This document introduces cybersecurity concepts and tools. It discusses six cybersecurity tools: Unified Threat Management (UTM), which combines firewall, IDS/IPS, and secure web gateway capabilities; Data Loss Prevention (DLP) tools that prevent sensitive data loss and misuse; Cloud Access Security Brokers (CASB) that enforce security policies for cloud access; Dynamic Denial of Service (DDoS) mitigation; Web Application Firewalls; and Security Information and Event Management (SIEM) systems that provide real-time analysis of security alerts. Diagrams and definitions are provided for each tool.
This document introduces cybersecurity concepts and tools. It discusses six cybersecurity tools: Unified Threat Management (UTM), which combines firewall, IDS/IPS, and secure web gateway capabilities; Data Loss Prevention (DLP) tools that prevent sensitive data loss and misuse; Cloud Access Security Brokers (CASB) that enforce security policies for cloud access; Dynamic Denial of Service (DDoS) mitigation; Web Application Firewalls; and Security Information and Event Management (SIEM) systems that provide real-time analysis of security alerts. Diagrams and definitions are provided for each tool.
This document introduces cybersecurity concepts and tools. It discusses six cybersecurity tools: Unified Threat Management (UTM), which combines firewall, IDS/IPS, and secure web gateway capabilities; Data Loss Prevention (DLP) tools that prevent sensitive data loss and misuse; Cloud Access Security Brokers (CASB) that enforce security policies for cloud access; Dynamic Denial of Service (DDoS) mitigation; Web Application Firewalls; and Security Information and Event Management (SIEM) systems that provide real-time analysis of security alerts. Diagrams and definitions are provided for each tool.
Objetivos Hoy: 1. Conceptos básicos de Ciberseguridad 2. Herramientas de Ciberseguridad HERRAMIENTAS PARA IMPLEMENTAR LA CIBERSEGURIDAD II
1. Unified Threat Management (UTM)
2. Data Loss (Leak) Prevention (DLP) 3. Cloud Access Security Broker (CASB) 4. Dynamic Denial of Service (DDoS) 5. Web Application Firewall 6. Security Information and Event Management (SIEM) Unified Threat Management (UTM)
Firewall + IDS/IPS + SWG = UTM
Unified Threat Management (UTM) Unified Threat Management (UTM) Data Loss (Leak) Prevention (DLP)
➢ Data loss prevention (DLP) is a set of tools and processes
used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users Data Loss (Leak) Prevention (DLP) Cloud Access Security Broker
➢ According to Gartner, a cloud access security broker (CASB) is an on-premises
or cloud-based security policy enforcement point that is placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as cloud-based resources are accessed Cloud Access Security Broker
➢ Examples of security policies enforced by a CASB include
authentication, single sign on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, and malware detection and prevention. A CASB vendor also gives enterprises visibility into authorized and non-authorized cloud usage Cloud Access Security Broker Distributed Denial of Service (DDoS) Distributed Denial of Service (DDoS) Web Application Firewall Web Application Firewall Security Information and Event Management (SIEM)
➢ security information and event management (SIEM), software products
and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware Security Information and Event Management (SIEM)