Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Security at Scale

Security at Scale

In this presentation, I highlight patterns to secure modern software delivery workflows and explain what steps are important and why.

This version of the talk was given as the closing keynote during the Open Source Cloud Strategies and Solutions Day in November 2023.

---

Companion Code: github.com/workloads

Kerim Satirli

November 23, 2023

More Decks by Kerim Satirli

Other Decks in Programming

Transcript

  1. 96% of applications have OSS dependencies and they're in your

    repos. 96% of applications have OSS dependencies and they're in your repos.
  2. developer's environment and remote experiences develop developer's environment and build

    environments build build environments and artifact registries store orchestration platforms (Nomad, Kubernetes etc) run Software Delivery Lifecycle
  3. trust trust developer's environment and remote experiences developer's environment and

    build environments build environments and artifact registries orchestration platforms (Nomad, Kubernetes etc) trust trust Software Delivery Lifecycle
  4. Securing Development Level 1 ▪ clear guidelines on what is

    acceptable and what isn’t ▪ locally available tooling to verify code meets rulesets Level 2 ▪ automated linting and testing after git push ▪ cryptographically signed and verified commits Level 3 ▪ branch protection and required trust levels ▪ no unaudited bypassing of security functionality
  5. Protecting Builds Level 1 ▪ no builds using unsigned or

    unverified commits ▪ build server configuration is codified and tested Level 3 ▪ all builds have a validated software bill of materials ▪ all builds are hermetic, all dependencies packaged Level 2 ▪ actively create and store tamper-proof build logs ▪ build server configuration uses strong addressing
  6. Safeguarding Artifacts Level 1 ▪ artifacts must be fully cryptographically

    signed ▪ monitor for outliers in artifact attributes Level 2 ▪ isolate artifact servers by application environment ▪ limit admin access and regularly audit access Level 3 ▪ all dependencies must be explicitly allowed for use ▪ artifacts must pass regular scans while "live"
  7. Securing Orchestrators Level 1 ▪ consider the shared responsibility model

    ▪ lock down ingress and egress of service interface Level 2 ▪ only allow codified workloads to be executed ▪ define a clear secrets management strategy Level 3 ▪ right-size hardware and monitor for zombie usage ▪ build patterns to fail securely instead of safely