.io13
Now DevOps and Security Can Play Nicely
Agility, Security and ComplianceEveryone wins
DevOps can deliver as fast as they needSecurity intelligence at the same pace (or faster) than change is happening to cloud infrastructure
IT Security now operating proactivelyEng/Ops/DevOps iterate security events as if they were code bugs
The same, consistent, security and compliancestandards enforced organization wide
©2015 evident.io I confidential I evident.io14
ESP gave us the capability to rapidly assess our security posture across our entire cloud footprint, all in a single pane of glass.
The Evident Security Platform deployed seamlessly in minutes,
providing us critical insights into our AWS security risks and vulnerabilities in near real-time.Evident.io provides InfoSec News the tools needed to secure ourAmazon infrastructure so we can report news, and not become news.We were flying blind without ESP - we had no idea how effectively our teams were using and implementing security across our large AWS infrastructure.
Large Media
Company
What Customers Are Saying…
“”“”
“ ”“”