Cloud security monitoring
0 likes65 views
The document highlights the importance of cloud security monitoring for organizations rapidly adopting cloud services such as SaaS applications and platforms like AWS and Azure. It emphasizes the need for visibility into cloud activities and the implementation of best practice controls to mitigate risks and detect anomalies. CenturyLink is presented as a security partner that offers comprehensive monitoring solutions to protect enterprises from data breaches and misconfigurations.
Cloud security monitoring
- 1. Visibility Get full visibility into activity in all your cloud environments and accounts. Let your teams develop while having confidence there are no unknown risks. Policy Monitoring Apply best practice controls to your configuration and usage of cloud services. Arm your teams with best practices to quickly find misconfigurations. Anomaly Detection Detect malicious use from inside or outside your organization. Use advanced analytics to detect inappropriate use of resources from internal or external attacks. Cloud Security Monitoring Get the people, process, and technology you need so you can focus on moving to the cloud instead of worrying about security. Most organizations are rapidly adopting SaaS applications like Office365, Google Apps, Salesforce and more to run their business. Many are also leveraging AWS, Azure, or Google Cloud Platform to do research, develop new applications, or scale production workloads. Although businesses are benefiting from expanded IT capabilities, there’s been an increase in data breaches due to misconfiguration of cloud services. Configuring these services often falls to developers and application owners who lack an understanding of best practices for cloud security. To successfully adopt cloud and enable your teams to move at competitive speed, you need visibility into who is accessing your key enterprise cloud services, what activity is taking place, and how these services are being administered. You need a security partner with deep cloud security expertise and CenturyLink has you covered with Cloud Security Monitoring. ABC <XML><XML><XML>*J&! abcd 4%SF *J&! *J&!4%SF abcdABC REPORT Discover Protect Controls Analysis Best Practices Compliance Map Enrich Data + Machine Learning 24x7 Expert Monitoring & Response SIEM Integration Scheduled Reporting Detect Respond Simple Deployment 10 minutes to full visibility, just a simple connection to cloud services via API Integrate with Existing Security Integrate simply with existing security SIEM for a complete view 24x7 Ops Support from Our Global Team of Security Experts Our global SOC teams monitor activity around the clock
- 2. Suspicious Logon Evaluation of device information, IP, location, and service accessed Bruteforce Logon Attempt Failed attempts over time, evaluation MFA failure vs PW API Commands API execution from known malicious IP Attempted Privilege Escalation Excessive attempts to access unapproved resources Unusual Velocity of File Access Access or downloads that violate user or peer norms Communication with Known Malicious IP File transfer or API access from known malicious IP Unusual Administration Unusual commands issued by administrators Unusual Instance Start Use of resources in a way not typical for a given admin Disable Logging Disabling of logging on compute or database instance Command and Control Communication outbound to known malicious IP Use of Sensitive External Ports Two-way connections over SSH, RDP, FTP Unusual Traffic Pattern Traffic flows that deviate from typical patterns About CenturyLink CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world’s best networking company by solving customers’ increased demand for reliable and secure connections. The company also serves as its customers’ trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business. Analytic Examples ACCESS ADMINISTRATION USER ACTIVITY NETWORK Is Cloud Security Monitoring Right for You? Do you need to know if stolen user credentials are used to access your Office365 applications? Should you identify when a user downloads an unusual number of files from Google Drive? Do you need to ensure security configurations in AWS accounts follow best practices? Should you be able to identify bitcoin mining servers started in an unused Azure region?