Doing SecOps using Cloud Native

Doing SecOps using Cloud Native

Doing SecOps using Cloud Native

Slides with my notes for download

I gave a talk on 26th April 2019 at the Cloud Security Conference by ISC2 Bangalore.

Abstract

SecOps or Security Operations is changing enterprise IT the same way how DevOps transformed enterprise Dev. By leveraging Cloud Native Services such as Serverless (Cloud functions, Lambda), Container runtimes (Docker) and Container schedulers (Kubernetes) we can bring in near real time detection and blocking of security attacks, analyse incidents and even remediate potential security holes before they become a problem.

The talk was broken down into 4 main topics.

  1. Demonstration of using Cloud Custodian to secure public S3 buckets.
  2. A case study on how stolen AWS IAM credentials can be revoked automagically using AWS CloudTrail.
  3. A bit about what is SecOps and what is Cloud Native.
  4. How all of this can be used together in a setup which is transient in nature.

The slides with presenter notes for download.

Case Study

SSRF to steal AWS IAM credentials attack and defence

This year, my plan is to expand on this topic and create more training material around Cloud Custodian and more.

Akash Mahajan avatar
About Akash Mahajan
That Web Application Security Guy long time ago. Co-Founder @AppseccoUK | Community Manager @null0x00 | Author - Burp Suite Essentials, Security Automation with Ansible2. Writing about application security, being part of communities like null, OWASP and other technically inclined topics. Sometimes about my company and books