Doing SecOps using Cloud Native
Slides with my notes for download
I gave a talk on 26th April 2019 at the Cloud Security Conference by ISC2 Bangalore.
SecOps or Security Operations is changing enterprise IT the same way how DevOps transformed enterprise Dev. By leveraging Cloud Native Services such as Serverless (Cloud functions, Lambda), Container runtimes (Docker) and Container schedulers (Kubernetes) we can bring in near real time detection and blocking of security attacks, analyse incidents and even remediate potential security holes before they become a problem.
The talk was broken down into 4 main topics.
- Demonstration of using Cloud Custodian to secure public S3 buckets.
- A case study on how stolen AWS IAM credentials can be revoked automagically using AWS CloudTrail.
- A bit about what is SecOps and what is Cloud Native.
- How all of this can be used together in a setup which is transient in nature.
The slides with presenter notes for download.
This year, my plan is to expand on this topic and create more training material around
Cloud Custodianand more.