Application Protection Framework - ETDA · Embracing DevOps Cloud-native • Offering...

ApplicationProtectionFramework

Natthapon Thepchalerm (Por)Product Manager – Exclusive Networks

Lift & Shift• Enabling the move from

existing methodology and topology

• On-premises VMs move to AWS EC2 or Azure VMs

• IaaS

“Hybrid” Cloud Services• Supporting clients as they seek

agility & operational efficiencies• PaaS• RDS, Azure SQL• APIs, containers, micro services• Embracing DevOps

Cloud-native• Offering developer-focused

functionality• Automation-first• Self-service, low touch

We All Are Going

22

Situation At-A-Glance

1%

of organizations report

that they will not be

adopting cloud over

the next two years.

- eWEEK

13%

The mean number of

applications in use

today at an organization is

expected to increase over

13% the next two years.

- DATALINK

Situation At-A-Glance

18%

The number of

cyber attacks across the world

increased by 18% year

on year.

- SONICWALL

#1 Challenge

Keeping up with the volume

of security alerts.

- ESG Research

Most of your software isn’t yours

Operating Systems

Containers

Virtual Machines

Application Runtimes

Application Servers

Databases

Open Source Components

Methods Waterfall Agile DevOps

Architecture Monolithic Tiers Microservices

Servers Physical Virtual Containers

Infrastructure Datacenter Hosted Cloud

Software is getting more complex

Impact of Changing

Proprietary and confidential. Do not distribute.7

54%

of security alerts

are ignored1

21%

of cloud budgets

are spent on

hybrid technologies2

1/3of website visitors

are bad bots3

58%

of organizations

that use one cloud

provider plan to

expand to multiple

cloud platforms4

70%

of CISOs’ #1

concern in 2018:

Lack of competent

in-house staff5

Free up Time and Resources

Secure CriticalApplications

Act on Critical Insights

Manage Multiple Environments

Have SecurityConfidence

1. Security Operations Challenges, Priorities, and Strategies, ESG, 2017

2. Hybrid Cloud: Where the Mountains Touch the Clouds, Citi Research, 2018

3. Imperva Bot Traffic Report, 2017

4. Why It's a Mistake to Rely on Cloud Providers for All Data Protection, 2017

5. What CiSOs Worry About in 2018, Ponemon Institute, January 2018

8 Proprietary and confidential. Do not distribute.

Application Security: The Risk Compromise

Framework


AWS / Azure / GCP

Co-location / ISP

Own Data Center

Thai / Global / China

LocationTypeVisitor

Internal / External

Human / Robot

UI / API

New / Old Service

Traditional / DevOp

Linear / Spike

Staff

Depth / Utilities

Resource

10

Imperva Vision for Application Security

Where What How

Context-Aware, Centrally-Managed, API First

WAF, RASP, APIs, Anti-Bot

DDoS & Secure CDN

Actionable Insights

Leading Research Team

AI Layer with Actionable Insights

Network of Nano Security Sensorsby Imperva and 3rd party

As a Service,at the Edge

In the App

On-Premises

Imperva’s 3-Year Outlook

Connecting Apps with Data and User Behavior

Framework


AWS / Azure / GCP

Co-location / ISP

Own Data Center

Thai / Global / China

LocationTypeVisitor

Internal / External

Human / Robot

UI / API

New / Old Service

Traditional / DevOp

Linear / Spike

Staff Just Me

Depth / Utilities

Resource

Cloud Application Security + API Security + LB and GSLB

+ Analytics

Use Case 1

Thai website - Immediately Save Cost and Expanding Business.

AWS CloudFront data transfer rate/cost is very high compare to visitor number.

No promotion but spike.

Have promotion went down.

Auto scaling group is not allowed due to uncontrollable cost.

Complaint on social media.

Put a cloud web security in front of AWS.

20% from Thailand.

80% is bot.

Under DDoS attack.

Attack to /api/v2/query-page/

80% catchable by CDN.

Automate response if something wrong.

Via single real-time dashboard.


IMPERVA’S CLOUD SECURITY PLATFORM


BANGKOK

Use Case 1

80.4% is Bot traffic


Use Case 1

Threats to Website


Use Case 1


CPU 60% Saved!

Packet 10 times Saved!

Use Case 1

Save Bandwidth


From 30 GB/DayTo 1 GB/Day

On-Prem Hybrid Cloud

DATA APIs

APPs

Outside theOrganization

ExternalPartners

Customers

Contractors

Bad bots

Hackers

Inside theOrganization

Trusted

InternalPartners

Malicious

Careless

Compromised

App & Data Security

WAF (Cloud and On-

Prem)

RASP

CDN & LB

DDoS

Bot Protection

API Security

App & Data Security

WAF On-Prem

RASP

DAM/DBF

*API Security

Machine Learning & Analytics

Machine Learning& Analytics

SIEM

*Internal API Security is planned for 2020

Broad Security Defense

18

Streamline Application Security Framework

App Security + Delivery

- Cloud-WAF- DDoS- Bot Management - Secure CDN- Load Balancer- Analytics

EDGE

Advanced

WAF

- Industry Leading WAF

NETWORK

RASP + API SECURITY

- App Protect Itself- East-West Scale- Secure API

APPs/APIs

Data Security

and Compliance

- Relational DB- Big Data- Mainframe- Insider Threat- GDPR, SOX, PCI

DATA

19

The Best WAF, DDoS, BOT and RASPA

bili

ty to

Execute

Completeness of

Vision

RUUT Data Flow


Unleashing Visibility

Edge Application Data Insights

Human using device k5x1g9m34orunning MobileAppfrom 43.23.1.4which is a Tor exit node…

…logged in with user Cornelius ran ‘SELECT * from

customers_data’ and which returned 10m

records…

…Cornelius has never accessed this before, other users

normally access 100 records

…that are sensitive

business data and are PCI-regulated…

HTTP Headers SQL Queries Logs

Key Consider

Cloud First

On-prem still required

Quick

Automation

Ai + Machine Learning

Response

Micro-protection

Low-touch

Confident

3 years outlook

Vision and TCO

Investment


Thank You


Application Protection Framework - ETDA · Embracing DevOps Cloud-native • Offering...

Documents

Transcript of Application Protection Framework - ETDA · Embracing DevOps Cloud-native • Offering...