Sicherheitskontrollen stärken und den Betrieb der Cloud vereinfachen

Michael Claaßen, Advisory Technology ConsultantTrend Micro

29.10.2015

© 2015, Trend Micro Inc.

Today’s Topics

Strategy

Tactics

© 2015, Trend Micro Inc.

* http://aws.amazon.com/about-aws/

About Trend Micro

Trend Micro on AWS

IR in the Cloud

Auditing Support

Agenda

© 2015, Trend Micro Inc.

100% of the top 10 automotive

companies.

96% of the top 50 global

corporations.

100% of the top 10 telecom

companies.

80% of the top10 banks.

90% of the top10 oil companies.

Global Threat Intelligence- 1,200+ experts worldwide

New malware every ½ secondCEO

FoundedHeadquarters

EmployeesOffices

2013 Sales

Eva Chen1988, United States

Tokyo, Japan5,217

36$1.1B USD

A world safe for exchanging digital information

© 2015, Trend Micro Inc.

63%

Trend Micro on AWS

15+

20 million

© 2015, Trend Micro Inc.

4 pillars of practice

Incident Response

Monitoring

Forensics

Audit

© 2015, Trend Micro Inc.

Foundation Services

Compute Storage Database Networking

AWS Global Infrastructure

Regions

Availability Zones

Edge Locations

Client-side Data Encryption

Server-side Data Encryption

Network Traffic Protection

Platform, Applications, Identity & Access Management

Operating System, Network & Firewall Configuration

Customer contentC

ust

om

ers

Shared Responsibility Model

© 2015, Trend Micro Inc.

About Trend Micro

Trend Micro on AWS

IR in the Cloud

Auditing Support

Agenda

© 2015, Trend Micro Inc.

Preparation

Identification

Containment

Eradication

Recovery

Lessons Learned

SANS incident response process

© 2015, Trend Micro Inc.

SANS incident response process

© 2015, Trend Micro Inc.

Quickly identify affected area

Minimize impact

Recover quickly

Business point of view

© 2015, Trend Micro Inc.

Server

Analyze Repair Improve

Replacement

Incident response before

© 2015, Trend Micro Inc.

Instance

Analyze Repair Improve

Replacement

Incident response after

© 2015, Trend Micro Inc.

© 2015, Trend Micro Inc.

Optimized response

© 2015, Trend Micro Inc.

Instance

Script

Analyze

Improve

API

Replacement

Optimized response

© 2015, Trend Micro Inc.

Faster return to production

More time for analysis

Less error prone

Advantages

© 2015, Trend Micro Inc.

4 pillars of practice

Incident Response

Monitoring

Forensics

Audit

© 2015, Trend Micro Inc.

Encrypt data at rest (3.4.1)

Address new threats & vulnerabilities (6.6)

Log external facing services (10.2, 10.5.4)

Protect systems against malware (5.1)

*PCI has many, many, many more requirements. This is just a sample

Business point of view

© 2015, Trend Micro Inc.

Servers

Change

RecordStorage Logs

Firewall / IPS

Creating an audit trail before

© 2015, Trend Micro Inc.

Instances

Change

Record

Central

ManagementLogs

AWS Services

Creating an audit trail before

© 2015, Trend Micro Inc.

Security Trail

© 2015, Trend Micro Inc.

Thank you.

Learn more at

www.trendmicro.de/aws

aws@trendmicro.de