Dal cloud un aiuto per contrastare il malware, e un pizzico di

Dal cloud un aiuto per contrastare il
malware, e un pizzico di compliance
Francesco Armando, Technical account manager
Roma, 12 Aprile 2016
Qualys-che?
2
Extensible Cloud Platform
Highly Scalable Architecture
PC
Integrated
CM AM
AM VM
VM
PCI
PC
QS
MDS
CM
AM
VM
PCI MDS
PC WAS
QS WAF
MDS LM
WAS
CM
PCI
PC
LM
QS
WAF
Suite of
PCI PCPC
MDS WAS
WAS WAF
LM
WAF LM
Applications
AMAM VMVM
PCI
QSQS MDS
t
Policy
Compliance
r
ce
t
3B
Scans
Per Annum
Qualys API
Analytics
and
Reporting
Engines
Reporting & Dashboards
Remediation & Workflows
Erlang Distributed Correlation
ElasticSearch Clusters
Solr Lucene Idexing
Oracle & BFFS Storage
Distributed
Sensors
3
100B
Detections
1T
Security
Datapoints
W
Blue Chip Global Customer Base
40% Fortune 500 and 24% of the Forbes Global 2,000
8,800+
Customers
8 of top 10 in Software
8 of top 10 in Technology
8 of top 10 in Biotechnology
DAIMLER
8 of top 10 in Retail
7 of top 10 in Banking
7 of top 10 in Media
6 of top 10 in Telecommunications
6 of top 10 in Chemical
6 of top 10 in Car Manufacturing
5 of top 10 in Business Services
Based on Forbes Global 2000 Classification
4
AssetView with ElasticSearch and
Dynamic Dashboards
Instant Query
across millions
of IT Assets
Vulnerability
Risk Analysis
dashboard
Unified Assets’
View
Synchronisation
with
Splunk,
ServiceNow
&
Others
Dynamic and
customizable
dashboards
5
Disruptive Cloud Agent Platform
Continuous Security across On-Premise,
Endpoints and Elastic Cloud Environments
Beam-up info
in real-time
Lightweight
2Mb Agents
Centrally
Managed and
self-updating
Delta-based
approach
66
AssetView Inventory Service
Bring IT & Security together
Provides free
Cloud Agent
for Inventory
Included with
Vulnerability
Management
Integrated in
the Qualys
Cloud Platform
77
APT?
10 (dieci!) CVE sono alla base almeno del
95% degli attacchi andati a buon fine
descritti nel DBIR di Verizon del 2015 e
2014.
Easy & Manageable…
Vulnerability
Management
File Integrity
Monitoring
Malware
Protection
IOC
Detection
Continuous
Monitoring
Asset Discovery
& Sync.
Endpoint
Detection
&
Response
Policy
Compliance
Enterprise
Certificate
Management
Security Assessment
Questionnaire
Web Application
Security
Patch
Management
Centrally Managed – Single pane of
glass - Self Updating
10
Surveillance,IoT,Scalable?
Qualys.
12
Qualys. Qualche numero.
13
Why Vulnerability Management?
DON’T GET BREACHED!
Majority of breaches happen due to
exploitation of known vulnerabilities
Discover assets &
Report & Search
Prioritize Threats
Remediate/Patch
AssetView
ThreatPROTECT
Patch
vulns at scale
Vulnerability
Management
Management*
15
9
8
Vulnerabilities Published
(1000’s)
7
6
5
4
3
2
1
0
2010
1
2011
2012
2013
2014
2015
17
"Organizations would need access to all threat intelligence
indicators in order for the information to be helpful—a Herculean
task"
Verizon Data Breach Report - 2015
1
Introducing ThreatPROTECT
Quickly and accurately
pinpoint assets across
entire environment that
have highest exposure to
latest threats
Company Confidential
19
PublicExploit
EasyExploit
ZeroDay
NoPatchAvailable
AcGvelyAHacked
HighDataLoss
HighLateral
Movement
DenialofService
Qualys Research Lab
Global 24x7 team
2
ThreatPROTECT
Actionable Threat Intelligence
Holistic
and
Contextual
View of the
Threat
Landscape
Visualize &
Prioritize
Remediation
efforts
21
[email protected]
Nasdaq: QLYS