advertisement

Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01

33 %
67 %
advertisement
Information about Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
Technology

Published on March 10, 2014

Author: cavsa01

Source: slideshare.net

Description

Borrador de la primera parte de la presentacion que se utilizara como soporte para la disertacion en conjunto con Julio Ardita. 11/04/2014 ( 10.45 hs )
http://archivos.usuaria.org.ar/segurinfo2014/argentina/agenda_segarg14.html
advertisement

“Riesgos de Seguridad y Análisis Forense de Entornos Virtualizados” • Julio Ardita – CTO CYBSEC. Julio César Ardita es fundador y Director de Tecnología de CYBSEC desde 1996. Es Licenciado en Sistemas, posee un Master en Gestión de las Telecomunicaciones en la Empresa y la certificación internacional CISM. Actualmente Julio Ardita es profesor de cuatro maestrías y postgrados y ha brindado más de 80 exposiciones en distintos países. • • Santiago Cavanna – Security Sales Specialist IBM. Profesional de Seguridad de la Información desde 2001. Trabajó en Microsoft, Computer Associates, Symantec. Actualmente es responsable por la división de software de seguridad de IBM para Argentina, Uruguay y Paraguay. Abstract de la presentación: Santiago: - Riesgos típicos y característicos de entornos virtuales. - Estadísticas y predicciones para entornos virtuales. - Estado del arte en soluciones y mejores practicas para gestión de riesgo en entornos virtuales. - Incidentes en un Entorno de virtualización. Julio: - Acceso al entorno de virtualización. - Almacenamiento de logs en el entorno de virtualización (DC, Servidor local, Vcenter local, Hypervisor, etc). - Entendiendo los logs a bajo nivel (ID conexión – Logs orientados a objetos) Recomendaciones : 6 Cosas que una empresa debe resolver antes de fin de Año para mitigar los principales riesgos en entornos virtuales

http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security

In the past 12 months, 91% of the companies surveyed had at least one external IT security incident and 85% reported internal incidents. media.kaspersky.com/en/business-security/Kaspersky_Global_IT_Security_Risks_Survey_report_Eng_final.pdf

http://search.iss.net/Search.do?keyword=vmware&searchType=keywd&x=0&y=0 http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=vmware http://web.nvd.nist.gov/view/vuln/search-results?query=vmware&search_type=all&cves=on

Security Cloud Vs Virtual … https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf https://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf

http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security

http://www-935.ibm.com/services/image/cybersecurity_infographic.jpg

Guide to implementing a secure cloud The following security measures represent general best practice implementations for cloud security. •Implement and maintain a security program. •Build and maintain a secure cloud infrastructure. •Ensure confidential data protection. •Implement strong access and identity management. •Establish application and environment provisioning. •Implement a governance and audit management program. •Implement a vulnerability and intrusion management program. •Maintain environment testing and validation. Build and maintain a secure cloud infrastructure 4. Protect administrative access. 4.3. Maintain am audit trail of administrative actions. 4.4. The cloud host should develop and publish configuration management guidelines. 4.5. Implement an Asset Discovery Mechanism to identify resources in use in the target environment. 4.6. Regularly review Asset Maps to understand assets in the cloud environment. 4.7. Maintain a Configuration Data Store to enable auditability and general security understanding. 5. Ensure patch management. 5.1. The cloud host should develop and publish a patch and change management program. 5.2. Develop a pre-production patch management system to enable business resiliency. 5.3. Ensure logging is enabled for all patch processes, and develop the appropriate documentation. 5.4. Ensure that all systems, and applications are running the latest vendor supplied patches, and updates within the specified period as specified in the patch and change management program. Ensure that an appropriate time frame is established. 5.5. Establish a process or utilize a third-party vendor to maintain awareness of the latest security vulnerabilities.

http://publib-b.boulder.ibm.com/abstracts/sg247928.html http://www.redbooks.ibm.com/abstracts/redp4614.html http://www.redbooks.ibm.com/abstracts/redp4893.html

http://public.dhe.ibm.com/common/ssi/ecm/en/wgl03045usen/WGL03045USEN.PDF https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

Segurinfo2014 virtualizacion segura_ardita_cavanna draft ...

×Close Share Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01. Embed ...
Read more

Draft exchange programme in education studies v01 - Documents

Share Draft exchange programme in education studies v01. ... Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01.
Read more