Microsoft Networking Academy with the C+E Global Black Belts Olivier Martin (@omartin) – Networking TSP GBB Kevin Lopez (@kevlopez) – ER Partner Sales Executive GBB Jaime Schmidtke (@jaimesc) – ER Partner Sales Executive GBB Eddie Villalba (@edvilla) – Networking and Open Source TSP GBB Bryan Woodworth (@brwoodwo) – Networking TSP GBB
34
Embed
Microsoft Networking Academy · Microsoft Networking Academy ... •Quick overview or what’snew this week ... (1) Security Management Process •164.308(a)(6) ...
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Microsoft Networking Academywith the C+E Global Black Belts
Olivier Martin (@omartin) – Networking TSP GBB
Kevin Lopez (@kevlopez) – ER Partner Sales Executive GBB
Jaime Schmidtke (@jaimesc) – ER Partner Sales Executive GBB
Eddie Villalba (@edvilla) – Networking and Open Source TSP GBB
Bryan Woodworth (@brwoodwo) – Networking TSP GBB
Before we get started
• Welcome customers and partners!!!
• Material is public information No NDA info here.
We scan the entire stack for vulnerabilities and config errors
Web Apps
Server-side Apps
App Frameworks
Dev Platforms
Server OS
Hypervisor
Databases
Our coverage is
prioritized by
applications and
workloads
running in the
cloud
Alert Logic is security built for the cloud
Prevent, detect and stop threats across your full app & infra stack
Add expert protection without adding staff or building SOC
Eliminate chokepoints in app production with security built for cloud
Expand capabilities quickly with modular services
Focus on actionable detail with expert verification and prioritization
Affordable advanced protection from 13 cents / hour / host
Incident identification and notification
ALERT LOGIC
CLOUD
Incident notification
Alert Logic
SOC
Customer / Partner
SecOps Team
ATTACK
CONSOLE
AWS
Azure
On-prem
CONSOLE
We can either work with your customer directly, or your teams if
you are managing the environment on behalf of the customer
Alert Logic – a Leader in Forrester’s 2016 NA MSSP WAVETM
“Alert Logic has a head start in the cloud, and it shows.
Alert Logic is an excellent fit for clients looking to secure their current or planned cloud migrations, clients requiring a provider than can span seamlessly between hybrid architectures, and those that demand strong API capabilities for integrations.”
- Forrester WAVETM Report
Addressing Customers with Compliance Requirements
Alert Logic
Solution PCI DSS SOX HIPAA & HITECH
Alert Logic
Web Security
Manager™
• 6.5.d Have processes in place to protect applications from
common vulnerabilities such as injection flaws, buffer
overflows and others
• 6.6 Address new threats and vulnerabilities on an ongoing
basis by installing a web application firewall in front of
public-facing web applications.
• DS 5.10 Network Security
• AI 3.2 Infrastructure resource
protection and availability
• 164.308(a)(1) Security Management
Process
• 164.308(a)(6) Security Incident
Procedures
Alert Logic
Log
Manager™
• 10.2 Automated audit trails
• 10.3 Capture audit trails
• 10.5 Secure logs
• 10.6 Review logs at least daily
• 10.7 Maintain logs online for three months
• 10.7 Retain audit trail for at least one year
• DS 5.5 Security Testing,
Surveillance and Monitoring
• 164.308 (a)(1)(ii)(D) Information
System Activity Review
• 164.308 (a)(6)(i) Login Monitoring
• 164.312 (b) Audit Controls
Alert Logic
Threat
Manager™
• 5.1.1 Monitor zero day attacks not covered by anti-virus