Security at cloud speed

Secure innovation

Intro
|
DevOps
|
Security

Let’s demonstrate a scenario where a new application needs to be built. DevOps provides their infrastructure requirements, while the security team requires the necessary security controls, which include the need for managed security services. For such a scenario, security-ready orchestration platform can help your teams address these requirements in a relatively frictionless manner by deploying composite blueprints to meet CISO and DevOps goals for a security-by-design solution at cloud speed.

    In this example, DevOps requirements include:

  • Cluster of Red Hat servers
  • Tomcat web server on AWS
  • MySQL server in private data center
  • Servers need to sit behind an existing load balancer

    As developers build the app, in order to ensure protection for the workloads, the security team requirements in this example include:

  • App must have network security w/ Firewall, Intrusion Prevention and WAF
  • Hosts must be protected for Malware
  • East-West protection in cloud should be enabled
  • Workloads should comply with CIS benchmarks
  • Workloads should be scanned for vulnerabilities + patched
  • IT Ops, Security Management + Threat Monitoring should be enabled