Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Escape 2019 - Sysdig Multi-Cloud Visibility and...

Dan POP
October 17, 2019

Escape 2019 - Sysdig Multi-Cloud Visibility and Security- Awesome and Agnostic

How do I understand what services are where on a multi-cloud deployment? How do I secure my applications across clouds based on the context I'm being provided in Kubernetes or my Cloud Provider (AWS, GKE, or Azure)? Dan Papandrea will walk through real world examples of deploying clusters and applications across clouds with realtime golden signal visibility, alerting, and lifecycle security for building, running, and post mortem security on my mission critical applications across your clouds

Dan POP

October 17, 2019
Tweet

More Decks by Dan POP

Other Decks in Technology

Transcript

  1. About Me Dan Papandrea @popsysdig Current -Field CTO - Sysdig

    Former HPE Helion Principal Architect (PCF, Openstack, Hybrid Cloud) Former Lead Solution Engineer - SS&C Son of a pizza man...
  2. Microservices: The default development model of Multi-Cloud Kubernetes Microservices Multi

    Cloud • Innovation pace • Cost efficiency • Risk mitigation
  3. You can’t secure or SEE..what you cannot see Cloud-native leaves

    you blind. Cloud-native ops fails without dynamic context and scale. Containers disappear and leave no trail.
  4. Legacy Point solutions Legacy or point solutions do not work.

    Secure & Reliable DevOps for Cloud native requires purpose-built tools • Not built for cloud-native apps • No Context • Not built for DevOps • Invasive instrumentation • Limited context • Lack scale and data depth
  5. Visualization… its Prometheus or bust Vendors/OSS Solutions Deployment and Security

    -I swear to you im not being bribed by Armon Dadgar Visibility/Troubleshooting CLOUD Provider Tools (Cloudwatch etc) CLOUD Provider Registries (ECR, GCR, ACR etc)
  6. Cloud native changes DevOps workflows Security Availability Reliability • Monitor

    performance & capacity • Troubleshoot issues Ops functions • Scan for vulnerabilities • Apply runtime policies • Triage security alerts • Support forensics/IR Security functions Operations and security functions converge for Secure DevOps
  7. Context is King… and Queen…. and Rook.. and Bishop… and

    all the horses and all men Unstructured mix of data coming from individual hosts, VMs, and containers Enriched Context HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST SVC 1 SVC 2 SVC 3 SVC 4 Organized insights for applications, services, teams “How many CVEs have been identified in a particular namespace?” “Did a user access a container in a namespace in scope of PCI” “Which services are consuming the highest amount of CPU, memory, and network bandwidth” Common questions answered
  8. Event Forwarding Response Actions Alerts Workflow of your cloud-native lifecycle

    BUILD CI/CD Security Registry Security Services Context Infrastructure Labels / Metadata (CONTEXT) Cloud Command Center SIEM Remediation RUN RESPOND Master Node Node Self-hosted SaaS Image Vulnerabilities IR / Forensics Sysdig Platform Metrics, Events Security Policies Events and Alerts, Commands and Captures On Prem
  9. Sysdig Platform: Agnostic and Awesome Visibility/Security Deploy securely Block threats

    at runtime Remediate and respond Full stack cloud-native visibility Run reliably at scale Troubleshoot quickly