Introduction

Who are we?

• Principal Engineers
• Infosec & crypto
• paul.kehrer@rackspace.com
• lvh@rackspace.com

Rackspace

What's going on?

Attacks are evolving

• More attacks
• More advanced
• More visible

APT

Advanced Persistent Threat

• Human-driven
• Reactive and ongoing
• Targeted

Why are attacks more prevalent?

More information

• More services, lots of data
• Huge success of cloud computing
• PII, customer data, IP…

Attacks have evolved

• State-level funding
• Robust exploit market
• Market specialization
• Revenue > cost, low risk

The security poverty line

• Most organizations can't afford security
• Lack of specialized talent
• Tons of vendors (RSA Conference?)
  • Examining options is a full-time job

Increasing cost of defense

• Effective monitoring is 24x7x365
• n analyst salaries, equipment, licenses

TL;DR

• SME's don't have the resources
• All companies have better things to do
• Tools are less accessible

How are we helping?

Current open source

Rackspace created/sponsored:

• PyCA (Python Cryptographic Authority)
• pip TLS improvements
• Python stdlib TLS improvements
• …

Great, but not enough

Doesn't help if:

• your box is rooted,
• your auth scheme is full of holes,
• your TLS configuration is broken,
• …

Mission

Customer-facing security services

Current services

• Managed security
• Compliance assistance

Managed security

Security-as-a-service

Backed by 24 x 7 x 365 CSOC

CSOC

Customer Security Operations Center

3 x 8 security analysts, 24 x 7 x 365

Analytics platform

Benefit of hosting provider scale:

• Correlate across customers
• Lots of internal network data

Compliance assistance

PCI-DSS, HIPPA, …

Compliance

• Compliance as a consequence of security
• Not "teach the test" compliance
• Largely possible because specs are saner

Thank you!

Questions?