We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTristan Quance
Modified about 1 year ago
Copyright © 2013 Cloud Security Alliance
Copyright © 2013 Cloud Security Alliance Much focus on securing data and systems in the cloud. What about providing security services FROM the cloud? That is Security as a Service (SecaaS)! Provisioning elastic, scalable security solutions and services to both cloud based and traditional on premises systems in pure cloud or hybrid models.
Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance One of the many CSA branches of research Bringing together an international group of users, potential users, vendors and brokers of SecaaS solution. Research SecaaS – balanced and vendor neutral Define types / categories of service Produce architectural and implementation guidance Continue research – category and guidance updates, more detailed architectures etc.. Find us here; https://cloudsecurityalliance.org/research/secaas/ https://cloudsecurityalliance.org/research/secaas/
Copyright © 2013 Cloud Security Alliance Co-Chairs Kevin Fielder, Canada Life Cameron Smith, Pertino Subcommittee leadership IAM Leads – Ulrich Lang, Valmiki Mukherjee DLP Leads – Wendy Cohen, Atul Shah Web Security Leads – Aradhna Chetal, Kapil Raina Security Lead – Mark Hahn Security Assessments Leads – John Hearton, Wolfgang Kandek Intrusion Management Lead – Tim Owen SIEM Lead – Jens Laundrup Encryption Lead – Vadim Saratovtsev, Geoff Webb, BCDR Lead – Kevin Fielder Network Security Lead – Ken Owens
Copyright © 2013 Cloud Security Alliance Born early 2011 Agreed structure and leadership Agreed 1 st deliverable Defined categories (very high level) Split into categories with leads for each Created white paper ‘Defined Categories of Service 2011’ Breath! Early 2012 agreed on guidance as next output and unified format October 2012 – Produced guidance documents for all categories Breath again!
Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance SecaaS Implementation Guidance Ten category documents Requirements addressed Implementations considerations and concerns Implementation architecture and guidance References and useful links All guidance papers can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads
Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance Implementation Guidance v2.0 Template Review Content Review Development of New Categories Broader Guidance Architectures Improve integration with wide CSA research Incident Management and Forensics Working Group Service Level Agreements Working Group
Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance Defined Categories of Service (DCS) v Review of 10 current categories of security as a service; Category 1: Identity and Access Management Category 2: Data Loss Prevention Category 3: Web Security Category 4: Security Category 5: Security Assessments Category 6: Intrusion Management Category 7: Security Information and Event Management (SIEM) Category 8: Encryption Category 9: Business Continuity and Disaster Recovery Category 10: Network Security The white paper can be downloaded from the CSA website; https://cloudsecurityalliance.org/research/secaas/#_downloads
Copyright © 2013 Cloud Security Alliance Template Review Description Class, Core Functionalities, Optional Features Services Includes, Related Services, Related Technologies and Standards, Service Model, CSA Domains Threats Addressed/Benefits Challenges Reference Examples, References
Copyright © 2013 Cloud Security Alliance Continuous Monitoring as a Service Other additional categories to consider?
Copyright © 2013 Cloud Security Alliance Update existing documents v1.1 / v2 rolling releases Review categories, guidance template, content Links to other research Carriers, SLA, Forensics … Combined Guidance Broader overarching architecture examples Role-specific Guidance
Copyright © 2013 Cloud Security Alliance New Monthly Call Format – Education + Communication Increase use of Base Camp for ongoing communication ‘CSA Cloud Bytes’ series propose ideas here: https://cloudsecurityalliance.org/research/cloud- bytes/#_proposalshttps://cloudsecurityalliance.org/research/cloud- bytes/#_proposals Identify the Next Big Thing … Update categories, revise guidance Link to other areas of research Increase depth of guidance for role-specific points of view
Copyright © 2013 Cloud Security Alliance “Educational webinar series for CSA working groups” https://cloudsecurityalliance.org/research/cloud-bytes/
Copyright © 2013 Cloud Security Alliance Copyright © 2012 Cloud Security Alliance CSA Cloud Bytes: SecaaS Implementation Series Introduction to the SecaaS Category Implementation Guidance Working Group process How to improve, how to get involved
Copyright © 2013 Cloud Security Alliance
Copyright © 2013 Cloud Security Alliance Big thank you to all contributors! Category Leads Group members Technical writers CSA support Now is a great time to volunteer – Get involved! Help define the next steps and future of the group here: https://cloudsecurityalliance.org/research/secaas/#_get-involved https://cloudsecurityalliance.org/research/secaas/#_get-involved
Copyright © 2013 Cloud Security Alliance For more info about CSA Cloud Bytes: SecaaS Implementation Series https://cloudsecurityalliance.org/secaas/ (through 10/29/2012) Help Us Secure Cloud Computing LinkedIn:
© Cloud Security Alliance, 2015 March 2, Agenda © Cloud Security Alliance, 2015 The SecaaS Working Group Recent Activity Charter Category outline/templates.
Cloud Security Alliance Overview and Organizational Plans Jim Reavis, Co-founder & Executive Director August 5, 2009.
Copyright © 2011 Cloud Security Alliance Keynote.
Actualog Social PIM Helps Companies to Manage and Share Product Information Using Secure, Scalable Ease of Microsoft Azure MICROSOFT AZURE ISV PROFILE:
SERVICE-LEVEL AGREEEMENT By Patrick Mayaki. DEFINITION A Service-level agreement (SLA) is a document that describes the level of service expected by a.
© Cloud Security Alliance, 2016 Brian Russell, Leidos Co-Chair, IoT WG 2 March 2016.
Cloud Security Challenges Today and Tomorrow NameTitle February 2011.
Copyright © 2011 Cloud Security Alliance Cloud Security Alliance Research & Roadmap Jim Reavis, Executive Director, CSA.
Cloud Security Alliance Research & Roadmap Jim Reavis Executive Director June 2011.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.
©2015 SAP SE. All rights reserved.1Confidential Innovation Use Case Confidential.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Cloud Security Alliance Research & Roadmap Jim Reavis Executive Director August 2011.
Top Threats WG Co-Chair Jon-Michael Brook. Agenda About our Top Threats Polling the industry Call for participation Categorizing our Top Threats.
1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.
CREATING THE ENTERPRISE SOCIAL MEDIA GAME PLAN September 2013.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
Copyright © 2014 Cloud Security Alliance Security Certification for Cloud Services : The CSA STAR Certification Daniele Catteddu,
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
Microsoft ® Exchange Online— Evaluating Software-plus-Services Infrastructure Planning and Design Published: November 2008 Updated: October 2010.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Interface to Network Security Functions Nov 2014 Linda Dunbar Myo Zarny
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Shelter Cluster Coordinating humanitarian shelter Update from the Global Shelter Cluster Shelter Centre meeting Geneva, 25 May 2012.
An Overview of the Features & Functions of EOP ASSIST 2.0 For School & School District Hosts and Their Stakeholders.
Copyright © 2012 Cloud Security Alliance Conference Announcements.
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Documentation NCRR Documentation for BioPSE/SCIRun and map3d All this great software and you want documentation too!?
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
AREVA T&D Security Focus Group - 09/14/091 Security Focus Group A Vendor & Customer Collaboration EMS Users Conference September 14, 2009 Rich White AREVA.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
WHAT OUR CUSTOMERS ARE SAYING “After thorough market research and a review process, Qorus Breeze Proposals stood out from the competitors because of its.
Pre-Release Information Aug 17, 2009 Trend Micro Web Gateway Security InterScan Web Security Virtual Appliance v5 Advanced Reporting and Management v1.
February, 2006 Open Repositories, Sydney, Australia Transition to a Broader Participation: Experience from the DSpace Project MacKenzie Smith MIT Libraries.
Adult HIV Outpatient PBR Tariff Development National Reference Group Meeting 21/05/10.
Copyright © 2011 Cloud Security Alliance Cloud Security Alliance Research & Roadmap Cloud Security Alliance Research & Roadmap.
Copyright © 2011 Cloud Security Alliance.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Cloud Computing and Standards - A Regulator’s View OASIS International Cloud Symposium 11 October 2011 Steven Johnston, CISSP Senior Security and Technology.
Cloud computing is a technological advancement that can be advantageous to credit unions because of potential benefits such as: cost reduction, flexibility,
Jim Reavis, Executive Director Cloud Security Alliance November 22, 2010 Developing a Baseline On Cloud Security.
Corent’s SurPaaS Transforms Your Software into Scalable SaaS on Windows Azure – in Days! COMPANY PROFILE: CORENT TECHNOLOGY INC. Corent’s SurPaaS is a.
TACTIC | Workflow: Project Management OSS on Microsoft Azure Helps Enterprises to Create Streamline, Manage, and Track Digital Content MICROSOFT AZURE.
Georgia Interoperability Network Training Project Overview Mark Hodges Georgia Tech Research Institute.
Report on the Need for a National Address Database National Geospatial Advisory Committee National Address Database Subcommittee NGAC Web Meeting December.
© 2017 SlidePlayer.com Inc. All rights reserved.