[cs615asa] Meetup summary

[Jiawen Peng]

Apr 19, 2018
New York City
Asellina

Techtalk Summit
Event link: https://techtalksummits.com/event/new-york-city-3/
Topic: Data restore and cloud security

I chose it because it covers a lot of topics in this course, such as data
restore and recovery, authentication and security,  DNS-based malware and
attacks and cloud security. Also because those attendees are working for
different tools based on protecting data from attackers, disasters, etc. I
can not only learn more about the challenges and new techs about those
topics shown in the course, but also the tools people used to prevent them.

1. Zerto IT platform (Protect your network against the widest range of
DNS-based malware and attacks)
1) Two kinds of data loss:
Unplanned: user errors, infrastructure failures, security & ransomware,
natural disasters;
Planned: mergers & acquisitions, move to the cloud, data center
consolidation, maintenance & upgrade.
2) Logical failure & mechanical failure
A mechanical failure: broken parts prevent the drive from working.
Logical drive failure:  corruption of the file structure or file deletion.
3) How are ransomware attackers working? (added some of my research)
Ransomware kits on the deep web have allowed cybercriminals to purchase and
use a software tool to create ransomware with specific capabilities and
then generate this malware for their own distribution and with ransoms paid
to their bitcoin accounts.
So it's now possible for those with little or no technical background to
order up inexpensive ransomware as a service (RaaS) and launch attacks with
very little effort.
A ransomware attack shut down the city of Atlanta's online systems on March
22.
4) Journal based recovery!
any point in time, against logical failure, recover from seconds ago (not
the last backup/snapshot)

2. TIBCO (capture data in real time and augment the intelligence through
analytical insights)
1) data double every 1.2 years
2) data analysis: take time to think -> data's old

3. Checkpoint (cloud security)
This is the most interesting part. They distributed some cloud security
concepts, challenges, responsibilities, etc.
1) Cloud challenges:
Shared responsibility unclear
Best practices are undefined
Authorized usage vs  'Shadow IT' usage (information technology projects
that are managed outside of, and without the knowledge of, the IT
department)
Inconsistent tools, reporting, visibility across cloud providers
2) Where cloud-native security falls short
No threat prevention in real time (L4-L7 protections)
No unified management for all Clouds & Traditional Data Center
No identity-based authentication access to the application
No URL filtering
No threat extraction and Zero-day Sandboxing
Which might expose you to:
Lateral threat movements
Data breach due to misconfiguration
Abuse of cloud services
API hacking
Malicious insiders
3) Cloud = shared responsibility
>From cloud global infrastructure (regions, availability zones, edge
locations)
to storage, database, networking
to client-side data encryption & data access authentication, server-side
encryption (file system, data), Network traffic protection (encryption,
integrity, identity)
to OS, network, FW configs
to platforms, applications, IAM

Growing technologies always need us to take more responsibilities to take
care of the system security. The most important thing I learned from this
tech talk was how (tools) to deal with disasters, remediate before happens,
and how to take care of the security problems.

-- 
Best,
Jiawen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20180421/4673de1a/attachment.html>