cybersecurity compliance automation platform
play

cybersecurity & compliance automation platform delivered in - PowerPoint PPT Presentation

Jan 06, 2023 •314 likes •460 views

cybersecurity & compliance automation platform delivered in software as a service model plug&play cybersecurity plug&play compliance Defenselayers company purpose Defenselayers is an innovative, global cybersecurity startup. We

  1. cybersecurity & compliance automation platform delivered in software as a service model plug&play cybersecurity plug&play compliance

  2. Defenselayers – company purpose Defenselayers is an innovative, global cybersecurity startup. We secure applications both in private and public clouds, applications which are built using application containers technology (Docker, Kubernetes environment). We protect applications during development as well as in production environment. This is why we say we are DevSecOps native company. Defenselayers is a cloud native company, providing application containers native cybersecurity services. Apart of securing application containers we assure in some extent compliance with GDPR, NIS and PCIDSS standards. Our mission is to reduce complex and expensive cybersecurity services usually provided by expensive specialists into automated, simple to use and affordable Software-as-a-Service. We do it through our Plug&Play Cybersecurity Automation Platform.

  3. Defenselayers’ response to market trends Business is moving to a cloud. With growing cloud adoption new software development ways appeared: microservices and application containers. Advantages of cloud computing, however, come with a cost – cybersecurity challenges. At the same time it is more difficult to find experienced cybersecurity experts and they are more and more expensive. In 2020 cybersecurity talent gap is expected to reach 3,5 mln positions globally. This is where Defenselayers comes to the stage. By providing a platform which automates cybersecurity of microservices encapsulated in application containers we allow to solve problem of cybersecurity talent gap and reduce software development costs at the same time. Application containers market is quite young, but it grows rapidly and is expected to grow further. There are very few truly application containers native cybersecurity tools. Cybersecurity of application containers is recognized as one the most necessary solutions these days.

  4. Container security Container security is recognized by CB Insights as the most necessary out of all cybersecurity industry trends. Source: CBInsights

  5. Defenselayers secure container vision To reduce complex and expensive cybersecurity services to plug&play commodity …. PLUG&PLAY CYBERSECURITY Increased level of security PLUG&PLAY COMPLIANCE Shorter time-to-market Cybersecurity standards & best practices automatically implemented Lower software development costs Compliance regulations Faster software development cycle automatically implemented Savings on cybersecurity and compliance resources Cybersecurity and compliance layers constantly kept updated Savings on cybersecurity tools plug&play cybersecurity plug&play compliance

  6. How we do it? Defenselayers produce OCI compliant application containers with pre-encapsulated and pre-hardened standard technologies (operating systems, databases, application servers, interpreters etc.). We plan to develop containers with hundreds of different technologies. Developer encapsulates his microservice into Defenselayers container (note that no change to microservice is required). Central Defenselayers Platform monitors such container and constantly updates it when new vulnerabilities appear. Customers pay periodic fee for application container monitoring and updating security layers of the container.

  7. Secure Technology Stack Defenselayers provides your microservices with out-of-the-box secure containerized technology stack just by one click.

  8. Defenselayers – General Roadmap • Stage 1 hardening and settings done to meet compliance regulations • assure that all components put into container image before it leaves our “factory” could be trusted • 17 technologies pre-encapsulated in Defenselayers Secure Containers • more security tests Stage 2 • on-line container monitoring • Further technologies encapsulated • Defenselayers e-store plug&play cybersecurity plug&play compliance

  9. Stage 1 - Defenselayers Secure Container preparation process Executable binaries hardening Secure configuration Recompilation of main components Removal of default accounts Removal of insecure modules Secure application accounts Removal of insecure functionality Secure environment variables settings Removal of insecure components File system access rights hardening Removal of unused components More strict access rights Secure configuration of included components UMASK Shell Vulnerability scanning Network services Malware scanning Daemons Integrity protection of every binary and configuration component Other component Complete manifest of all components inside container image plug&play cybersecurity plug&play compliance

  10. Stage 1 – How Defenselayers Secure Container addresses compliance PCI DSS GDPR Security/hardening requirements for CardHolder Data Secure by default, out-of-the-box = privacy by default privacy Environment (CDE) (Req 3, 4) by design (Art. 25) Integrity control (Req 6) Security testing and vulnerability management (Art 32 1 c-d) Vulnerability scanning (Req 5, Req 6, Req 11) Incident management requires integrity control (Art. 33, 34) Malware scanning (Req 5) NIS Directive Patch management (Req 11) Incident management and reporting requires integrity control Secure TLS and other encryption protocols/algorithms (Req (Art. 14) 3, Req 4) Vulnerability & patch management (Art. 14, Art. 16) System hardening / development of secure networks, systems and applications (Req 2, Req 6) Financial sector regulations Risk based hardening approach Operation Risk value reduction Vulnerability scanning Malware scanning Patch management

  11. Defenselayers Secure Containers – technology encapsulation roadmap Ready To Use Ready by the end of 2020 • • Alpine Nodejs • • Nginx PHP • • Apache Java • • SFTP/SSH MongoDB • • Python MySQL • • Go Pytest • • Redis Gunicorn • • Django RabbitMQ • Flask • Postgress

  12. Stage 1 – Scope of Defenselayers Services Unlimited license for Defenselayers Secure Containers Scope of services Constant monitoring of Defenselayers Secure Containers cybersecurity status Providing customers with information about new vulnerabilities Providing customers with new versions of Defenselayers Secure Containers free from vulnerabilities plug&play cybersecurity plug&play compliance

  13. THANK YOU info@defenslayers.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Year of the defender Cybersecurity Predictions for 2018 Cybersecurity Data Analytics Platform

The Year of the defender Cybersecurity Predictions for 2018 Cybersecurity Data Analytics Platform

The Year of the defender Cybersecurity Predictions for 2018 Cybersecurity Data Analytics Platform Our Speakers Sam Curry Lital Asher-Dotan Cybereason | CSO Cybereason | Sr. Director Setting The Stage A lookback at 2017 Our predictions

387 views • 26 slides
1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures

Industrial Automation Spring 2019, EPFL 1 Automation Overview Definition Automation (automation, Automation ) : 1) set of all measures aiming at replacing human work through machines (e.g. automation is applied science) 2) the

1.39k views • 63 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Babelee Technical presentation The Video Automation Platform Babelee Littlesea developed

Babelee Technical presentation The Video Automation Platform Babelee Littlesea developed

Babelee Technical presentation The Video Automation Platform Babelee Littlesea developed Babelee, an high performing and fl exible platform that enables communication and marketing departments to cover the whole content strategy needs,

567 views • 17 slides
Cybersecurity Introductions Skyline Technology Solutions Tom Burgoon - BD ITS Practice

Cybersecurity Introductions Skyline Technology Solutions Tom Burgoon - BD ITS Practice

The Why, What, and How of Cybersecurity Introductions Skyline Technology Solutions Tom Burgoon - BD ITS Practice Laura Gomez-Martin Cybersecurity Compliance Advisor Chip Stewart Principal Consultant Mission Secure

664 views • 29 slides
Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S

Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S

Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell Chief Information S ecurity Officer lfhowell@uoregon.edu Why YOU should care University University YOU YOU COMPLIANCE increases business COMPLIANCE Research at risk

829 views • 43 slides
Dutch cybersecurity platform higher education & research Jan Piet Barthel, director One

Dutch cybersecurity platform higher education & research Jan Piet Barthel, director One

Dutch cybersecurity platform higher education & research Jan Piet Barthel, director One Conference The Hague, May 17 2017 17-CSRE-100d Vision dcypher The Netherlands positions itself as a country doing excellent research in the area of

533 views • 8 slides
Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li,

Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li,

Platoon: A Virtual Platform for Team-oriented Cybersecurity Training and Exercises Yanyan Li, Mengjun Xie Department of Computer Science University of Arkansas at Little Rock { yxli5, mxxie } @ualr.edu September 29, 2016 Yanyan Li, Mengjun Xie

594 views • 31 slides
What The Hack! Aldo Leiva Jorge Rey Agenda Introduction Cybersecurity Trends Legal

What The Hack! Aldo Leiva Jorge Rey Agenda Introduction Cybersecurity Trends Legal

What The Hack! Aldo Leiva Jorge Rey Agenda Introduction Cybersecurity Trends Legal Framework For Cybersecurity Compliance How Are Organizations Getting Hacked Oops, you clicked on the link. Now what? Best Practices and

1.09k views • 36 slides
Submarine platform automation enabler of an optimized crew concept H. Wehner 1 , Dr. M. Mohr 2

Submarine platform automation enabler of an optimized crew concept H. Wehner 1 , Dr. M. Mohr 2

UDT 2020 UDT Extended Abstract Template Presentation/Panel Submarine platform automation enabler of an optimized crew concept H. Wehner 1 , Dr. M. Mohr 2 1 Head of Product Architecture Submarines, thyssenkrupp Marine Systems, Kiel, Germany 2

365 views • 4 slides
A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance Michael Gutsche, Cybersecurity Strategy Peter Bronson, Cybersecurity Strategy #MicroFocusCyberSummit This document contains forward looking

245 views • 21 slides
ENTRONIX ENERGY MANAGEMENT PLATFORM ABOUT ENTRONIX 2 WE KNOW BUILDING AUTOMATION At Entronix,

ENTRONIX ENERGY MANAGEMENT PLATFORM ABOUT ENTRONIX 2 WE KNOW BUILDING AUTOMATION At Entronix,

1 ENTRONIX ENERGY MANAGEMENT PLATFORM ABOUT ENTRONIX 2 WE KNOW BUILDING AUTOMATION At Entronix, our focus is making easily deployable and intuitive energy management platforms for commercial facilities. The Entronix team consists of hardware,

742 views • 20 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference

SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference

SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security Project 4. Next Steps With SCAP 5. Summary

388 views • 23 slides
Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at Trend Micro @marknca The goal of cybersecurity Make sure that systems work as intended The goal of cybersecurity Make sure that systems work as

824 views • 45 slides
glu deployment automation platform July 2011 Yan Pujante in: http://www.linkedin.com/in/yan

glu deployment automation platform July 2011 Yan Pujante in: http://www.linkedin.com/in/yan

glu deployment automation platform July 2011 Yan Pujante in: http://www.linkedin.com/in/yan blog: http://pongasoft.com/blog/yan @yanpujante * To see a video of this presentation given at Chicago devops, check this link:

905 views • 55 slides
STRONG ORDER INTAKE IN CORPORATE SECURITY AGENDA Highlights from Q3 Market update

STRONG ORDER INTAKE IN CORPORATE SECURITY AGENDA Highlights from Q3 Market update

Samu Konttinen, CEO Interim Results Q3/2016 3 November, 2016 STRONG ORDER INTAKE IN CORPORATE SECURITY AGENDA Highlights from Q3 Market update Business update Outlook Financials KEY TAKEAWAYS FROM Q3 Corporate security

788 views • 32 slides
Gourmet Cyber Security on a Fast Food Budget DAVID ROSSELL, PH.D., CISSP NTIVA, INC. Maximizing

Gourmet Cyber Security on a Fast Food Budget DAVID ROSSELL, PH.D., CISSP NTIVA, INC. Maximizing

Gourmet Cyber Security on a Fast Food Budget DAVID ROSSELL, PH.D., CISSP NTIVA, INC. Maximizing Your Cybersecurity Investment o Know What You Value o Understand Your Risks o Invest appropriately Know What You Value Understand your data o What

506 views • 17 slides
Benchmarking Vulnerability Detection Tools for Web Services Nuno Antunes, Marco Vieira { nmsa ,

Benchmarking Vulnerability Detection Tools for Web Services Nuno Antunes, Marco Vieira { nmsa ,

Benchmarking Vulnerability Detection Tools for Web Services Nuno Antunes, Marco Vieira { nmsa , mvieira}@dei.uc.pt ICWS 2010 CISUC Department of Informatics Engineering University of Coimbra, Portugal Outline The problem Benchmarking

447 views • 25 slides
VSP Workshop 2016 OpenVSP Variable Presets Presented by: Bryan Schmidt Empirical Systems

VSP Workshop 2016 OpenVSP Variable Presets Presented by: Bryan Schmidt Empirical Systems

1 VSP Workshop 2016 OpenVSP Variable Presets Presented by: Bryan Schmidt Empirical Systems Aerospace, Inc. VSP Workshop 2016 Aug. 23 rd 25 th Empirical Systems Aerospace, Inc., Oceano, CA www.esaero.com NNX09CC86P SBIR Review,

374 views • 12 slides
City of Carpinteria Memorandum TO : General Plan/Coastal Plan Update Committee FROM: Steve

City of Carpinteria Memorandum TO : General Plan/Coastal Plan Update Committee FROM: Steve

City of Carpinteria Memorandum TO : General Plan/Coastal Plan Update Committee FROM: Steve Goggia, Community Development Director CC: Dave Durflinger, City Manager SUBJECT: Committee Discussion Items for the Meeting of September 18, 2017 DATE:

394 views • 16 slides
Audit Services December 2011 PURPOSE OF PRESENTATI ON Explain roles and responsibilities

Audit Services December 2011 PURPOSE OF PRESENTATI ON Explain roles and responsibilities

Audit Services December 2011 PURPOSE OF PRESENTATI ON Explain roles and responsibilities of the audit department Describe office philosophy Discuss Ways For You To Help Us MI SSI ON The mission of the University of California

518 views • 14 slides
Tax Issues in Real Estate Loan Tax Issues in Real Estate Loan Workouts, Foreclosures and Short

Tax Issues in Real Estate Loan Tax Issues in Real Estate Loan Workouts, Foreclosures and Short

Presenting a live 110 minute webinar with interactive Q&A Tax Issues in Real Estate Loan Tax Issues in Real Estate Loan Workouts, Foreclosures and Short Sales Avoiding Unintended Tax Consequences With Distressed Property WEDNES DAY,

1.47k views • 88 slides
Toendepi Shonhe The Land Question: Politics or Economic? Tracing Inequality o 4% (Whites) of

Toendepi Shonhe The Land Question: Politics or Economic? Tracing Inequality o 4% (Whites) of

Toendepi Shonhe The Land Question: Politics or Economic? Tracing Inequality o 4% (Whites) of population controlled over 90% of the economy 96% (blacks) of the population controlled 10% of the economy (Mazhinji and Kamidza, 2011) o So, skewed

531 views • 24 slides

More recommend