Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Escape 2019 - Sysdig Multi-Cloud Visibility and...

Dan POP
October 17, 2019
Technology
0
390

Escape 2019 - Sysdig Multi-Cloud Visibility and Security- Awesome and Agnostic

How do I understand what services are where on a multi-cloud deployment? How do I secure my applications across clouds based on the context I'm being provided in Kubernetes or my Cloud Provider (AWS, GKE, or Azure)? Dan Papandrea will walk through real world examples of deploying clusters and applications across clouds with realtime golden signal visibility, alerting, and lifecycle security for building, running, and post mortem security on my mission critical applications across your clouds

Dan POP

October 17, 2019
Tweet

More Decks by Dan POP

See All by Dan POP
Kubecon 2020 NA Deck
danpopsd
0
69
DevopsNYC Meetup 4-15-2020
danpopsd
1
100

Other Decks in Technology

See All in Technology
mikroBus HAT を用いた簡易ベアメタル開発
tarotene
0
260
Intuneお役立ちツールのご紹介
sukank
3
740
AI長期記憶システム構築のための LLMマルチエージェントの取り組み / Awarefy-LLM-Multi-Agent
iktakahiro
2
340
DatabricksにおけるLLMOpsのベストプラクティス
taka_aki
4
1.6k
スクラムチームを立ち上げる〜チーム開発で得られたもの・得られなかったもの〜
ohnoeight
1
280
障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2
arthur1
2
130
LINEヤフー株式会社における音声言語情報処理AI研究開発@SP/SLP研究会 2024.10.22
lycorptech_jp
PRO
2
270
Lambdaと地方とコミュニティ
miu_crescent
1
140
「視座」の上げ方が成人発達理論にわかりやすくまとまってた / think_ perspective_hidden_dimensions
shuzon
2
16k
ZOZOTOWNのホーム画面をパーソナライズすることの難しさと裏話を語る
f6wbl6
1
470
AWS CodePipelineでコンテナアプリをデプロイした際に、古いイメージを自動で削除する
smt7174
1
130
Windows Autopilot Deployment by OSD Guy
tamaiyutaro
0
300

Featured

See All Featured
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
46
2.1k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Agile that works and the tools we love
rasmusluckow
327
21k
Testing 201, or: Great Expectations
jmmastey
38
7.1k
The Art of Programming - Codeland 2020
erikaheidi
52
13k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Scaling GitHub
holman
458
140k

Transcript

  1. Multi-Cloud Security and Visibiity Agnostic…. And Awesome

  2. About Me Dan Papandrea @popsysdig Current -Field CTO - Sysdig

    Former HPE Helion Principal Architect (PCF, Openstack, Hybrid Cloud) Former Lead Solution Engineer - SS&C Son of a pizza man...

  3. Agnostic Defined

  4. Awesome.. Defined. If I have to tell you… you probably

    need more awesome in your life

  5. I think this talk will help you with your Awesome…...

  6. Reality of MultiCloud and Cloud Native

  7. Multi-Cloud Paradigms Choices… Cloud Provider Private Cloud Hybrid All of

    the above

  8. Microservices: The default development model of Multi-Cloud Kubernetes Microservices Multi

    Cloud • Innovation pace • Cost efficiency • Risk mitigation

  9. You can’t secure or SEE..what you cannot see Cloud-native leaves

    you blind. Cloud-native ops fails without dynamic context and scale. Containers disappear and leave no trail.

  10. Legacy Point solutions Legacy or point solutions do not work.

    Secure & Reliable DevOps for Cloud native requires purpose-built tools • Not built for cloud-native apps • No Context • Not built for DevOps • Invasive instrumentation • Limited context • Lack scale and data depth

  11. Visualization… its Prometheus or bust Vendors/OSS Solutions Deployment and Security

    -I swear to you im not being bribed by Armon Dadgar Visibility/Troubleshooting CLOUD Provider Tools (Cloudwatch etc) CLOUD Provider Registries (ECR, GCR, ACR etc)

  12. Cloud native changes DevOps workflows Security Availability Reliability • Monitor

    performance & capacity • Troubleshoot issues Ops functions • Scan for vulnerabilities • Apply runtime policies • Triage security alerts • Support forensics/IR Security functions Operations and security functions converge for Secure DevOps

  13. Context is King… and Queen…. and Rook.. and Bishop… and

    all the horses and all men Unstructured mix of data coming from individual hosts, VMs, and containers Enriched Context HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST SVC 1 SVC 2 SVC 3 SVC 4 Organized insights for applications, services, teams “How many CVEs have been identified in a particular namespace?” “Did a user access a container in a namespace in scope of PCI” “Which services are consuming the highest amount of CPU, memory, and network bandwidth” Common questions answered

  14. Event Forwarding Response Actions Alerts Workflow of your cloud-native lifecycle

    BUILD CI/CD Security Registry Security Services Context Infrastructure Labels / Metadata (CONTEXT) Cloud Command Center SIEM Remediation RUN RESPOND Master Node Node Self-hosted SaaS Image Vulnerabilities IR / Forensics Sysdig Platform Metrics, Events Security Policies Events and Alerts, Commands and Captures On Prem

  15. Sysdig Platform: Agnostic and Awesome Visibility/Security Deploy securely Block threats

    at runtime Remediate and respond Full stack cloud-native visibility Run reliably at scale Troubleshoot quickly

  16. Unleash your Awesome…. FALCO.ORG

  17. Thanks!