Download - Cloud Security Alliance

CLOUD SECURITY ALLIANCE SecaaS Implementation Guidance, Category 6: Intrusion Managementdeleted, when USB devices are inserted and removed from computers, and when network shares arecreated and deleted.IM SecaaS should have both policy management and policy enforcement processes and communicationschannels in order to integrate with customer systems and infrastructure to centrally report and potentiallyexecute the following capabilities:Day-zero protection: stop malicious exploitation of systems and applications; prevent introduction andspread of malicious codeHardened systems: lock down OS, applications, and databases; prevent unauthorized executables frombeing introduced or runIntegrated firewall blocks inbound and outbound TCP/UDP traffic; administrator can block traffic perport, per protocol, per IP address or rangeMaintain compliance by enforcing security policies on cloud-based servers. Comprehensive compliancehelps address various information security regulations and standards such as PCI DSS, NERC, Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLB) and HIPPAAPolicy-based monitoring setup for real-time event notification and alerting featuresBuffer overflow protectionLog consolidation for easy search, archival, and retrievalAdvanced event analysis and response capabilitiesFile and registry protection and monitoringSupports integration with SEIM for long-term storage of event information, event correlation andincident management© Copyright 2012, Cloud Security Alliance. All rights reserved. 32