SlideShare a Scribd company logo

Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

Riverbed Technology, profile picture
Riverbed Technology

The document discusses the shift in focus from network and infrastructure security to securing cloud applications, highlighting the vulnerabilities associated with using third-party services and the consequences of not securing these applications. It emphasizes the necessity of a distributed web application firewall specifically designed for cloud environments to efficiently manage security across multiple applications and infrastructures. Key drivers for application security include regulatory compliance, brand reputation, and minimizing business losses due to security breaches.

Technology
1 of 12
Downloaded 47 times
1
2
3
4
5
6
7
8
9
10
11
12
Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com   ©2013  Riverbed  Technology  
Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS ©2013  Riverbed  Technology    |    www.riverbed.com   INFRASTRUCTURE APPLICATIONS
Cloud Applications Are Exposed to New Threats Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud   Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud ©2013  Riverbed  Technology    |    www.riverbed.com  
There is a Real Cost of Not Securing Applications Global headlines. Real business impact. 3 $10,000,000 500,000 $94,000,000 40,000,000+ Months offline fined for security breach replacement credit cards issued in remediation costs credit card details lost ©2013  Riverbed  Technology    |    www.riverbed.com  
Beyond $$: Other Business Drivers for Application Security !   Regulatory Pressures !   PCI DSS, HIPAA, etc. Compliance Revenue & Reputation !   Opportunity cost of remediation !   Brand and reputation damage !   Loss of income !   Data Privacy Act Best Practices !   Security Governance !   Cross-business collaboration !   Delegation of responsibility !   Understand changing risk profiles of your application !   Due Diligence ©2013  Riverbed  Technology    |    www.riverbed.com  
Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Malicious requests (e.g. SQL-injection) Cross-site request forgery (CSRF) Authentication and session attacks Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/ ©2013  Riverbed  Technology    |    www.riverbed.com   URL manipulation
Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment Increased capital costs Decreased provisioning agility in a dynamic, virtualized environment Increased management costs without levels of delegation for administration ©2013  Riverbed  Technology    |    www.riverbed.com  
REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security
The Web Application Firewall Must be Massively Scalable & Portable !   Across CPU, computer, server rack and data center boundaries Public Private !   Across multiple applications at a time (e.g. cloud bursting) !   Across private, hybrid or public clouds, and small or large traditional data centers !   Available as virtual appliance and a plug-in !   Start small, but allow scale up without changes to security solution Data Center Local Machine ©2013  Riverbed  Technology    |    www.riverbed.com  
Flexible, Portable Across Platforms Fits into existing infrastructures and processes Available as virtual appliance and a plug-in ©2013  Riverbed  Technology    |    www.riverbed.com   Can live in a wide variety of components effectively Mixes traditional and virtual technologies
Distributed and Delegated Management Public 1 2 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Private 3 Proactive Monitoring – tuned for each application 4 Multi administrator privileges to handle diverse security policy schemes Fits into any – existing or planned – application delivery infrastructure. ©2013  Riverbed  Technology    |    www.riverbed.com  
Securing Cloud Applications with a Distributed Web Application Firewall    Download  the  Complete  Whitepaper  from     www.riverbed.com/s2ngray-­‐appsec   Follow  Us  :   www.riverbed.com©2013   ©2013  Riverbed  Technology  

More Related Content

PDF
Is workforce mobility presenting new technology challenges?
Parallels Inc
 
PDF
Why cyber security is a priority for your retail business
Tata Tele Business Services
 
PDF
ePlus Intelligent Branch
ePlus
 
PPTX
WatchGuard Firewall & Network Security
Marketing Team
 
PPTX
HP2065_TieCon_Presentation_V7
Mark Interrante
 
PDF
The Software Defined Enterprise
VMware Tanzu
 
PDF
Ericom Connect datasheet
Ericom Software
 
PDF
CipherGraph Networks: Introduction
CipherGraph Networks
 
Is workforce mobility presenting new technology challenges?
Parallels Inc
 
Why cyber security is a priority for your retail business
Tata Tele Business Services
 
ePlus Intelligent Branch
ePlus
 
WatchGuard Firewall & Network Security
Marketing Team
 
HP2065_TieCon_Presentation_V7
Mark Interrante
 
The Software Defined Enterprise
VMware Tanzu
 
Ericom Connect datasheet
Ericom Software
 
CipherGraph Networks: Introduction
CipherGraph Networks
 

What's hot (20)

PDF
NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
ePlus
 
PPTX
The Advent of Serverless Technologies
Cloudflare
 
PDF
The vmware story
Gian Marco Pizzuti
 
PDF
Developer Day 2014 - 2 - philippe guillemette - sierra wireless device to clo...
Thibault Cantegrel
 
PDF
Level Up to a Seamless End-User Experience
VMware
 
PDF
Powering IT Transformation For Any Business
ePlus
 
PPT
Cloud computing web 2.0 By Joanna Hendricks BMT 580
Joanna Hendricks
 
PPTX
CDW Presents the Future of IT - Software-Defined Enterprise
CDW
 
PPTX
ePlus Virtualized Network
ePlus
 
PDF
Solving access for Hybrid IT
Jeff Green
 
PDF
SD-WAN iFLX-Brochure
Tata Tele Business Services
 
PPTX
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
PPTX
DELL Technologies - The Complete Portfolio in 25 Minutes
Smarter.World
 
PPTX
The Need for Cloud-Driven Work Infrastructure
Inspirisys Solutions Limited
 
PPTX
Presentation ppm ppt
Premkumar Bazskarraj
 
PDF
MT82 IoT Security Starts at Edge
Dell EMC World
 
PPTX
HP: De toekomst van personal computing toestellen.
Marketing Team
 
PDF
Secaa s cat_10_network_security_implementation_guidance
drewz lin
 
PPT
Fort Technologies Cloud Iaa S
johnmuni
 
PDF
Cloud Computing for Government Industry
SAP Silver Touch
 
NetScaler: One Device, Every Need Guiding Enterprise IT to New Heights
ePlus
 
The Advent of Serverless Technologies
Cloudflare
 
The vmware story
Gian Marco Pizzuti
 
Developer Day 2014 - 2 - philippe guillemette - sierra wireless device to clo...
Thibault Cantegrel
 
Level Up to a Seamless End-User Experience
VMware
 
Powering IT Transformation For Any Business
ePlus
 
Cloud computing web 2.0 By Joanna Hendricks BMT 580
Joanna Hendricks
 
CDW Presents the Future of IT - Software-Defined Enterprise
CDW
 
ePlus Virtualized Network
ePlus
 
Solving access for Hybrid IT
Jeff Green
 
SD-WAN iFLX-Brochure
Tata Tele Business Services
 
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
DELL Technologies - The Complete Portfolio in 25 Minutes
Smarter.World
 
The Need for Cloud-Driven Work Infrastructure
Inspirisys Solutions Limited
 
Presentation ppm ppt
Premkumar Bazskarraj
 
MT82 IoT Security Starts at Edge
Dell EMC World
 
HP: De toekomst van personal computing toestellen.
Marketing Team
 
Secaa s cat_10_network_security_implementation_guidance
drewz lin
 
Fort Technologies Cloud Iaa S
johnmuni
 
Cloud Computing for Government Industry
SAP Silver Touch
 
Ad

Viewers also liked (6)

PDF
Cascade 10.5: Visibility & Control
Riverbed Technology
 
PPTX
Cascade 10.0 ---- Application Aware Network Performance Management (NPM)
Riverbed Technology
 
PPTX
Riverbed SteelCentral AppResponse 9.0 NetProfiler and NetShark 10.6
Riverbed Technology
 
PPTX
SteelCentral Network Planning and Configuration Management (NPCM)
Riverbed Technology
 
PDF
Riverbed Remote Office/Branch Office IT Survey
Riverbed Technology
 
PDF
Riverbed and HPE Services for Office 365
Riverbed Technology
 
Cascade 10.5: Visibility & Control
Riverbed Technology
 
Cascade 10.0 ---- Application Aware Network Performance Management (NPM)
Riverbed Technology
 
Riverbed SteelCentral AppResponse 9.0 NetProfiler and NetShark 10.6
Riverbed Technology
 
SteelCentral Network Planning and Configuration Management (NPCM)
Riverbed Technology
 
Riverbed Remote Office/Branch Office IT Survey
Riverbed Technology
 
Riverbed and HPE Services for Office 365
Riverbed Technology
 
Ad

Similar to Riverbed Securing Cloud Applications with a Distributed Web Application Firewall (20)

PPTX
Cloud Web Application Firewall - GlobalDots
GlobalDots
 
PDF
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
white paper
 
PDF
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
CyberPro Magazine
 
PDF
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
CyberPro Magazine
 
PDF
Are you fighting_new_threats_with_old_weapons
Bhargav Modi
 
PPTX
Andrew Useckas Csa presentation hacking custom webapps 4 3
Trish McGinity, CCSK
 
PDF
Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Aujas Networks Pvt. Ltd.
 
PDF
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
EC-Council
 
PDF
Cloud servers-new-risk-considerations
Accenture
 
PPT
Cloud Computing Security Needs & Problems Alon Refaeli
refaeli
 
PDF
Presd1 10
Niels Groeneveld
 
DOCX
What is the future of cloud security linked in
Jonathan Spindel
 
PDF
Why Do You Need a Web Application Firewall?
BORNSEC CONSULTING
 
PPTX
Webscale webinar about Web Application Firewall
Webscale Networks
 
PPTX
Decentralized cloud firewall framework with resources provisioning cost optim...
aish006
 
PPT
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
 
PDF
Top Cloud Threats
Piyush Mittal
 
PDF
Csathreats.v1.0
vivek_kale27
 
PDF
Securing Microservices in Containerized Environments
DevOps.com
 
PDF
Cloud Application Security Best Practices To follow.pdf
Techugo
 
Cloud Web Application Firewall - GlobalDots
GlobalDots
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
white paper
 
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
CyberPro Magazine
 
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
CyberPro Magazine
 
Are you fighting_new_threats_with_old_weapons
Bhargav Modi
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Trish McGinity, CCSK
 
Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Aujas Networks Pvt. Ltd.
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
EC-Council
 
Cloud servers-new-risk-considerations
Accenture
 
Cloud Computing Security Needs & Problems Alon Refaeli
refaeli
 
Presd1 10
Niels Groeneveld
 
What is the future of cloud security linked in
Jonathan Spindel
 
Why Do You Need a Web Application Firewall?
BORNSEC CONSULTING
 
Webscale webinar about Web Application Firewall
Webscale Networks
 
Decentralized cloud firewall framework with resources provisioning cost optim...
aish006
 
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
 
Top Cloud Threats
Piyush Mittal
 
Csathreats.v1.0
vivek_kale27
 
Securing Microservices in Containerized Environments
DevOps.com
 
Cloud Application Security Best Practices To follow.pdf
Techugo
 

More from Riverbed Technology (20)

PPTX
Four Factors for Evaluating SD-WAN Solutions
Riverbed Technology
 
PPTX
Are your apps chasing users away? How to deliver superior Digital Experiences
Riverbed Technology
 
PPTX
Digital Experience Management—The Key to Delivering Exceptional Digital Exper...
Riverbed Technology
 
PPTX
Are you REALLY ready for the cloud?
Riverbed Technology
 
PDF
Modernizing Edge IT with Riverbed SteelFusion
Riverbed Technology
 
PPTX
Why and How to Monitor Application Performance in Azure
Riverbed Technology
 
PPTX
Suffering from “Franken” Monitoring?
Riverbed Technology
 
PPTX
The Need for Unified Performance Management
Riverbed Technology
 
PPTX
Riverbed Software Defined IT Survey
Riverbed Technology
 
PDF
Detect and Fix Performance Problems Faster
Riverbed Technology
 
PDF
Exposing and Fixing Common App Performance Problems
Riverbed Technology
 
PDF
Learn how Intuit created an application-aware network performance platform
Riverbed Technology
 
PDF
SteelCentral NetSensor 3.0
Riverbed Technology
 
PDF
Take Control of Application Performance
Riverbed Technology
 
PDF
Expand the Business Value of Riverbed Solutions with New Optimize Services
Riverbed Technology
 
PPTX
SteelCentral Portal Take the War Out of the War Room
Riverbed Technology
 
PPTX
Expect More Value. Get More Value.
Riverbed Technology
 
PDF
Riverbed FORCE
Riverbed Technology
 
PPTX
Ensuring the compliance, resiliency, and availability of business-critical ne...
Riverbed Technology
 
PDF
Riverbed Business Value Snapshot
Riverbed Technology
 
Four Factors for Evaluating SD-WAN Solutions
Riverbed Technology
 
Are your apps chasing users away? How to deliver superior Digital Experiences
Riverbed Technology
 
Digital Experience Management—The Key to Delivering Exceptional Digital Exper...
Riverbed Technology
 
Are you REALLY ready for the cloud?
Riverbed Technology
 
Modernizing Edge IT with Riverbed SteelFusion
Riverbed Technology
 
Why and How to Monitor Application Performance in Azure
Riverbed Technology
 
Suffering from “Franken” Monitoring?
Riverbed Technology
 
The Need for Unified Performance Management
Riverbed Technology
 
Riverbed Software Defined IT Survey
Riverbed Technology
 
Detect and Fix Performance Problems Faster
Riverbed Technology
 
Exposing and Fixing Common App Performance Problems
Riverbed Technology
 
Learn how Intuit created an application-aware network performance platform
Riverbed Technology
 
SteelCentral NetSensor 3.0
Riverbed Technology
 
Take Control of Application Performance
Riverbed Technology
 
Expand the Business Value of Riverbed Solutions with New Optimize Services
Riverbed Technology
 
SteelCentral Portal Take the War Out of the War Room
Riverbed Technology
 
Expect More Value. Get More Value.
Riverbed Technology
 
Riverbed FORCE
Riverbed Technology
 
Ensuring the compliance, resiliency, and availability of business-critical ne...
Riverbed Technology
 
Riverbed Business Value Snapshot
Riverbed Technology
 

Recently uploaded (20)

PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Approach and Philosophy of On baking technology
30anthuong17
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
A Presentation on Artificial Intelligence
memembruh336
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 

Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

  • 1. Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com   ©2013  Riverbed  Technology  
  • 2. Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS ©2013  Riverbed  Technology    |    www.riverbed.com   INFRASTRUCTURE APPLICATIONS
  • 3. Cloud Applications Are Exposed to New Threats Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud   Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 4. There is a Real Cost of Not Securing Applications Global headlines. Real business impact. 3 $10,000,000 500,000 $94,000,000 40,000,000+ Months offline fined for security breach replacement credit cards issued in remediation costs credit card details lost ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 5. Beyond $$: Other Business Drivers for Application Security !   Regulatory Pressures !   PCI DSS, HIPAA, etc. Compliance Revenue & Reputation !   Opportunity cost of remediation !   Brand and reputation damage !   Loss of income !   Data Privacy Act Best Practices !   Security Governance !   Cross-business collaboration !   Delegation of responsibility !   Understand changing risk profiles of your application !   Due Diligence ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 6. Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Malicious requests (e.g. SQL-injection) Cross-site request forgery (CSRF) Authentication and session attacks Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/ ©2013  Riverbed  Technology    |    www.riverbed.com   URL manipulation
  • 7. Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment Increased capital costs Decreased provisioning agility in a dynamic, virtualized environment Increased management costs without levels of delegation for administration ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 8. REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security
  • 9. The Web Application Firewall Must be Massively Scalable & Portable !   Across CPU, computer, server rack and data center boundaries Public Private !   Across multiple applications at a time (e.g. cloud bursting) !   Across private, hybrid or public clouds, and small or large traditional data centers !   Available as virtual appliance and a plug-in !   Start small, but allow scale up without changes to security solution Data Center Local Machine ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 10. Flexible, Portable Across Platforms Fits into existing infrastructures and processes Available as virtual appliance and a plug-in ©2013  Riverbed  Technology    |    www.riverbed.com   Can live in a wide variety of components effectively Mixes traditional and virtual technologies
  • 11. Distributed and Delegated Management Public 1 2 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Private 3 Proactive Monitoring – tuned for each application 4 Multi administrator privileges to handle diverse security policy schemes Fits into any – existing or planned – application delivery infrastructure. ©2013  Riverbed  Technology    |    www.riverbed.com  
  • 12. Securing Cloud Applications with a Distributed Web Application Firewall    Download  the  Complete  Whitepaper  from     www.riverbed.com/s2ngray-­‐appsec   Follow  Us  :   www.riverbed.com©2013   ©2013  Riverbed  Technology