Upgrade to Pro — share decks privately, control downloads, hide ads and more …

2019 CISO Leadership Forum: Security 3.0 – Shifting to Automation

Twistlock
April 23, 2019
Technology
0
64

2019 CISO Leadership Forum: Security 3.0 – Shifting to Automation

Twistlock

April 23, 2019
Tweet

More Decks by Twistlock

See All by Twistlock
Container Security & Application Modernization
twistlock
0
81
AWS Containerized and Serverless services for running enterprise code at scale
twistlock
0
32
A Continuous Journey with Jenkins
twistlock
0
27
How Containers Change the Security Paradigm
twistlock
0
33
Going Infinite, handling 1M websockets connections in Go
twistlock
0
130
DevSecOps meets GitOps with Twistlock and Weaveworks
twistlock
0
130
The Story of Escape Sequence Vulnerabilities
twistlock
0
95
Real World Security: Software Supply Chain
twistlock
0
96
Exploiting Alpine Linux From Vulnerability to Code Execution
twistlock
1
330

Other Decks in Technology

See All in Technology
The CloudCompare project by Dr. Daniel Girardeau-Montaut
kentaitakura
0
480
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
1
630
HEXA OSINT CTF V3 作戦会議
meow_noisy
0
100
TransitGatewayの基礎
toru_kubota
0
220
カオナビの利用実績をアウトカムへつなげる旅 / example-of-data-management-startup-in-kaonavi
kaonavi
0
100
普段有償でサポート業務をしているCSAが技術知見を無料で公開する理由
07jp27
1
610
ビジネスとエンジニアリングの接合点 そしてコード品質がそこに及ぼす影響 v1.1 / The Intersections of Business and Engineering, and The Impact of Code Quality There (v1.1)
mtx2s
11
2.4k
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
110
Four keys改善の取り組み事例紹介
sansantech
PRO
2
220
インシデントレスポンスのライフサイクルを廻すポイントってなに / Pinpoints of Incidentresponse Lifecycle for Operation
sakaitakeshi
0
280
A (short) History of AI
harishpillay
0
100
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
630

Featured

See All Featured
How GitHub (no longer) Works
holman
302
140k
Typedesign – Prime Four
hannesfritz
36
2k
What's in a price? How to price your products and services
michaelherold
237
11k
Visualization
eitanlees
135
14k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
60
14k
Mobile First: as difficult as doing things right
swwweet
215
8.6k
Building Effective Engineering Teams - LeadDev
addyosmani
26
1.8k
Raft: Consensus for Rubyists
vanstee
130
6.2k
The Mythical Team-Month
searls
214
42k
The Cult of Friendly URLs
andyhume
73
5.6k
Fantastic passwords and where to find them - at NoRuKo
philnash
35
2.5k
Being A Developer After 40
akosma
56
580k

Transcript

  1. None

  2. | © 2019 | Confidential Software is eating the world

    Every org is becoming a software org Software orgs need modern tools DevOps, containers, and cloud native are those tools The world is dangerous ‘Democratization’ of sophisticated attacks Security teams and SOCs overloaded Your own software is the softest target

  3. | © 2019 | Confidential Think about your cloud native

    infrastructure… it’s abstraction on top of abstraction, especially from a networking standpoint Everything is ephemeral and everything is constantly changing — many more entities to secure Security is largely in the hands of the developer Security needs to be as portable as the applications Cloud Native Makes It Harder...

  4. | © 2019 | Confidential The nature of cloud native

    applications allows for a new approach to security Apply machine learning to understand actual runtime behavior Build models of what applications should do to detect and prevent what they shouldn’t …But Also Easier

  5. | © 2019 | Confidential Today’s Orgs Have More Infrastructure

    Options Than Ever Before

  6. | © 2019 | Confidential Real World Risks from the

    Past Two Years Weight Watchers IT infrastructure exposed via no-password Kubernetes server Kubernetes' first major security hole discovered, allowing privilege escalation, with a CVSS 9.8 February 2018 May 2018 June 2018 December 2018 SSRF in Shopify Exchange leads to root access in all containers Tesla cloud resources are hacked to run cryptocurrency mining malware RunC container escape flaw enables root access to host system February 2019 And last week, Twistlock Labs disclosed a directory traversal vulnerability in kubectl

  7. | © 2019 | Confidential With the right approach, this

    new world is more secure.

  8. | © 2019 | Confidential Enabling Better Defense The nature

    of cloud native technologies allows for a new approach to security Machine learning and automation take manual configuration out of the picture Whitelist what applications should do to detect and prevent what they shouldn’t 8

  9. | © 2019 | Confidential New World Security Shift security

    left – modeling integrated into CI/CD Policy custom tailored for each application, each build Security that automatically scales with the environment 9