Micro-segmentation and cloud architectures decrease threat landscape by design. However, this smaller threat surface creates a false sense of good security. This presentation will clearly demonstrate 10 security controls that are missing in such architectures. Standard private (OpenStack and NSX) and public cloud architectures (AWS and Azure) with micro-segmentation will be presented and analyzed for 10 security controls that are missing. They include identification, authentication, authorization, vulnerability, anti-virus, advance persistence threat detection, denial of service and data protection, visibility with analytics and security system automation.
Attendees will learn how to add these 10 controls to micro-segmentation to architect strong security. We'll show how the implementation of most of these controls may be used to set a foundation for zero-trust model implementation.
Learning Objectives:
• Learn what security controls are missing in micro-segmentation in private and public cloud implementations
• Learn how to go about implementing 10 security controls presented
• Learn how to use these 10 security controls to set a foundation for zero-trust implementation