Escape 2019 - Sysdig Multi-Cloud Visibility and Security- Awesome and Agnostic

Transcript

1. Multi-Cloud Security and Visibiity Agnostic…. And Awesome

2. About Me Dan Papandrea @popsysdig Current -Field CTO - Sysdig

   Former HPE Helion Principal Architect (PCF, Openstack, Hybrid Cloud) Former Lead Solution Engineer - SS&C Son of a pizza man...

3. Agnostic Defined

4. Awesome.. Defined. If I have to tell you… you probably

   need more awesome in your life

5. I think this talk will help you with your Awesome…...

6. Reality of MultiCloud and Cloud Native

7. Multi-Cloud Paradigms Choices… Cloud Provider Private Cloud Hybrid All of

   the above

8. Microservices: The default development model of Multi-Cloud Kubernetes Microservices Multi

   Cloud • Innovation pace • Cost efficiency • Risk mitigation

9. You can’t secure or SEE..what you cannot see Cloud-native leaves

   you blind. Cloud-native ops fails without dynamic context and scale. Containers disappear and leave no trail.

10. Legacy Point solutions Legacy or point solutions do not work.

    Secure & Reliable DevOps for Cloud native requires purpose-built tools • Not built for cloud-native apps • No Context • Not built for DevOps • Invasive instrumentation • Limited context • Lack scale and data depth

11. Visualization… its Prometheus or bust Vendors/OSS Solutions Deployment and Security

    -I swear to you im not being bribed by Armon Dadgar Visibility/Troubleshooting CLOUD Provider Tools (Cloudwatch etc) CLOUD Provider Registries (ECR, GCR, ACR etc)

12. Cloud native changes DevOps workflows Security Availability Reliability • Monitor

    performance & capacity • Troubleshoot issues Ops functions • Scan for vulnerabilities • Apply runtime policies • Triage security alerts • Support forensics/IR Security functions Operations and security functions converge for Secure DevOps

13. Context is King… and Queen…. and Rook.. and Bishop… and

    all the horses and all men Unstructured mix of data coming from individual hosts, VMs, and containers Enriched Context HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST SVC 1 SVC 2 SVC 3 SVC 4 Organized insights for applications, services, teams “How many CVEs have been identified in a particular namespace?” “Did a user access a container in a namespace in scope of PCI” “Which services are consuming the highest amount of CPU, memory, and network bandwidth” Common questions answered

14. Event Forwarding Response Actions Alerts Workflow of your cloud-native lifecycle

    BUILD CI/CD Security Registry Security Services Context Infrastructure Labels / Metadata (CONTEXT) Cloud Command Center SIEM Remediation RUN RESPOND Master Node Node Self-hosted SaaS Image Vulnerabilities IR / Forensics Sysdig Platform Metrics, Events Security Policies Events and Alerts, Commands and Captures On Prem

15. Sysdig Platform: Agnostic and Awesome Visibility/Security Deploy securely Block threats

    at runtime Remediate and respond Full stack cloud-native visibility Run reliably at scale Troubleshoot quickly

16. Unleash your Awesome…. FALCO.ORG

17. Thanks!