Navigating the Cloud Native Security Landscape - Pablo Musa - NDC Porto 2023

Security

Security strategies for cloud native applications, including image scanning, registry security, vulnerability management, runtime security, and identity access management to prevent attacks and data exfiltration.

Key takeaways
  • Cloud security is a complex landscape, and companies need to prioritize their efforts.
  • Attackers can exploit vulnerabilities in cloud applications, and companies need to implement security measures to prevent this.
  • Image scanning and registry security are crucial for preventing attacks.
  • Minimal images are a low-hanging fruit for security improvements.
  • Companies should focus on securing their container images, registries, and build infrastructure.
  • Vulnerability management is important, and companies should prioritize fixing high-severity vulnerabilities.
  • Runtime security is critical, and companies should use tools like Falco to detect and prevent attacks.
  • Cloud data exfiltration is a significant threat, and companies should implement security measures to prevent this.
  • Identity and access management are crucial for securing cloud applications.
  • Companies should implement multi-factor authentication and limit access to sensitive data.
  • The average time to identify a vulnerability is 207 days, and companies should prioritize fixing vulnerabilities quickly.
  • The average time to contain a vulnerability is 70 days, and companies should prioritize containing vulnerabilities quickly.
  • Companies should use tools like Cloud Security Posture Management to monitor and secure their cloud applications.
  • The importance of image signing and registry security cannot be overstated.
  • Companies should prioritize securing their build infrastructure and implementing security measures to prevent attacks.
  • Runtime security is critical, and companies should use tools like Falco to detect and prevent attacks.
  • Companies should prioritize securing their container images, registries, and build infrastructure.
  • The average time to identify a vulnerability is 207 days, and companies should prioritize fixing vulnerabilities quickly.
  • The average time to contain a vulnerability is 70 days, and companies should prioritize containing vulnerabilities quickly.

More talks

S1E4 CircleCI CTO Rob Zuber on the value of scrappiness and constantly adapting your leadership

Everything You Need to Know about Security Issues in Today’s ML Systems | David Glavas

Ryan May - Building MetPy for the Long Term | SciPy 2023

Bug Bounty Evolution: Not Your Grandson's Bug Bounty

"Growing Data Center networking mgmt UI using ClojureScript, Reagent and re-frame" by Kirill Ishanov

Demystifying Ethereum Staking & The Merge, Aqeel Mohammad, Ethereum Foundation @ Futurist Conference

Gajendra Deshpande - Deceptive Security using Python

Matthew Rocklin - Dask in Production | SciPy 2024