security trends and takewayas for .pdf
《security trends and takewayas for .pdf》由会员分享,可在线阅读,更多相关《security trends and takewayas for .pdf(43页珍藏版)》请在三一文库上搜索。
1、 2014 Gartner, Inc. and/or its affiliates. All rights reserved. While you are waiting for our webinar to begin, you might be interested in the downloads on the Attachment tab: Have a question for our analyst? Click the Question tab. Q global distribution of software Executed at: Operations Applied a
2、t: Programming and build Outside Threats Sample Vendors: Arxan, Fortify, PreEmptive Solutions 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Software-defined Data Centers Will Include Software-defined Security Hybrid Delivering: Agility/Speed Adaptability Accuracy Assurance Alignment
3、 Compute, Networking, Storage, and Security Become: Abstracted Instrumented Automated Orchestrated 2014 Gartner, Inc. and/or its affiliates. All rights reserved. The Scope of Data Access Governance Enterprise Content Management Document Management File Systems Identity Governance and Administration
4、Data Access Governance Applications Directories Unstructured Data Types Documents Audio Files Email Video Files Directories File Systems Log Systems 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Mobile Devices Pioneer Hardware-based Endpoint Security Hardware Pay App Mobile OS DRM A
5、pp Trusted Hardware Trusted API Trusted Kernel Trusted API Kernel Auth App Auth App Business App Sensitive Business App Personal App HW Keys NFC/ BLE Crypto Engine 2014 Gartner, Inc. and/or its affiliates. All rights reserved. 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Top Trends
6、 and Take-aways Monitoring, Defense, Testing and Intelligence 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Five Styles of Advanced Threat Defense Real Time/ Near Real Time Post Compromise (Days/Weeks) Network Payload Endpoint Payload Analysis Style 3 Style 2 Network Forensics Netwo
7、rk Traffic Analysis Style 1 Endpoint Behavior Analysis Style 4 Endpoint Forensics Style 5 Time Where to Look 2014 Gartner, Inc. and/or its affiliates. All rights reserved. User Activity and Resource Access Monitoring Targeted Attack Detection Perfect defenses are not achievable better detection is a
8、lso required Find and fix vulnerabilities Shield vulnerable applications Network defenses Shield vulnerable systems Steal data Compromise accounts Target user Install malware Surveillance Steal users credentials Compromise servers Compromise applications Targeted Attacks Monitoring 2014 Gartner, Inc
9、. and/or its affiliates. All rights reserved. Network Segmentation Fundamentals Secure Web Gateway Endpoint Protection Firewall/IPS Defending Against Targeted Attacks Change Control Vulnerability Management Incident Response Process Advanced Technology NAC Mobile Device Security App White/Black List
10、ing SIEM Next-generation Firewall Privilege Management “Lean Forward“ Endpoint Threat Detection/Response Payload Analysis Network Traffic Analysis Higher Trust User Authentication Net/Computer Forensics 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Seven Dimensions of Context-aware
11、Security 7. Alert Management Endpoint Layer 1 Navigation and Network Layer 2 User and Entity for Specific Channel Layer 3 User and Entity Across Multiple Channels and Products Layer 4 Big Data Analytics Layer 5 6. Threat Intelligence 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Sec
12、urity Intelligence Advanced Security High Accuracy Breadth of Coverage New Capabilities Optimal Risk and Business Decisions Resource Allocation, Prioritization Based on Contextual Assessments High Accuracy Input Post- factum Long Term Manual Information Integration and Correlation Repositories, Quer
13、ies, Contextual Assessments IT, CISO, Biz. Staff Automated Technology Interaction Scanners, Monitors Detection, Protection Software, Hardware Real Time 2014 Gartner, Inc. and/or its affiliates. All rights reserved. 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Top Trends and Take-aw
14、ays Network, Cloud and Mobility 2014 Gartner, Inc. and/or its affiliates. All rights reserved. There Is No UTM for the Enterprise Small and Lower to Midsize Businesses MSSP In the Cloud WAF SSL VPN Next-generation Firewall Firewall IPS VPN Web AV URL A-Spam AV Anti-X Secure Mail Gateway Secure Web G
15、ateway Enterprise and Upper to Midsize Businesses APP ID FW+IPS UTM 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Cloud Security: Who Is Responsible? Network Storage Server VM App Data Network Storage Server VM App Data Network Storage Server VM App Data Network Storage Server Servi
16、ces App Data Network Storage Server Services App Data Organization has control Organization shares control with service provider Service provider has control Dedicated IT Hosting provider Public IaaS Public PaaS Public SaaS 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Top Cloud Ris
17、ks 25 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Consumers of Cloud-based Services Context Policy Decisions Cloud- based Services The Growing Need for Cloud Access Security Brokerage Services Security: Identity federation Access control Discovery Logging/Monitoring Alerting API e
18、nforcement Encryption Tokenization DLP Malware filtering Risk scoring Operational: Caching Bandwidth optimization Service balancing Mobile device profiling Mobile access policy Delivered as: Physical appliance Traditional software Virtual appliance Cloud-based security as a service 2014 Gartner, Inc
19、. and/or its affiliates. All rights reserved. What Does Mobile Malware Do? Securelist, Mobile Malware Evolution 2013 http:/ Any attack seen on mobile devices requires user collaboration 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Mobile Security Predictions 2014-2017 28 Through 20
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- security trends and takewayas for
链接地址:https://www.31doc.com/p-3330906.html