Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting Started with Cloud Native Security for Security Pros

Akash Mahajan
PRO
May 29, 2021
Technology
0
91

Getting Started with Cloud Native Security for Security Pros

This is a presentation for security pros who want to get started with Cloud-native security.

Light on actual resources, we focus on why this is emerging, why it is important, and easy to follow steps.

Skip to slide 10 if are you aren't interested in my career start or the big shifts happening currently.

Akash Mahajan
PRO

May 29, 2021
Tweet

More Decks by Akash Mahajan

See All by Akash Mahajan
Secure Software Development For Cloud (AWS) Teams
makash
PRO
1
380
On Writing Well
makash
PRO
0
150
Minimum Viable Security for Startups
makash
PRO
1
77
Reliable Automated Cloud Native Security Operations
makash
PRO
0
170
Doing SecOps for the Cloud using CloudNative
makash
PRO
1
310
OSINT Techniques for Pwning FinTech
makash
PRO
1
300
Secrets In Our Clouds
makash
PRO
0
170
It's The Threat Model Silly
makash
PRO
0
230
Application Security in the time of Containers
makash
PRO
0
60

Other Decks in Technology

See All in Technology
Oracle Exadata Database Service on Cloud@Customer (ExaDB-C@C) - UI スクリーン・キャプチャ集
oracle4engineer
PRO
1
1.1k
OPENLOGI Company Profile for engineer
hr01
1
1.1k
インシデントレスポンスのライフサイクルを廻すポイントってなに / Pinpoints of Incidentresponse Lifecycle for Operation
sakaitakeshi
0
260
ログラスにおけるコード品質でビジネスに貢献する仕組み・カルチャー / A system and culture that contributes to business through code quality in Loglass
yoshikiiida
11
1.6k
自動生成を活用した、運用保守コストを抑える Error/Alert/Runbook の一元集約管理 / Centralized management of Error/Alert/Runbook to minimize operational costs using automated code generation
biwashi
6
770
なぜ NOT A HOTEL が Web3 に取り組むのか - NOT A HOTEL TECH TALK
ynunokawa
0
150
Podmanで推す OpenShift Kubernetes入門/Introduction to OpenShift and K8s by Podman
tnk4on
0
180
Head toward Java 22 and Java 23
lycorptech_jp
PRO
1
140
「共通基盤」を超えよ! 今、Platform Engineeringに取り組むべき理由
jacopen
24
5.3k
SPI原点回帰論:事業課題とFour Keysの結節点を見出す実践的ソフトウェアプロセス改善 / DevOpsDays Tokyo 2024
visional_engineering_and_design
3
360
日本におけるデータエンジニアリングのこれまでとこれから
foursue
4
450
オブザーバビリティの Primary Signals
onk
PRO
0
500

Featured

See All Featured
Large-scale JavaScript Application Architecture
addyosmani
502
110k
Raft: Consensus for Rubyists
vanstee
130
6.2k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.9k
Visualization
eitanlees
135
14k
Building Your Own Lightsaber
phodgson
97
5.7k
Building Effective Engineering Teams - LeadDev
addyosmani
26
1.8k
Producing Creativity
orderedlist
PRO
336
39k
Building Flexible Design Systems
yeseniaperezcruz
318
37k
Optimizing for Happiness
mojombo
369
69k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
243
20k
Bash Introduction
62gerente
604
210k
Building a Scalable Design System with Sketch
lauravandoore
455
32k

Transcript

  1. An Unexpected Journey How I learnt to ❤ security and

    thrived Akash Mahajan @ Expert Masterclass | Mar 2021

  2. Akash Mahajan ★ Co-Founder Kloudle, Appsecco, null.community ★ Published Author

    of Burp Suite Essentials, Security Automation using Ansible ★ Trainer BlackHat, nullcon, c0c0n ★ Technical Reviewer of books/conferences ◦ Terraform Up and Running - Book ◦ DefCon Cloud Village, Recon Village (2019-20) ◦ PyCon India 2020

  3. From Coder to Company Creator

  4. I want to talk about the future “3 huge shifts

    taking place in the tech world; platforms, app dev and therefore security”

  5. PLATFORM SHIFTS 3 Tier to Cloud Native Apps & IaaS

    to CaaS 5 Monoliths to Microservices Virtual Machines on IaaS to Containers on Kubernetes

  6. 6 Waterfall DevOps Cloud-Native Ops Cloud Native Developer Head Platforms

    & CloudNative APP LIFECYCLE SHIFT Redefined Roles IT Admin/App Dev turned into DevOps Head of DevSecOps/SRE Enterprise App Developer AppSec Pentester

  7. 7 Event & data driven security Perimeter based Application Security

    in Virtual Machines with traditional network and web application firewalls SECURITY ARCHITECTURE SHIFT Perimeter to Data Centric Security Events & Data Firewalls (Network/WAF) Port/Service Allowed API access (HTTPs)

  8. What is covered when we say Cloud Native

  9. Cloud Native Security requires ★ DevSecOps + DevOps working together

    ★ Immutable Infrastructure for production, usually achieved by Infra as Code (IaC) ★ Continuous Deployment pipelines for infrastructure and code and supporting services ★ Event Driven Security to enable automation for monitoring and response

  10. Learn for the cloud ★ To setup Virtual Machines with

    CLI (AWS, Azure, GCP) and with code (Terraform, AWS CDK, Pulumi) ★ Learn using Just in Time security for eg. enable port access using API based on events & triggers ★ Learn deploying complete applications with databases as Docker on VMs and managed services like AWS Fargate, Google Cloud Run ★ Write asynchronous event based cloud functions in Python/NodeJS/Golang for Functions as a Service

  11. Go in depth Day2 ops for SREs ❏ Secure access

    to production ❏ How to deploy source code to app using CI/CD ❏ How to do encrypted backups ❏ How to manage vulnerabilities ❏ How to alert, notify and respond ❏ How to define Service Level Objectives

  12. Freshers do 3 things now! 2 3 1

  13. @makash https://linkedin.com/companies/kloudle @kloudleinc http://linkedin.com/in/akashm