eBooks/eGuides

26 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. compromised credentials. Credential theft has become so prev- alent in the attackers' playbook that it's often said that attackers no longer hack into a target network — they simply log in. The primary techniques that attackers use to steal credentials include: » Social engineering » Phishing and malware » Brute force » Security question reuse » Reusing stolen passwords or shared credentials sold on the dark web Attackers use these credentials to gain access to a network, move laterally, and escalate their privileges for unauthorized access to applications and data (see the "Credential theft: Shamoon 2" sidebar in this chapter). With stolen credentials as part of their toolset, attackers' chances of successfully breaching go up, and their risk of getting caught goes down. To prevent credential theft, most organizations rely on employee education, which is prone to human error by nature. Technology products commonly rely on identifying known phish- ing sites and filtering email. However, these methods can some- times be bypassed — checking for known bad sites misses newly created ones, and attackers can evade mail filtering technology by sending links through social media. Organizations should look for a firewall with machine learning- based analysis to identify websites that steal credentials. If the analysis identifies a site as malicious, the firewall should be automatically updated in real time and block it. Still, there will always be new, never-before-seen phishing sites that are treated as "unknown." Your firewall must allow you to block submission of user credentials to unknown sites. The firewall must also allow you to protect sensitive data and applications by enforcing multi- factor authentication (MFA) to prevent attackers from abusing stolen credentials. By integrating with common MFA vendors, your firewall can protect your applications containing sensitive data, including legacy applications.

• Cover
• Title Page
• Copyright Page
• Table of Contents
• Introduction
• About This Book
• Icons Used in This Book
• Chapter 1 The Evolution of the Data Center
• Understanding the Impact of the Cloud on the Data Center
• Recognizing Security Challenges in the Data Center and Hybrid Cloud
• Looking at Why Legacy Security Infrastructure is Ineffective
• Firewalls
• Intrusion prevention
• Proxies
• Defining Security Requirements
• Gain complete visibility
• Minimize the attack surface
• Automate threat protection
• Chapter 2 Security Challenges in Hybrid Clouds
• Cloud Security and The Shared Responsibility Model
• The Dynamic Nature of Modern Threats
• Ransomware
• Credential theft
• DNS-based attacks
• Targeted "Low-and-Slow" Attacks and APTs
• Chapter 3 Delivering Consistent Security Using Zero Trust
• Gaining Complete Visibility
• Application identification
• User identification
• Content identification
• Minimizing Your Attack Surface with Segmentation
• Using Dynamic Security to Support Moves and Changes
• Chapter 4 Leveraging Unmatched Threat Protection
• The Challenges of Defense in Depth
• What Is a Perimeter?
• Threat Protection Components
• Endpoint protection
• Security orchestration and automation
• Cloud-based threat intelligence
• Chapter 5 Ten Evaluation Criteria for Network Security in the Data Center and Hybrid Cloud Environment
• Safe Enablement of Applications in the Hybrid Cloud
• Identify Users and Enable Appropriate Access
• Comprehensive Threat Protection
• Flexible, Adaptive Integration
• Secure Access for Mobile and Remote Users
• One Comprehensive Policy, One Management Platform
• Cloud Ready
• Automate Routine Tasks and Focus on the Threats That Matter
• Flexible Deployment Options
• Consume New Innovations Easily in a Broad Partner Ecosystem
• Glossary
• EULA