Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
-
Upload
santiago-cavanna -
Category
Technology
-
view
569 -
download
1
description
Transcript of Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
“Riesgos de Seguridad y Análisis Forense de Entornos Virtualizados”
• Julio Ardita – CTO CYBSEC. Julio César Ardita es fundador y Director de Tecnología de CYBSEC desde 1996. Es Licenciado en Sistemas, posee un Master en Gestión de las Telecomunicaciones en la Empresa y la certificación internacional CISM. Actualmente Julio Ardita es profesor de cuatro maestrías y postgrados y ha brindado más de 80 exposiciones en distintos países.
• Santiago Cavanna – Security Sales Specialist IBM. Profesional de Seguridad de la Información desde 2001.
• Trabajó en Microsoft, Computer Associates, Symantec. Actualmente es responsable por la división de software de seguridad de IBM para Argentina, Uruguay y Paraguay.
Abstract de la presentación: Santiago:- Riesgos típicos y característicos de entornos virtuales.- Estadísticas y predicciones para entornos virtuales.- Estado del arte en soluciones y mejores practicas para gestión de riesgo en entornos virtuales.- Incidentes en un Entorno de virtualización.Julio:- Acceso al entorno de virtualización.- Almacenamiento de logs en el entorno de virtualización (DC, Servidor local, Vcenter local, Hypervisor, etc).- Entendiendo los logs a bajo nivel (ID conexión – Logs orientados a objetos)Recomendaciones : 6 Cosas que una empresa debe resolver antes de fin de Año para mitigar los principales riesgos en entornos virtuales
http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security
media.kaspersky.com/en/business-security/Kaspersky_Global_IT_Security_Risks_Survey_report_Eng_final.pdf
In the past 12 months, 91% of the
companies surveyed had at least one external IT security incident and
85% reported internal incidents.
http://web.nvd.nist.gov/view/vuln/search-results?query=vmware&search_type=all&cves=on
http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=vmware
http://search.iss.net/Search.do?keyword=vmware&searchType=keywd&x=0&y=0
https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdfhttps://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf
SecurityCloud Vs Virtual …
http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security
http://www-935.ibm.com/services/image/cybersecurity_infographic.jpg
Guide to implementing a secure cloud
The following security measures represent general best practice implementations for cloudsecurity.
•Implement and maintain a security program.•Build and maintain a secure cloud infrastructure.•Ensure confidential data protection.•Implement strong access and identity management.•Establish application and environment provisioning.•Implement a governance and audit management program.•Implement a vulnerability and intrusion management program.•Maintain environment testing and validation.
Build and maintain a secure cloud infrastructure 4. Protect administrative access. 4.3. Maintain am audit trail of administrative actions.
4.4. The cloud host should develop and publish configuration management guidelines.4.5. Implement an Asset Discovery Mechanism to identify resources in use in the target environment.4.6. Regularly review Asset Maps to understand assets in the cloud environment.4.7. Maintain a Configuration Data Store to enable auditability and general security understanding.
5. Ensure patch management.5.1. The cloud host should develop and publish a patch and change management program.5.2. Develop a pre-production patch management system to enable business resiliency.
5.3. Ensure logging is enabled for all patch processes, and develop the appropriate documentation.5.4. Ensure that all systems, and applications are running the latest vendor supplied patches, and updates within
the specified period as specified in the patch and change management program. Ensure that an appropriate time frame is established.
5.5. Establish a process or utilize a third-party vendor to maintain awareness of the latest security vulnerabilities.
http://www.redbooks.ibm.com/abstracts/redp4614.htmlhttp://www.redbooks.ibm.com/abstracts/redp4893.html
http://publib-b.boulder.ibm.com/abstracts/sg247928.html
https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdfhttps://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdfhttp://public.dhe.ibm.com/common/ssi/ecm/en/wgl03045usen/WGL03045USEN.PDF