ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths Cybersecurity and Business in the New Era: Security Innovation Days 2020 (Day 1) First day of the Security Innovation Days 2020 completed with more than 1500 people connected from all over the world. If you missed the first day of our cybersecurity...
Andrés Naranjo The Challenge of Online Identity (I): Identity Is the New Perimeter We often find ourselves in situations where we are faced with a mission and, as the mission goes on, we realise that the first choices we made were not...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
Innovation and Laboratory Area in ElevenPaths TheTHE: The Threat Hunting Environment, our tool for researchers TheTHE, a unique tool within its category that allows analysts and hunters to carry out their research tasks in a more agile and practical way.
ElevenPaths You’ve got mail? You’ve got malware A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
Javier Provecho CNCF’s Harbor (cloud native registry) fixes an information disclosure bug discovered by ElevenPaths (CVE-2020-29662) On December 2nd, ElevenPaths’ CTO SRE team discovered an unauthenticated API within Harbor, a cloud native registry part of the CNCF. It is commonly used as an agnostic Docker...
ElevenPaths You’ve got mail? You’ve got malware A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
Securing a Cloud Environment With a Telco Cloud ProviderElevenPaths 25 July, 2017 Nowadays, nobody can deny the remarkable benefits of cloud computing, both infrastructure as a service (IaaS) and software as a service (SaaS). Cloud computing drives cost savings, agility to support customer demands and innovation; definitively it is a fundamental factor in the corporate digital transformation. Otherwise, cloud computing also involves some level of complexity in dealing with IT security, since organizations delegate certain responsibilities to third parties in storing and controlling sensitive data. During this article, we aim to identify the cloud security handicaps and propose a security model according a Telco Cloud Provider perspective to make easier and safe the cloud voyage. IT and security professionals were fully aware about security information risks and how they affect to cloud environments. However, the continuous news bombardment about cyber-attacks, apart from encouraging in general public the security awareness –which is clearly needed–, is contributing to spread some misleading ideas about the level of security in the cloud. What do you consider more convenient?, stuffing money in a mattress or in a bank? If you have your money with you in your home, then the money will be always available (simplicity) and you may be less likely to be a target for criminals, but if for some reason somebody break into your house you will certainly need the best protection systems, are you able to implement similar security measures than a bank? As IDC presented in its 2016 cloud view report, security concerns remain the key inhibitor to continue cloud growth. Is this impression based on a true story? We believe not. Most of the cyber-attacks are not related to the cloud infrastructure itself and cannot be ascribed to the cloud services provider. Additionally, Gartner supports this assumption in a recent analysis that reports, through 2020, 95 percent of cloud security failures will be the customer’s fault. Although the security risk is the same in a cloud environment than on premise, it is required to introduce three main handicaps, namely: complexity, vulnerable communications and exposure. Complexity of a borderless environment Boundaries of today organizations have been demolish by technologies, such as mobility, software-defined networking (SDN) and cloud services, and also by operational demands like secure production processes and supply chains. As reveal by a Gartner press release : by 2018, 25% of corporate data traffic will flow directly from mobile devices to the cloud, bypassing traditional enterprise security controls. This is a real pain for IT departments, who inevitably need to deal with dozens of third-party cloud services, SaaS-application providers and shadow clouds not only from within perimeter, but also from outside, which seems practically impossible to manage. Then, organizations require from cloud services providers the implementation of proper security controls, at least similar what customers would put in places in its own datacentre and, additionally, establish a flexible and effective control and notification mechanisms. Quality of Service in communications Although customers can access their Virtual Private Clouds through the Internet, this option presents diverse and costly inconveniences, such as communications security issues, latency, delays, data loss, and jitter, among others. This, definitively, does not guarantee the service quality (QoS) expected of a data network in a professional environment when it comes to accessing corporate applications. Exposure of applications At the time of leaving the perimeter and making use of SaaS or customer applications on IaaS, there is a greater exposure and vulnerabilities are much easier to exploit. This risk is an indirect consequence to migrate corporate applications to the cloud, it´s not intrinsic to the cloud itself, but the risk the non-solved vulnerabilities of the corporate applications that for being in a closed environment have gone unnoticed. As organizations have assumed that live in a hole in the ground is not any longer an option, then it is necessary to implement some best practices, such as security monitoring, vulnerability assessment or identity and access management. Security of the cloud Cloud providers focus on securing the infrastructure itself, implementing similar mechanisms than datacentres usually do, making transparent this measures for customers. These measures include: Data resilience in multiple regions: the cloud provider must have distributed storage in multiple regions to ensure global availability. As part of its global Cloud services offer, Telefónica offers nodes in different countries to solve local regulatory problems, without undermining a unified and global perspective that may be required by multinational clients and the portability of information between regions. Segmentation: in a shared environment, complete isolation between users must be ensured and the use (or abuse) of one of them does not affect the performance of the rest. Certifications: third party certifications provide assurance regarding implementation of Systems and security Measures. Organizations such as the Cloud Security Alliance (CSA) award certifications such as CSA Star, based on the ISO 27001 standards group and suited specifically for cloud services. Security towards the cloud The better option to address the communication issue between the private network and the VPC is to enable the extension of end clients’ virtual private networks (VPN) over IP/MPLS technology and with global coverage. Then, all corporate resources, instances, databases or end-points, independently where they are, are visible in the same LAN. This model allows to easily include an additional security layer by means of next generation firewalls deployed in the access network itself to filter and block any malware and unwanted traffic, which is known as Clean Pipes. By last, organizations can delegate the deployment of the perimeter defence in the internet access provider, obtaining easy-scalable architecture, greater resilience and a cost-reduction (moving CAPEX to OPEX) and, in addition, if the internet access provider supply the cloud environment the synergies are quite remarkable and ensuring end-to-end security. Additionally, an integrated proposal for cloud and telecommunications services allows you also to contract for differential best-of-class services such as the AntiDDoS (Global Shield) service that stops attacks from the network, before they even affect the datacenter. Security in the cloud A competent cloud platform shall include a bunch of security services to secure the environment and the customer applications, such as: Visibility and control: it is worth highlighting the importance of having tools that allow intuitive visibility into the overall safety state, as well as cross-monitoring, detection and response tools. A vulnerability analysis platform, like Vamps, can be integrated into testing processes and contribute to a more secure development process Integration with managed security platforms: a differential factor of an integral security proposal for the cloud is the level of integration with Managed Security Services (MSS). If the same provider can offer both, the complexity, main handicap of the managed security, will be strongly minimized. Telefonica has specifically defined its cloud security solution with this principle in mind to simplify the day-to-day operation. Identity Management and Authentication: the cloud services platform must offer the capacity for a comprehensive and generic identity management, which is interrelated with that of the other services used by the organization, such as communications or applications. For this, Telefónica offers services as well known as Latch and Mobile Connect in its cloud services offer. Security governance: additionally, some interaction among the resources deployed in the cloud environment with risk management and security compliance tools will bring a higher level of security understanding. Telefónica has in its portfolio a specific regulatory compliance solution, Sandas GRC, which interact with the Telefonica’s cloud environment to provide real-time risk and regulatory compliance. The Telco Cloud Provider solution A Telco Cloud Provider model has multiple benefits, since comprises in an integral offering hosting, security of the platform itself, QoS and secure communication between private network and VPC (Virtual Private Cloud), and security for both customer environment and its applications. This model brings multiple advantages, such as scalability, compatibility, resilience, global visibility and an important cost reduction. In summary, Telefónica, thanks to its capacity as integral provider, is able to offer a unique cloud security solution that combines cloud-hosting with the Telefónica’s renowned experience communication services and also with the most advanced protection of ElevenPaths’ products, operated from Security Operations Centers (SOCs) all over the world. Mercedes Soto Rodríguez Jefe de Producto de seguridad en la nube mercedes.sotorodriguez@telefonica.com Francisco Oteiza Lacalle Jefe de producto de Seguridad Gestionada @Fran_Oteiza francisco.oteizalacalle@telefonica.com Telefónica and Subex sign a global framework agreement to provide a disruptive FMaaS solutionTelefónica Business Solutions Reinforces the Security of its Network with Clean Pipes 2.0
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths What is VPN and What is It For? VPN connections are nothing new, they have been with us for a long time, always linked to the business world. The great versatility and its different uses have made...
ElevenPaths Cyber Security Weekly Briefing March 20-26 Analysis of the new cyber-espionage group SilverFish The PRODAFT Threat Intelligence team (PTI) has discovered a highly sophisticated cybercriminal group called SilverFish, which operates exclusively against large enterprises and public...
ElevenPaths Cyber Security Mechanisms for Everyday Life It is becoming more and more common to find in the general media news related to cyber-attacks, data breaches, privacy scandals and, in short, all kinds of security incidents....
Vmware Training in ChennaiCCNA Training in ChennaiAngularjs Training in ChennaiGoogle CLoud Training in ChennaiRed Hat Training in ChennaiLinux Training in ChennaiRhce Training in Chennai Reply