eBooks/eGuides

52 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Security orchestration and automation Security orchestration is a method of connecting disparate security tools, teams, and infrastructures for seamless and process-based security operations and incident response. Security orchestration acts as a powerful enabler for security automation because well- connected security systems are more receptive to automation and scale. The three pillars of security orchestration are people, processes, and technology. By streamlining security processes, connect- ing different security tools and technologies, and maintaining the right balance of machine-powered security automation and human intervention, security orchestration empowers secu- rity professionals to improve the organization's overall security posture. A combination of industry trends and market forces have created challenges that security orchestration is well positioned to solve, including: » Rising alert numbers: With an increased threat surface, a greater number of entry vectors for attackers, and an increase in specialized cybersecurity tools, the number of alerts is constantly on the rise. Analysts need help in identifying false positives, duplicate incidents, and keeping the alert numbers in check without burning out. » Product proliferation: Analysts use numerous tools — both within and outside the purview of security — to coordinate and action their response to incidents. This involves lots of screen switching, fragmented information, and disjointed record keeping. » Lack of skilled analysts: With a shortage of millions of analysts expected over the coming years, many security operations centers (SOCs) are understaffed, leading to increased workload, stress, and rates of error among analysts. » Inconsistent response processes: As SOCs mature, security teams spend most of their day fighting fires and can't devote enough time to set standard response processes or spot patterns that reduce rework. This results in response quality being dependent on individual analysts, which can lead to variance in quality and effectiveness.

• Cover
• Title Page
• Copyright Page
• Table of Contents
• Introduction
• About This Book
• Icons Used in This Book
• Chapter 1 The Evolution of the Data Center
• Understanding the Impact of the Cloud on the Data Center
• Recognizing Security Challenges in the Data Center and Hybrid Cloud
• Looking at Why Legacy Security Infrastructure is Ineffective
• Firewalls
• Intrusion prevention
• Proxies
• Defining Security Requirements
• Gain complete visibility
• Minimize the attack surface
• Automate threat protection
• Chapter 2 Security Challenges in Hybrid Clouds
• Cloud Security and The Shared Responsibility Model
• The Dynamic Nature of Modern Threats
• Ransomware
• Credential theft
• DNS-based attacks
• Targeted "Low-and-Slow" Attacks and APTs
• Chapter 3 Delivering Consistent Security Using Zero Trust
• Gaining Complete Visibility
• Application identification
• User identification
• Content identification
• Minimizing Your Attack Surface with Segmentation
• Using Dynamic Security to Support Moves and Changes
• Chapter 4 Leveraging Unmatched Threat Protection
• The Challenges of Defense in Depth
• What Is a Perimeter?
• Threat Protection Components
• Endpoint protection
• Security orchestration and automation
• Cloud-based threat intelligence
• Chapter 5 Ten Evaluation Criteria for Network Security in the Data Center and Hybrid Cloud Environment
• Safe Enablement of Applications in the Hybrid Cloud
• Identify Users and Enable Appropriate Access
• Comprehensive Threat Protection
• Flexible, Adaptive Integration
• Secure Access for Mobile and Remote Users
• One Comprehensive Policy, One Management Platform
• Cloud Ready
• Automate Routine Tasks and Focus on the Threats That Matter
• Flexible Deployment Options
• Consume New Innovations Easily in a Broad Partner Ecosystem
• Glossary
• EULA