Virtual security solutions and best practice
Practical Methods for Securing the Cloud - by Dr. Edward Amoroso SVP & Chief Security Officer, AT&T
"With runtime security virtualization, different assets that reside together in the same cloud can be associated with different security protections. Because providers can customize security, an object with a low-security risk might have light functional protections, whereas another object with high risk might include multiple, more intense security functions. Catbird provides a cloud security platform that includes virtual machine appliances that allow for customization of protection across different assets."
Fundamental shifts in data center architecture have resulted in highly dynamic infrastructure that is exposing weaknesses in perimeter-based network controls -- leaving your applications vulnerable to internal threats. While still a valid place to protect against external threats, the ideology of perimeter security leaves security policy and compliance within private clouds largely static. Learn how you can protect your cloud from Advanced Persistent Threats (APTs) that easily penetrate virtual infrastructure and deploy security that accounts for mobile devices that routinely bypass the perimeter.
As a member of the VMware Partner Network, Catbird published this addendum to the VMware Product Applicability Guide for PCI DSS 3.0. Coalfire, a Qualified Security Assessor (QSA), has confirmed that Catbird control elements are in line with PCI Guidance and VMware Compliance Reference Architect Framework. Catbird enables continuous policy monitoring and automated enforcement in virtual and cloud environments.
All merchants, financial institutions and other entities that store, process, or transmit payment cardholder data are required by card brands to comply with the Payment Card Industry Data Security Standard (PCI DSS). Catbird delivers more security that is more deterministically applied and more stringently audited than any other available solution. This paper describes how Catbird's cloud software addresses PCI DSS 3.0 requirements.
Automating security control and multi-regulatory compliance enforcement, this paper describes the value of Catbird for Financial Services as well as the key stakeholders that benefit from this solution.
Healthcare providers and payers are often subject to multiple compliance requirements including HIPAA, SOX, GLBA, and PCI DSS. This paper details the value of Catbird vSecurity for Healthcare organizations assessing the challenges and demands of virtualization security.
Co-sponsored by Catbird and VigiTrust, this paper addresses overcoming the challenges of scoping for Cardholder Data, including scope management, assessment preparation, continuous compliance considerations, operation impacts and do's and don'ts of virtualization security.
Compliance and information security demands are top concerns for America’s higher education institutions. The regulations and compliance requirements are growing and continue to challenge colleges and universities capabilities to meet these demands.
Catbird protects private clouds with multiple security controls, mapping to FISMA’s regulatory framework and easily delivering proof of compliance with real-time diagrams and reports. Each affected FISMA control (SP-800-53 rev4) is listed with the audit test description and discussion of Catbird deployment to provide assurance and protection for the control. Catbird continuously monitors, audits, and analyzes thousands of virtual security events. These events are then used to calculate risk impact, security protection, and compliance metrics.
Catbird TrustZones is a unique logical segmentation and zoning solution architected for virtual infrastructure to ensure continuous policy protection of each asset within your cloud, meeting regulatory requirements and enabling compliance assurance.