where are we now and where is the industry going? · microservices & cloud native architectures...
TRANSCRIPT
![Page 1: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/1.jpg)
18QUALYS SECURITY CONFERENCE 2018
Making the World Safer - One App at a Time
Where Are We Now and Where is the Industry Going?
Philippe Courtot Chairman and CEO, Qualys, Inc.
![Page 2: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/2.jpg)
Our Beginnings
Qualys Cloud Platform 1.0 The Vulnerability Management years – 1999 to 2011
November 29, 2018 QSC Conference, 2018 2
Huge resistance to Cloud adoption Scalability/accuracy Consolidation of best-of-breed solutions
![Page 3: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/3.jpg)
Where Are We Now?
Qualys Cloud Platform 2.0 Delivering an Integrated Suite of Security and Compliance solutions - 2012 to 2018
November 29, 2018 QSC Conference, 2018 3
Major re-architecting of our Back-End Started OPS, DevOps, Customer Support and Engineering In India Expanded our solution to more than 10 Apps and made our first technology acquisitions
![Page 4: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/4.jpg)
Where Are We Going?
Qualys Cloud Platform 3.0 Single pane of view that unifies IT, Security & Compliance - Entering the OT and IOT space - 2019 to 2021
November 29, 2018 QSC Conference, 2018 4
Groundbreaking Global IT Asset Inventory solution Consolidating more solutions Bringing to market an integrated Incidence Response solution
![Page 5: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/5.jpg)
Where is the Industry Going?
Major Consolidation The era of the Cloud is coming fast and furious and unavoidable - 2019 to 2021
November 29, 2018 QSC Conference, 2018 5
The Irresistible Rise of the Public Cloud Platforms From Business continuity to Cyber Resilience Building Security In - Not Bolting it on Accelerated Industry Consolidation
![Page 6: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/6.jpg)
18QUALYS SECURITY CONFERENCE 2018
Sumedh Thakar Chief Product Officer, Qualys, Inc.
Regaining Our Lost Visibility
![Page 7: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/7.jpg)
IT Transformation Infrastructure & Application
![Page 8: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/8.jpg)
Digital Transformation Holistic Transformation of Business to Digital
Cloud, Containers, IaaS, PaaS, OT, IIoT, IoT, Mobility, Web apps, APIs, Mobile Apps
November 29, 2018 QSC Conference, 2018 9
![Page 9: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/9.jpg)
Clouds
East Coast Datacenter
NETWORKS
VMs
DB
STORAGE
BARE METAL
Work Stations
Mobile Workforce
Hybrid Cloud Overview Architecture
West Coast Datacenter
NETWORKS
VMs
DB
STORAGE
BARE METAL
On-Premise
![Page 10: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/10.jpg)
Containers Real game changer
Hypervisor disappearing, bare metal is back
Kubernetes Infrastructure-as-code
Container-as-a-Service AWS Fargate
AWS Lambda function-as-a-service, serverless!
Kubefed?
“Priceline” for Containers?
November 29, 2018 QSC Conference, 2018 11
![Page 11: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/11.jpg)
DevOps This is real and highly contagious
Developer decides how infrastructure runs in production
Speeds up significantly how fast code goes to production
November 29, 2018 QSC Conference, 2018 12
![Page 12: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/12.jpg)
On-Prem Shrinking Datacenter Footprint
Increasing OT & IIoT
Corp IT – more distributed & mobile
More IoT!
November 29, 2018 QSC Conference, 2018 13
![Page 13: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/13.jpg)
Enterprise Mobility != BYoD Enterprise owned handheld devices
Indispensable to modern business
Running apps handling sensitive business & consumer data
Mobile!
November 29, 2018 QSC Conference, 2018 14
![Page 14: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/14.jpg)
Web Apps & APIs
Web Apps for the humans
APIs for the inhumans
Wide window into all your data
November 29, 2018 QSC Conference, 2018 15
![Page 15: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/15.jpg)
SaaS More aaS everywhere
No infrastructure to manage
No Applications to code or manage
November 29, 2018 QSC Conference, 2018 16
![Page 16: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/16.jpg)
SaaS
November 29, 2018 QSC Conference, 2018 17
![Page 17: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/17.jpg)
Security
![Page 18: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/18.jpg)
November 29, 2018 QSC Conference, 2018 19
IBM PC AT
![Page 19: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/19.jpg)
November 13, 1984 PC Magazine about IBM PC AT
“The AT provides the first real system for allowing executives to sleep at night:
A hard-to-duplicate ‘tubular’ key locks all but key holders out of the system”
November 29, 2018 QSC Conference, 2018 20
![Page 20: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/20.jpg)
34 years later No magic key = No sleep at night!
Same challenges x 10
No visibility across global hybrid infrastructure
Still need to do Vulnerability & Configuration management
Still need to monitor integrity of systems(?)
More data incoming into “SIEM” deployments
Basically no visibility to respond
Compliance demands on new infrastructure
November 29, 2018 QSC Conference, 2018 21
![Page 21: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/21.jpg)
November 29, 2018 QSC Conference, 2018 22
![Page 22: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/22.jpg)
Future of Security
Transparent Orchestration
Built-in Automation the only real solution
Starts in DevOps
New generation of Security Analytics platforms
November 29, 2018 QSC Conference, 2018 23
![Page 23: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/23.jpg)
Qualys
![Page 24: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/24.jpg)
Qualys Platform Approach Embracing our own Digital Transformation
Massive expansion of backend for visibility – 620 Billion security datapoints indexed
Comprehensive coverage of sensors – scanners, agents, cloud connectors, container sensors, passive sniffers and mobile agents
November 29, 2018 QSC Conference, 2018 25
![Page 25: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/25.jpg)
Extending solutions into remediation & response
Building dedicated Data science team
Rapid expansion of R&D org
Key technology acquisitions & Investments
November 29, 2018 QSC Conference, 2018 26
Qualys Platform Approach
![Page 26: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/26.jpg)
Acquisitions & Investments
November 29, 2018 QSC Conference, 2018 27
Nevis Passive Scanning & Secure Access Control
Netwatcher Event Correlation Platform
1Mobility Enterprise Mobility
Layered Insight Built-in Runtime Container Security
42Crunch Investment API Security
Frog 1
Frog 2
![Page 27: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/27.jpg)
Qualys Cloud Apps
November 29, 2018 QSC Conference, 2018 28
Secure web applications with end-to-end protection
Web Application Scanning Web Application Firewall Block attacks and virtually patch web application vulnerabilities
WEB APPLICATION SECURITY
Security Configuration Assessment Automate configuration assessment of global IT assets
Policy Compliance PCI Compliance
Security Assessment Questionnaire
Assess security configurations of IT systems throughout your network
Automate, simplify and attain PCI compliance quickly
Minimize the risk of doing business with vendors and other third parties
COMPLIANCE MONITORING
ASSET MANAGEMENT
Asset Inventory Maintain full, instant visibility of all your global IT assets
CMDB Sync Synchronize asset information from Qualys into ServiceNow CMDB
File Integrity Monitoring Log and track file changes across global IT systems
Cloud Security Assessment Get full visibility and control across all public cloud instances
Continuously detect and protect against attacks, anytime, anywhere
Vulnerability Management Threat Protection Continuous Monitoring Pinpoint your most critical threats and prioritize patching
Alerts you in real time about network irregularities
IT SECURITY
Indication of Compromise Continuously monitor endpoints to detect suspicious activity
Container Security Discover, track, and continuously protect containers
Certificate Assessment
Cloud Inventory Certificate Inventory Inventory of all your cloud assets across AWS, Azure, GCP and others
Inventory of TLS/SSL digital certificates on a global scale
Assess all your digital certificates for TLS/SSL vulnerabilities
FIM
IOC
AI
VM CMTP
PCI
WAS WAF
PC
SAQ
CI
CRA
CRI
CS
CSA
SCA
SYN
![Page 28: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/28.jpg)
Q4 2018 – more apps to come
November 29, 2018 QSC Conference, 2018 29
2018 2019
Patch Management – beta
Passive Network Senor (unmanaged assets) – beta
Global IT Asset Management (managed assets) – GA
AMPM
PAS
![Page 29: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/29.jpg)
2019 – even more apps to come! Secure Enterprise Mobility
Secure Access Control
API Security
Software Composition Analysis
Breach and Attack Simulation
Security Data Lake & Correlation Platform
November 29, 2018 QSC Conference, 2018 30
![Page 30: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/30.jpg)
Unified Dashboards
November 29, 2018 QSC Conference, 2018 31
![Page 31: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/31.jpg)
DEMO
![Page 32: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/32.jpg)
It’s the Platform! (a real one)
![Page 33: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/33.jpg)
![Page 34: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/34.jpg)
Cloud Platform Environment Security at scale on hybrid clouds
15+ products providing comprehensive suite of security solutions
10,300+ customers
7 shared cloud platforms across North America, Europe & Asia
70+ private clouds platforms deployed globally... on-prem, AWS, Azure, GCP
16+ PB storage and 16,000 cores
November 29, 2018 QSC Conference, 2018 35
![Page 35: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/35.jpg)
Cloud Platform Highlights 1+ trillion security events annually
3+ billion scans annually
2.5+ billion messages daily across Kafka clusters
620+ billion data points indexed in our Elasticsearch clusters
November 29, 2018 QSC Conference, 2018 36
Unprecedented 2-second visibility
![Page 36: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/36.jpg)
Qualys Cloud Platform Sensors, Data Platform, Microservices, DevOps
November 29, 2018 QSC Conference, 2018 37
Application Services / Shared Services / Stream & Batch Processing / Reporting / Analytics
Cloud Agents
Passive Scanners Scanners Appliances Virtual Scanners
Qualys Streaming Data Backbone
Service Service Service Service Service
. . .
UI Portal
API
Internet Scanners
![Page 37: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/37.jpg)
Qualys Sensor Platform Scalable, self-updating & centrally managed
November 29, 2018 QSC Conference, 2018 38
Physical Legacy data centers Corporate infrastructure Continuous security and compliance scanning
Cloud/Container Commercial IaaS & PaaS clouds Pre-certified in market place Fully automated with API orchestration
Continuous security and compliance scanning
Cloud Agents Light weight, multi-platform On premise, elastic cloud & endpoints Real-time data collection Continuous evaluation on platform for security and compliance
Passive Passively sniff on network
Real-time device discovery & identification
Identification of APT network traffic Extract malware files from network for analysis
API Integration with Threat Intel feeds CMDB Integration Log connectors
Virtual
Private cloud infrastructure Virtualized Infrastructure
Continuous security and compliance scanning
![Page 38: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/38.jpg)
Data Platform-as-a-Service
November 29, 2018 QSC Conference, 2018 39
• Highly scalable architecture • Predictable performance at scale • Distributed and fault-tolerant • Multi-datacenter support • Open-source • Commodity hardware
Right database for the right use case
![Page 39: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/39.jpg)
Data Platform-as-a-Service
November 29, 2018 QSC Conference, 2018 40
Ceph Object storage Moving Oracle and in-house blob storage into Ceph
Redis In-memory cache Improved system performance for frequently accessed data
Cassandra Low latency storage Source of truth for data across multiple products
Elasticsearch Search for anything Over 620 billion data points indexed Estimating about 1 trillion data points be year end
Kafka Asynchronous, event-driven architecture Foundation for Qualys Cloud Platform Over 2.5 billion messages per day
![Page 40: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/40.jpg)
Microservices & Cloud Native Architectures Reduce risk and ship faster
November 29, 2018 QSC Conference, 2018 41
Change how we design and build applications and services
Service Service
Service Service
• Monoliths to microservices • Well defined APIs • Packaged in containers • Deployed on elastic infrastructure • 12-Factor apps • CI/CD, Service Registry, Config Servers
![Page 41: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/41.jpg)
DevOps – Increased Efficiency
November 29, 2018 QSC Conference, 2018 42
Goal is to make software delivery vastly more efficient
Supporting about 80 shared and private cloud deployments
![Page 42: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/42.jpg)
Automation - Infrastructure as Code
November 29, 2018 QSC Conference, 2018 43
Treat systems running your software as if they themselves are software Automate • Infra provisioning • Configuration management • Deployments…
….all using code
![Page 43: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/43.jpg)
Monitoring Systems - Observability
November 29, 2018 QSC Conference, 2018 44
Centrally monitor across all platforms using a single-pane view
End-to-end monitoring using • Time series metrics • Distributed tracing • Log aggregation & analytics • Alerting
![Page 44: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/44.jpg)
Integrated Security - DevSecOps
November 29, 2018 QSC Conference, 2018 45
Built-in security practices across the DevOps lifecycle
Qualys-on-Qualys • Manage vulnerabilities • Comply with policies • Secure and shield web apps • Validate file integrity • Monitor systems
![Page 45: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/45.jpg)
Qualys Cloud Platform
November 29, 2018 QSC Conference, 2018 46
Messaging, Data, Analytics Platform
Integrated Suite of Applications FIM IOCCA AI VM CM TP PCI WAS WAFPC SAQIntegrated Suite of Applications
Shared Services
Subscription
Service
Authentication
Service
Authorization
Service
Indexing Service
Data Sync
Service
Tagging Service
Infrastructure and DevOps Toolchain
Logging
Monitoring
Config Mgmt.
Service Registry
CI/CD Docker/ Kubernetes
![Page 46: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/46.jpg)
Qualys Cloud Applications
November 29, 2018 QSC Conference, 2018 47
Secure web applications with end-to-end protection
Web Application Scanning
Web Application Firewall Block attacks and virtually patch web application vulnerabilities
WEB APPLICATION SECURITY
Security Configuration Assessment Automate configuration assessment of global IT assets
Policy Compliance PCI Compliance
Security Assessment Questionnaire
Assess security configurations of IT systems throughout your network
Automate, simplify and attain PCI compliance quickly
Minimize the risk of doing business with vendors and other third parties
COMPLIANCE MONITORING
ASSET MANAGEMENT
Asset Inventory Maintain full, instant visibility of all your global IT assets
CMDB Sync Synchronize asset information from Qualys into ServiceNow CMDB
File Integrity Monitoring Log and track file changes across global IT systems
Cloud Security Assessment Get full visibility and control across all public cloud instances
Continuously detect and protect against attacks, anytime, anywhere
Vulnerability Management Threat Protection Continuous Monitoring Pinpoint your most critical threats and prioritize patching
Alerts you in real time about network irregularities
IT SECURITY
Indication of Compromise Continuously monitor endpoints to detect suspicious activity
Container Security Discover, track, and continuously protect containers
Certificate Assessment
Cloud Inventory Inventory of all your cloud assets across AWS, Azure, GCP and others
Inventory of TLS/SSL digital certificates on a global scale
Assess all your digital certificates for TLS/SSL vulnerabilities
FIM
IOC
AI
VM CMTP
PCI
WAS WAF
PC
SAQ
CI
CRA
CRI
CS
CSA
SCA
SYN Certificate Inventory
Patch Management (Beta) Select, manage, and deploy patches to remediate vulnerabilities
![Page 47: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/47.jpg)
Advanced Correlation & Analytics
November 29, 2018 QSC Conference, 2018 48
Network Security End Point Apps Cloud Users IoT Server Qualys Apps
Qualys Security Data Lake Platform Data Ingestion | Normalization | Enrichment | Governance
Threat Hunting Search | Exploration | Behavior Graph
ML/AI Service Patterns | Outlier | Predictive SoC
Security Analytics Anomaly | Visualization | Dashboard
UEBA User & Entity Behavior Analytics
Advanced Correlation Actionable Insights | Out-of-box Rules
Orchestration & Automation Integration | Playbooks | Response
Qualys Quick Connectors
IOCCA VM WAS WAFAI PC
![Page 49: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/49.jpg)
18QUALYS SECURITY CONFERENCE 2018
Chris Carlson VP, Product Management, Qualys, Inc.
Cloud Agent Platform
![Page 50: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/50.jpg)
Digital Transformation is Driving IT Transformation for Organizations
Private Clouds
Enterprise On Premise
Remote End Users
Internet
Public Clouds
51
![Page 51: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/51.jpg)
… But creates new Challenges for Security
Private Clouds
Enterprise On Premise
Remote End Users
Can’t scan remote users
Don’t know how many assets you have
Don’t know when those assets are running
Credential issues / Authentication failures
Monthly / weekly scanning too slow [WannaCry]
52
![Page 52: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/52.jpg)
Qualys Sensors Scalable, self-updating & centrally managed
Physical
Legacy data centers Corporate infrastructure Continuous security and compliance scanning
Virtual
Private cloud infrastructure Virtualized Infrastructure Continuous security and compliance scanning
Cloud/Container Commercial IaaS & PaaS clouds Pre-certified in market place Fully automated with API orchestration Continuous security and compliance scanning
Cloud Agents
Light weight, multi-platform On premise, elastic cloud & endpoints Real-time data collection Continuous evaluation on platform for security and compliance
Passive Passively sniff on network Real-time device discovery & identification Identification of APT network traffic Extract malware files from network for analysis
API Integration with Threat Intel feeds CMDB Integration Log connectors
29 November 2018 53
![Page 53: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/53.jpg)
Qualys Cloud Agent Platform
Lightweight Software
Agent
(collects metadata only)
On-Premise Servers
Public Cloud
User
Endpoints
Windows
Linux
Mac
AIX
Cloud Native
Delivers Multiple Security
Functions in one Agent
54
![Page 54: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/54.jpg)
Qualys Platform
Cloud Agent
Qualys Suite of Applications
Central Management / API
Efficient Network Usage (Delta Processing average) 50 - 350 KB / day
Lightweight Metadata Collection (tunable)
~1-2% CPU
3 MB application Windows, Linux, Mac, AIX
55
![Page 55: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/55.jpg)
Qualys Cloud Agent IT, Security, Compliance Apps
Asset Inventory
Vulnerability Management
Policy Compliance
Indication of Compromise Detection
File Integrity Monitoring
Upcoming IT App (Beta November 2018)
Patch Management
PC
VM
AI
November 29, 2018 QSC Conference, 2018 56
![Page 56: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/56.jpg)
Try and Manage Apps on One Cloud Agent End the fight with IT to deploy security agents!
Remove point-solution agents from your endpoints
Consolidate security tools
![Page 57: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/57.jpg)
Cloud Agent Extends Network Scanning
No scan windows needed – always collecting
Find vulnerabilities faster Detect a fixed vulnerability faster Many new Apps only available on Agent
Best for assets that can’t be scanned
Unable to get credentials / authentication failures
Remote systems in branch offices / NAT
Roaming user endpoints
Cloud / Elastic deployments
58
![Page 58: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/58.jpg)
Cloud Agent Adoption
![Page 59: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/59.jpg)
Cloud Agent VM Usage and Growth Drivers
2016
Deploy on servers to overcome customer limitations with their network scanning - Auth issues - Scan windows - More frequent VM
assessments
2017
- Increasing adoption for Servers
- Initial adoption for end-users (WannaCry)
- Early CA deployments in AWS and Azure
2018
- Growth in endpoint deployments (50-300K)
- Growth in public cloud (AWS primarily)
- Initial work to build CA into CI/CD/DevOps pipelines
2019 - Visibility + Lightweight
agent increases adoption
- Increase endpoints
- Increase in public cloud
- Capture migration from on-premise servers to public cloud
100,000s
1,000,000s
10,000,000s
![Page 60: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/60.jpg)
London | 16 November 2017
Cloud Agent CPU Tuning - Linux VM: < 1.2% CPU peak usage for less than 15
mins AWS EC2
not allowed to
scan nano, micro, or small
instances using network
scanning
AWS t2.micro instance running Cloud Agent 61
0.5% CPU when idle / heartbeat
![Page 61: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/61.jpg)
London | 16 November 2017
Cloud Agent CPU Tuning - Windows
Tunable CPU Limit Example: 8% configured max on 1-core
(Effective: <2% on 4-core)
62
![Page 62: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/62.jpg)
Selected Cloud Agent Deployments Ecommerce / Technology 40,000,000/yr AWS + 210,000 Windows
Technology Company 2,000,000 Azure
Ecommerce 3,500,000/yr AWS
Financial Services 485,000 Windows (+ 500,000 Linux 2H 2018)
Financial Services 200,000 (AWS and users) + 20,000 FIM
Professional Services 340,000 user and servers
Retailer 100,000 in datacenter and 2,500 stores
Financial Services 3,000 ATM machines
63
![Page 63: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/63.jpg)
Cloud Native – Collect Provider Metadata AWS EC2 Microsoft Azure Google Compute
Platform accountId amiId availabilityZone hostname hostnamePublic instanceId instanceType kernelId macAddress privateIpAddress publicIpAddress region reservationId securityGroupIds securityGroups subnetId VPCId
dnsservers ipv6 location macAddress name offer osType privateIpAddress publicIpAddress publisher resourceGroupName tags subnet subscriptionId version vmId vmSize
hostname instanceId macAddress machineType network privateIpAddress projectId projectIdNo publicIpAddress zone
Agent collects metadata locally
![Page 64: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/64.jpg)
Cloud Provider Metadata (AWS EC2 example) accountId 383031258652 ami-id ami-d874e0a0 ami-launch-index 2 availabilityZone us-west-2a hostname ip-172-31-36-214.us-west-2.compute.internal imageId ami-d874e0a0 instance-id i-03e86d77745bb2bba instanceType t2.micro local-hostname ip-172-31-36-214.us-west-2.compute.internal local-ipv4 172.31.36.214 mac 06:26:0c:74:c5:9a privateIp 172.31.36.214 profile default-hvm public-hostname ec2-18-236-81-63.us-west-2.compute.amazonaws.com public-ipv4 18.236.81.63 region us-west-2 reservation-id r-06e5580c2918a00ba security-groups launch-wizard-2
![Page 65: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/65.jpg)
Cloud Instance Metadata Merge and Agent Dynamic License Management EC2 Connector – Available now
aws.ec2.accountId aws.ec2.availabilityZone aws.ec2.hostname aws.ec2.hostnamePublic aws.ec2.imageId aws.ec2.instanceId aws.ec2.instanceState aws.ec2.instanceType aws.ec2.kernelId aws.ec2.privateDNS aws.ec2.privateIPAddress aws.ec2.publicDNS aws.ec2.publicIPAddress aws.ec2.region.code aws.ec2.region.name aws.ec2.spotInstance aws.ec2.subnetId aws.ec2.VPCId
Cloud Agent – Available now aws.ec2.accountId aws.ec2.availabilityZone aws.ec2.hostname aws.ec2.imageId aws.ec2.instanceId aws.ec2.instanceType aws.ec2.kernelId aws.ec2.privateDNS aws.ec2.privateIPAddress aws.ec2.publicDNS aws.ec2.publicIPAddress aws.ec2.region.code aws.ec2.region.name aws.ec2.subnetId aws.ec2.VPCId
66
Automated Rules (Dec 2018)
“When instanceState = TERMINATED, then remove Cloud
Agent license”
aws.ec2.instanceState
Automatically merge on Instance ID (Nov
2018) aws.ec2.instanceId
aws.ec2.instanceId
![Page 66: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/66.jpg)
Integrate Cloud Agent into DevOps
Use Cases for DevOps
Use Cases for Security
Build Cloud Agent into gold image or auto-deploy with CI/CD – self-service results from Qualys API/UI & integrations Get vulnerability and configuration posture of OS and application along the DevOps pipeline Fix/verify security issues before going into production
End-to-end lifecycle tracking – development, deployment, production, decommission Same Cloud Agent across cloud, on-premise, endpoint, hybrid Single platform as DevOps tools evolve – Qualys Container Security, Jenkins integration, API automation, more
67
![Page 67: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/67.jpg)
Cloud Agent – Microsoft Azure Integration
68
![Page 68: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/68.jpg)
69
![Page 69: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/69.jpg)
70
![Page 70: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/70.jpg)
71
![Page 71: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/71.jpg)
Vulnerability Spread at Speed of DevOps
Red Hat 7.4 Marketplace
Image
![Page 72: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/72.jpg)
Auto-Deploy Qualys Cloud Agent
![Page 73: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/73.jpg)
Vulnerability Results
![Page 74: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/74.jpg)
Threat Protection Exploitability !
![Page 75: Where Are We Now and Where is the Industry Going? · Microservices & Cloud Native Architectures Reduce risk and ship faster 41 QSC Conference, 2018 November 29, 2018 Change how we](https://reader034.vdocuments.site/reader034/viewer/2022042219/5ec559c513b08355f20aa601/html5/thumbnails/75.jpg)
Cloud Agent Roadmap Agent Releases • Mac 1.7.2 – released Aug 29 • Linux 2.1 upgrade from 2.0 (FIM) – released Aug 29 • Linux 2.2 – Dec rollout for Policy Compliance UDCs • Windows 2.1.1 rollout – started Oct 17 / complete Oct 22 • https://www.qualys.com/documentation/release-notes/
Features • Cloud Provider Metadata (AWS, Azure, GCP) – available • EC2 Connector / Cloud Agent merge – available • Nov – Windows agent to support Patch Management Beta • Dec - Policy Compliance UDCs (Windows / Linux / AIX ) • Dec – Agent Lifecycle Management
(Public cloud State-based w/ Connector / Any asset using Time-based)