1、#CiscoLive#CiscoLiveCar����los Pereira,Fellow and Chief Architect,CiscocapereirMelinda Marks,Senior Analyst,Enterprise Strategy Group(ESG)melindamarksBRKAPP-1115Cloud-Native Application Security:An Integrative CNAPP Approach from Cisco 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#Ci
2、scoLiveEnt������er your personal notes hereCisco Webex App Questions?Use Cisco Webex App t��������o chat with the speaker after the sessionFind this session in the Cisco Live Mobile App(BRKAPP-1115)Click“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Web
3、ex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12343https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKAPP-11153Agenda 2023 Cisco and/or it������s affiliates.All rights reserved.Cisco Publi�������cESG analysts view of CNAPP what is it and what are the key conc
4、erns �����of the customer?Ciscos Chief Architect view on an integrated cloud native application security offering and its use-caseBRKAPP-11154 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public“Use of Cloud-Native Technologies Will Be Pervasive,not Just Popular”“More than 85%of organizatio
5、ns will embrace a cloud-first principle by 2025 and will not be able to fully execute on their digital strategies without the use of cloud-native architectures and technologies”-GartnerBRKAPP-11155The Need for An Effective������ Cloud-native Security PlatformMelinda Marks,Senior Analyst,Enterprise Strateg
6、y Group(ESG)TechTarget7 TechTarget7ESG Report:Cloud Security Posture and Entitl�������ements ManagementMoving Productio��������n Workloads to Public Clouds TechTarget8 TechTarget8Multi-Cloud AdoptionESG Report:Cloud Security Posture and Entitlements Management TechTarget9 TechTarget9Source:ESG Complete Survey Resu
7、lts:�����Distributed Cloud Series:Cloud-na������tive ApplicationsReaping the Benefits of Moving to the Cloud TechTarget10 TechTarget10Source:ESG Complete Survey Results:Distributed Cloud Series:Cloud-native ApplicationsTop Challenges for Cloud-Native Applications:SecuritySecurity Challenges TechTarget12 TechTa
8、rget12ESG Report:Walking the Line:Shift Left and GitOps SecurityKee������ping Up with Faster Development Cycles TechTarget13 TechTarget13ESG Rep��������ort:Cloud Security Posture and Cloud Infrastructure Entitlements Biggest Security Challenges:Around Scale TechTarget14 TechTarget14ESG Report:Walking the Line:Shi
9、ft�������� Left and GitOps SecurityCloud Application Security Incidents TechTarget15 TechTarget15Incidents from MisconfigurationsDriving Efficiency with a Platform Approach TechTarget17������� TechTarget17ESG Report:CSPM/CIEM studyManaging Risk:Top 5 Attributes TechTarget18 TechTarget18Cloud-native Application Pro
10、tection Platforms(CNAPPs)A CNAPP is a unified and tightly integrated set of security and compliance ca�������pabilities designed to secure and protect cloud-native applications across development and production.CNAPPs consolidate a large number of previously siloed capabilities,including:Container scanning
11、.Cloud security posture management.Infrastructure-as-code scanning.Cloud infrastructure entitlement management.Runtime cloud workload protection and runtime vulnerability.Configuration scanning.TechTarget19 TechTarget19Cl��������oud Native Application Protection Platform(CNAPP)CNAPPs consolidated a number o
12、f previously siloed capabilities,including:Container workload protection(CWP)Cloud Security Posture ����Management(CSPM)Infrastructure as Code(IaC)scan�����ning Cloud Infrastructure Entitlement Management(CIEM)Runtime cloud application protectionBenefits of a Platform ApproachWhat is a CNAPP?A CNAPP unifies
13、and tightly integrates security and compliance capabilities to secure and protect cloud-native applications across development and production.Using a CNAPP to Drive Efficiency by Consolidating Application Security and Posture Management E�������SG Report:CSPM/CIEM study TechTarget21 TechTarget21ESG Complet
14、e Survey Results:ESG/ISSA Cybersecurity Process and Technology Surv������eyKey CNAPP Attributes Enables them to scale security to support rapid development Drives efficiency of remediation to stay ahead of security incidents5%8%11%14%14%18%19%19%21%21%23%28%28%Ability to procure via the marketplace ofCons
15、umption-based pricing model thatSecures the orc������hestration environmentCentralizes workload segmentation policiesAgentless implementationSupport for the MITRE ATT&CK frameworkDeployment flexibility(i.e.,offered as aIntegration with De����vOps tools to enableSupport for multiple public cloudPreventative co
16、ntrols for hardening andA rich set of visibility capabilities ������fromSupport for all types of servers andA high-le�������vel of threat detection efficacy andAll product names,logos,brands,and trademarks are the property of their respective owners.Information contained in this publication has been obtained by
17、sources TechTarget,Inc.considers to be reliab�����le but is not warranted by TechTarget,Inc.This publication may contain opinions of TechTarget,Inc.,which are subject to change.This publication may include forecasts,projections,and other predictive statements that represent TechTarget,Inc.s assumptions a
18、nd expectations in light of currently available ����information.These forecasts are based on industry trends and involve variables and uncertainties.Consequently,TechTarget,Inc.makes no warranty as to the accuracy of specific forecasts,projections or predictive statements contain�������ed herein.This publicati
19、on is copyrighted by TechTarget,Inc.Any reproduction or redistribution of this publication,in whole or in part,whether in hard-copy format,electronically,or otherwise to persons not authorized to receive it,without the express consent of TechTarget,Inc.,is����� in violation of U.S.copyright law and will
20、be subject to an action for civil damages and,if applicable,criminal prosecution.Should you have any questions�������,please contact Client Relations at cresg-.Enterprise Strategy Group is an integrated technology analysis,research,and strategy firm that pr�������ovides market intelligence,actionable insight,and
21、go-to-market content services to the global IT community.2022 TechTarget,Inc.All Rights Reserved.Thank youMelinda Marksmelindamarkshttps:/ Application Security from Developme�������nt to Production:Cisco����� PanopticaCarlos Pereira,Fellow and Chief Architect,Cisco 2023 Cisco and/or its affiliates.All rights re
22、served.Cisco Public#CiscoLiveProblem space:What and whyCompilers,CICD,ToolingModern cloud-first appaccessed from anywhereinternalcloudSaa�������Sope����n sourceFollow an attack path towards end goalGoal is to get to Compute,Data or DoSAttackers can compromise any assetAPIs,SaaSContainers,Functions,VMsConfigura
23、tions and identitiesToolingBRKAPP-111524 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSolarWinds attack pathSupply chainSupply chaincompromisecompromiseBuild&CICD system compromisedInitial ac����cess,Initial access,commandcommand-andand-controlcontrolCompromi�������sed libraries i
24、nfecte���d in ��������all SW buildsHandsHands-onon-keyboard attack keyboard attack on premiseson premisesInfect every node where SW is deployedHandsHands-onon-keyboard attack keyboard attack in the cloudin the cloudSteal credentials and gain admin privilegesInitial C2Initial C2Second C2Second C2AttackerAttacke
25、r Password guessing Use secret key to bypass Duo and access Outlook Web AppOnly Cisco can provide e2e protectionBRKAPP-111525 2023 Cisco and/or its affiliates.All righ����ts reserved.Cisco Public#CiscoLiveMITR������E ATT&CK frameworkInitial AccessInitial AccessImpactImpactCollectionLateral MovementDiscoveryCr
26、edential AccessDefense EvasionPrivilege E����scalationPersistenceExecutionBRKAPP-111526 2023 Cisco and/or its������ affiliates.All rights reserved.Cisco Public#CiscoLiveA Holistic View Towards Cloud App Security(AppSec)securingthe logicthe logic of your app(CWPP)securingyour workloadworkload(CSPM)securingclou
27、d resourcesresources it runs onDevDeployRuntime from dev time,to deploy time,to run time from dev time,to deploy time,to run time Developer Developer influenceinfluenceSecOps SecOps influenceinfluenceDeveloper influenceDeveloper influence(sh�����ift(shift-left)left)SecOps influenceSecOps influence(shift(
28、shift-right)right)Securing the code to production stack Securing the code to production stack One approach:cap������abilities for securing modern hybrid cloud appsSecures everything you need to worry about for modern apps From writing first line of code,to the tools used to produce app,to the app itself,a
29、nd������ the cloud resources the app runs on1.1.Code&BuildCode&Build Protection:Before the code is even deployedProtection:Before the code is even deployed2.2.App&API Security:Securing the application and its logicApp&API Security:Securing the application and its logic3.3.Workload Security:Infrastructure
30、for the app(CWPP+)Workload Security:Infrastructure for the app(CWPP+)4.4.Cloud Posture:Cloud environment&configs(CSPM+)Cloud Posture:Cloud environment&configs(CSPM+)1234BRKAPP-111527 2023 Ci��������sco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDetails:Protection from code to production
31、Code&Code&BuildBuild Prot��������ectio��n Protection Before the code is even deployedStatic AnalysisInfra as Code scanningSecrets scanningSSC,SBOMCI/CD Protection1App&API Security App&API Security Securing the application and its logicAPI SecurityBusiness/app logic securityData Security2Workload Security Work
32、load Security Infrastructure for the app(CWPP����+)Container workloadsK8s SPMServerless securityVM security3Cloud Posture Cloud Posture Cloud environment&configs(CSPM+)CSPMCIEMCloud Network security4BRKAPP-111528 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePlanned delivera
33、blesAllows businesses to easily secure their modern Allows busin������esses to easily secure their modern hybrid apps by focusing on their most by focusing on their most relevant risks across across a�����ll attack paths from from code to cloud.Intelligent Prioritization:Using AI/ML to allow Using AI/ML to all
34、ow SecOps to manage the most critical attack paths SecOps to manage the most critical attack paths in modern apps regardless of attack provenance.in modern apps regardless of attack provenance.Solve at Source:Lead with codeLead with code-ce������ntric(shiftcentric(shift-left)left)security security-from th
35、e creation of the first line of code,from the creation of the first line of code,through deployment,to production runtime.through deployment,to production r����untime.BRKAPP-111529 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePlanned integrationsIntegrations at Cisco Scale:
36、Integrations at Cisco Scale:Cisco Secure:Allows SecOps to secure their entire Allows SecOps to secur����e ������their entire environment from user to app,and app to app.environment from user to app,and app to app.BRKAPP-111530 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDemoBRKA
37、PP-111531 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePlanned integrationsIntegrations at Cisco Scale:Integrations at Cisco Scale:FSO:FSO:Allow a business owner to integrate security Allow a business owner to integ�����rate security risks,in addition to safety risks,in Busi
38、ness Risk risks,in addition to safety risks,in�������� Business Ri��������sk Observability.Observability.BRKAPP-111532 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveApp TeamFocused on velocity&user experienceSecurity TeamFocused on vulnerabilities&threatsBRKAPP-111533 2023 Cisco and/or
39、its affiliates.All rights reserved.Cisco PublicBusiness ca�������nt afford Security and Applications silos With����out both teams joining the fight,issues like the log4j JNDI vulnerability cant be protected against in a timely fashionBRKAPP-111534 2023 Cisco and/or its affiliates.All rights reserved.Cisco Publ
40、ic#CiscoLiveBusiness Context MappingMapping vulnerabilities and attacks to common transactions provides the business context to help you quickly understand the location and impact of threats.Vulnerability and Threat Intelligence Threat intelligence feeds from multiple yet complemen�������tary sources provi
41、de the threat context to understand the likelihood of threat exploits.Business Risk ScoringScoring composited from analy�����sis of runtime behavior+business impact+intell������igence provides complete business risk context to instantly assess and prioritize action across ITOps and SecOps teams.+=Business Risk
42、 Observability for ApplicationsBRKAPP-111535 2023 Cisco and/or its affiliates.All rights r�������eserved.Cisco Public#CiscoLiveCisco Business Risk Ob�������servability in action,NOW!CVSS Score:Qualitative ratings of Public Disclosed Vulnerabilities Real-time Score:Estimate of the likelihood of exploitation based
43、what is happening in real-time.High risk of exploitation with a correlated high business impact.Operator must act due������� to active nature of threat.Differentiate between whats important versus whats urgent.High severity,but low likelihood of exploi�����tation or business impactOperator often ignore this cas
44、e due to low CVSS score,but must act because of high business risk and impact potentialPer business-transactionBRKAPP-111536 2023 Cisco and/or its affiliates.All rights reserved.Cisco������ Public#CiscoLiveCNAPP and Cisc�����o FSO PlatformExtendExtend Ciscos industry-first and unique BusinessBusiness RiskRisk
45、ObservabilityObservability approachapproa������ch toto CloudCloud nativenativeworkloads through the Panoptica Integration at the Cisco FSO PlatformThe proposed integration of Ciscos Full Stack Observ��ability(FSO)platform and Panopticaprovidesprovides securitysecurity visibility,visibility,insights,insights
46、,andand actionsactions toto protectprotect cloudcloud assets�������assets-Kubernetes(K8S),workloads,and business focused application security visibility and control.This integration is part of the overall Business Risk Observability on Cisco FSO platform,and ihashasbeenbe����en announcedannounced atat CiscoCis
47、co LiveLive FYFY2323.The key value proposition will be Cisco BusinessRisk Observability mapped across the entire modern application stack,including infra securityinsights and business application data insights to pr�����ovide prioritized end-to-end sec�������urityvisibility.Initial integration phase will focusf
48、ocus onon findingsfindin�����gs ofof containercontainer vulnerabilityvulnerability andand KubernetesKubernetesworkloadsworkloads.BRKAPP-111537 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBusiness Risk ObservabilityUse case 1:Threats and Vulnerabilities Across CloudUse case
49、1:Threats and Vulnerabilities Across Cloud-Native Kuberne�������tes and ContainersNative Kubernetes and ContainersIntegrated view on FSOIntegrated view on FSODetect,prioritize,and address container vulnerabilities and security threats right from your observability dashboardFactor in business riskFactor in
50、business riskCombine findings into your application context for business-level risk scoringAnnounce:Cisco Live JuneGA:August 23BRKAPP-111538 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBusiness Risk Obser�������vabilityUse case 2:�������Prioritize and align across security issues ba
51、sed������� on business contextUse case 2:Prioritize and align across security issues based on business contextCreate your own customized view of securi��������ty riskChanges in security&app graphs are evaluated to reflect real-time riskPrioritize remediation and mitigation efforts by what matters to the bizAnnounc
52、e:Cisco Live JuneGA:August 23������BRKAPP-111539Whats next?2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveNext Steps:Start Using Panoptica for freepanoptica.appBRKAPP-111541 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCon���tinue Your Cloud Native Se
53、curity LearningBRKAPP-111542 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFill out your session surveys!Attendees wh�����o fill out a minimum of four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!43BRKAPP-1115These points
����54、 help you get ������on the leaderboard and increase your chances of winning daily and grand prizesAttendees will also earn 100 points in theCisco Live Challenge for every survey completed.2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for r
55、elated demosBook your one-on-oneMeet ������the Engineer meetingAttend the interactive education with DevNet,Capture the Flag,and Walk-in LabsVisit the On-Demand Library for more sessions at www.CiscoL 2023���� Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive45Gamify your Cisco Live exper
56、ience!Get points Get points for attending this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+����at the bottom of the screen an��������d scan the QR code:How:123445 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKAPP-1115Thank you#CiscoLive#CiscoLive
sgpjbg002
工作日 8:30 - 17:30
会员动态:
报告分类
新质生产力
ChatGPT
新能源汽车
大模型
Sora
机器人
微短剧
芯片
薪酬
白皮书
低空经济
数据要素
创新药
人工智能
AI产业
信息科技
互联网
消费经济
汽车交通
电商零售
传媒娱乐
医药健康
投资金融
能源环境
地产建筑
传统产业
英文报告
其它
扫码登录
手机快捷登录
账号登录
