QualysGuard InfoDay 2014 - QualysGuard Continuous Monitoring
-
Upload
risk-analysis-consultants-sro -
Category
Internet
-
view
201 -
download
2
Transcript of QualysGuard InfoDay 2014 - QualysGuard Continuous Monitoring
Corey Bodzin VP of Product Management -‐ Network Threat Intelligence
QualysGuard Con2nuous Monitoring
The QualysGuard Pla>orm
2 *In Beta
Vulnerability Management
Policy Compliance
Customizable Questionnaires
PCI DSS
Web Application Scanning
Malware Detection
Web Application Firewall
Web Application Log Analysis
Continuous Monitoring
* * *
Asset Management
VMVMAMAMCMCM PCIPCI PCPC QSQS MDSMDS LMLMWASWAS WAFWAF* *
Rapid EvoluEon of Corporate Networks and of the Threat Landscape
Our Challenge… Build Security Into this New Infrastructure
and Make it Invisible
Corporate Networks
Private Clouds
Internet
SaaS
PaaS/IaaS
Attack Kits
Targeted Attacks Social
Networking
Zero Days
Mobile Threats
Phishing
QualysGuard
Changes ResulEng from this EvoluEon
Your perimeter is your business Walmart UK eCommerce Grew 18% in 20131 Global eCommerce grew from $10B to $13B in 2013
The Internet is a dangerous place to do business $11.5M avg. annualized organizaEonal cost, up 26% from 20122 £27B annual cost to the UK economy in 2011
BeAer monitoring reduces the risk and cost OrganizaEons efficient at detecEon saved nearly $4 million per year3
4
1 – internetRetailer, 2 – InfoSec InsEtute, 3 – Ponemon InsEtute
What is Needed to Drive Security?
5
Your security team should have tools at least as good as your aAackers.
Con2nuous Assessment
Comprehensive Analysis
Timely Ac2on
TradiEonal Approach .. § Periodic Scanning
§ Review and act based on staEc reports
§ Sort/prioriEze through heaps of data
Then wait unEl the next Eme you scan and repeat the enEre process again and again – simply doesn’t Scale
Leaving plenty of Eme for hackers ...
1. Scan 2. Report
3. Repeat
7
1+ Billion Scans Per Year
Installed Sohware
VulnerabiliEes
Open Ports
SSL CerEficates
far more than just vulnerability data.
Web App Bugs
Malware
Compliance and ConfiguraEon
Web ApplicaEon Firewall Events
Qualys ConEnuous Perimeter Monitoring
8
How ConEnuous Monitoring Works
Leverage Exis2ng Scans Nothing new required – just scan as normal Leverage Qualys’ global cloud infrastructure scale as needed
Define Your Needs Whitelists and blacklists of ports, OSes, cerEficate providers, etc. Important changes – new hosts added, cerEficates nearing expiraEon, etc.
Inform Via Alerts Distribute email alerts to any users or systems that need to know Alerts sent as ohen as every 5 minutes or grouped every day/week
9
Configure Assets to Monitor
10
Determine Baselines and ViolaEons
11
Alert Analysts, Admins, and Stakeholders
12
ConEnuously Monitor AcEvity
13
Why is ConEnuous Monitoring Unique?
Truly Con2nuous Monitoring Scan as ohen as needed with only a browser required No addiEonal costs for taps, span ports, or addiEonal infrastructure
Automated Analysis Define how your business works; the system with then find vulnerabiliEes, misconfiguraEons, and process problems automaEcally.
Alerts Drive Ac2on Timely and targeted alerts to ensure you’re informed and protected
14
What Makes Qualys Unique
15
Cloud Based Architecture
Easy to Use – Easy to Deploy
High Accuracy – No Hidden Costs
Large and Growing Community
New Services in the Making
A highly scalable Pla>orm that allows Qualys to maintain significant investments in infrastructure and engineering, delivering lower TCO and the best customer sa2sfac2on
Thank You