We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Navigating the Cloud Native Security Landscape - Pablo Musa - NDC Porto 2023
Security strategies for cloud native applications, including image scanning, registry security, vulnerability management, runtime security, and identity access management to prevent attacks and data exfiltration.
- Cloud security is a complex landscape, and companies need to prioritize their efforts.
- Attackers can exploit vulnerabilities in cloud applications, and companies need to implement security measures to prevent this.
- Image scanning and registry security are crucial for preventing attacks.
- Minimal images are a low-hanging fruit for security improvements.
- Companies should focus on securing their container images, registries, and build infrastructure.
- Vulnerability management is important, and companies should prioritize fixing high-severity vulnerabilities.
- Runtime security is critical, and companies should use tools like Falco to detect and prevent attacks.
- Cloud data exfiltration is a significant threat, and companies should implement security measures to prevent this.
- Identity and access management are crucial for securing cloud applications.
- Companies should implement multi-factor authentication and limit access to sensitive data.
- The average time to identify a vulnerability is 207 days, and companies should prioritize fixing vulnerabilities quickly.
- The average time to contain a vulnerability is 70 days, and companies should prioritize containing vulnerabilities quickly.
- Companies should use tools like Cloud Security Posture Management to monitor and secure their cloud applications.
- The importance of image signing and registry security cannot be overstated.
- Companies should prioritize securing their build infrastructure and implementing security measures to prevent attacks.
- Runtime security is critical, and companies should use tools like Falco to detect and prevent attacks.
- Companies should prioritize securing their container images, registries, and build infrastructure.
- The average time to identify a vulnerability is 207 days, and companies should prioritize fixing vulnerabilities quickly.
- The average time to contain a vulnerability is 70 days, and companies should prioritize containing vulnerabilities quickly.