Using Cloud Native Technologies to Solve Complex Application - - PowerPoint PPT Presentation

using cloud native technologies to solve complex
SMART_READER_LITE
LIVE PREVIEW

Using Cloud Native Technologies to Solve Complex Application - - PowerPoint PPT Presentation

Jan 25, 2024 133 likes •306 views

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments Cequence Security: A Cloud Native Approach to Application Security Venture-backed start-up bringing much-needed innovation to

slide-1
SLIDE 1

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments

slide-2
SLIDE 2

2

Cequence Security: A Cloud Native Approach to Application Security

  • Venture-backed start-up bringing much-needed innovation to application

security

  • Award-winning AI-powered security platform delivered as containers to

protect web, mobile, API-based applications from bot attacks and vulnerability exploits

  • Built on top of cloud native components like Kubernetes and Prometheus
  • Plays well with existing ingress controllers and Sidecars like Envoy and

NGINX, without needing to replace them

  • Visit us at www.cequence.ai

DATA CENTER PUBLIC CLOUD CLOUD NATIVE

slide-3
SLIDE 3

3

Supplier API Partner API Web Customer Mobile Customer

Your Public Facing Applications Are Attack Targets

Business Logic Abuse

  • Highly automated
  • Content appears legitimate
  • Difficult to detect and block

Vulnerability Exploits

  • Highly targeted
  • Exploiting app vulnerabilities
  • Both known and unknown
slide-4
SLIDE 4

4

Runtime Application Protection for Monolithic Applications

Internet Load Balancer

MONOLTHIC APPLICATIONS

Frontend Data Access Business Logic

WAF Breach Vulnerability Scan

PUBLIC CLOUD DATA CENTER

slide-5
SLIDE 5

5

Internet

Runtime Application Protection for Monolithic Applications

Load Balancer Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping

MONOLTHIC APPLICATIONS

Frontend Data Access Business Logic

WAF Breach Vulnerability Scan

PUBLIC CLOUD DATA CENTER

BOT

slide-6
SLIDE 6

6

Runtime Application Protection for Monolithic Applications

Internet

MONOLTHIC APPLICATIONS

Frontend Data Access Business Logic

Load Balancer Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping WAF Breach Vulnerability Scan

PUBLIC CLOUD DATA CENTER

BOT App DDOS Application Floods

slide-7
SLIDE 7

7

Monolith to Microservices

MONOLTHIC APPLICATIONS

User Interface Data Access Business Logic User Interface

API </> API </> API </> API </> API </>

USER MANAGEMENT MICROSERVICE SHOPPING CART MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE INVENTORY MGMT MICROSERVICE

slide-8
SLIDE 8

8

New Security Challenge: Increased Entry Points

User Interface

API </> API </> API </> API </> API </>

USER MANAGEMENT MICROSERVICE SHOPPING CART MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE INVENTORY MGMT MICROSERVICE

Internet

Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping WAF Breach Vulnerability Scan BOT App DDOS Application Floods

slide-9
SLIDE 9

9

New Security Challenge: Keep up with DevOps Pace

User Interface

API </> API </> API </> API </> API </>

USER MANAGEMENT MICROSERVICE SHOPPING CART v2 MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE INVENTORY MGMT MICROSERVICE

API </>

SHOPPING CART MICROSERVICE

API </>

CUSTOMER RATINGS MICROSERVICE

Internet

Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping WAF Breach Vulnerability Scan BOT App DDOS Application Floods

slide-10
SLIDE 10

10

New Security Challenge: Heterogeneous Environments

User Interface

API </> API </> API </> API </> API </>

USER MANAGEMENT MICROSERVICE SHOPPING CART MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE INVENTORY MGMT MICROSERVICE

Internet

Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping WAF Breach Vulnerability Scan BOT App DDOS Application Floods

slide-11
SLIDE 11

11

New Security Challenge: Multi-Cloud Environments

User Interface

API </> API </> API </> API </> API </>

USER MANAGEMENT MICROSERVICE SHOPPING CART MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE INVENTORY MGMT MICROSERVICE

Internet

Fake Accounts Credential Stuffing Fake Likes Inventory Lockup Scraping WAF Breach Vulnerability Scan BOT App DDOS Application Floods

slide-12
SLIDE 12

12

New Approach: From Perimeter Defense to Microservices Defense

MONOLTHIC APPLICATIONS

Frontend Data Access Business Logic

API </>

App DDoS Bot WAF

MICROSERVICES PODS WAF BOT App DDOS

slide-13
SLIDE 13

13

Runtime Application Protection for Microservices

User Interface

USER MANAGEMENT MICROSERVICE SHOPPING CART MICROSERVICE DATA ACCESS MICROSERVICE CUSTOMER REVIEWS MICROSERVICE

Internet

INVENTORY MANAGEMENT MICROSERVICE

API </>

App DDoS Bo t W AF

API </>

App DDoS Bo t W AF

API </>

App DDoS Bo t W AF

API </>

App DDoS Bo t W AF

API </>

App DDoS Bo t W AF

slide-14
SLIDE 14

14

Must-Haves in Runtime Application Protection for Microservices

  • Designed to work with existing applications without making modifications
  • Non-invasive: no agents, SDK, or JavaScript
  • Single pane of glass for all microservices
  • Protection moves with the microservices to any cloud
  • Microservices based protection for protecting other microservices
  • Co-exist and not replace with existing Ingress Controllers and Sidecars

SIMPLE RELEVANT EFFECTIVE

slide-15
SLIDE 15

15

New Security Stack for Microservices

Infrastructure Security Container Security & Compliance Runtime Application Protection (WAF, Bot & Application DDoS)

slide-16
SLIDE 16

16

slide-17
SLIDE 17

17

Thank you!