Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting Started with Cloud Native Security for ...

Akash Mahajan
May 29, 2021
Technology
0
100

Getting Started with Cloud Native Security for Security Pros

This is a presentation for security pros who want to get started with Cloud-native security.

Light on actual resources, we focus on why this is emerging, why it is important, and easy to follow steps.

Skip to slide 10 if are you aren't interested in my career start or the big shifts happening currently.

Akash Mahajan

May 29, 2021
Tweet

More Decks by Akash Mahajan

See All by Akash Mahajan
Secure Software Development For Cloud (AWS) Teams
makash
1
390
On Writing Well
makash
0
160
Minimum Viable Security for Startups
makash
1
79
Reliable Automated Cloud Native Security Operations
makash
0
180
Doing SecOps for the Cloud using CloudNative
makash
1
320
OSINT Techniques for Pwning FinTech
makash
1
320
Secrets In Our Clouds
makash
0
180
It's The Threat Model Silly
makash
0
260
Application Security in the time of Containers
makash
0
71

Other Decks in Technology

See All in Technology
RubyのWebアプリケーションを50倍速くする方法 / How to Make a Ruby Web Application 50 Times Faster
hogelog
3
940
AGIについてChatGPTに聞いてみた
blueb
0
130
SREによる隣接領域への越境とその先の信頼性
shonansurvivors
2
520
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
1.2k
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
320
iOSチームとAndroidチームでブランチ運用が違ったので整理してます
sansantech
PRO
0
140
OCI Vault 概要
oracle4engineer
PRO
0
9.7k
AIチャットボット開発への生成AI活用
ryomrt
0
170
ノーコードデータ分析ツールで体験する時系列データ分析超入門
negi111111
0
410
Application Development WG Intro at AppDeveloperCon
salaboy
0
190
Adopting Jetpack Compose in Your Existing Project - GDG DevFest Bangkok 2024
akexorcist
0
110
オープンソースAIとは何か? --「オープンソースAIの定義 v1.0」詳細解説
shujisado
9
1k

Featured

See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
RailsConf 2023
tenderlove
29
900
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
It's Worth the Effort
3n
183
27k
Designing for humans not robots
tammielis
250
25k
Writing Fast Ruby
sferik
627
61k
Keith and Marios Guide to Fast Websites
keithpitt
409
22k
What's new in Ruby 2.0
geeforr
343
31k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k

Transcript

  1. An Unexpected Journey How I learnt to ❤ security and

    thrived Akash Mahajan @ Expert Masterclass | Mar 2021

  2. Akash Mahajan ★ Co-Founder Kloudle, Appsecco, null.community ★ Published Author

    of Burp Suite Essentials, Security Automation using Ansible ★ Trainer BlackHat, nullcon, c0c0n ★ Technical Reviewer of books/conferences ◦ Terraform Up and Running - Book ◦ DefCon Cloud Village, Recon Village (2019-20) ◦ PyCon India 2020

  3. From Coder to Company Creator

  4. I want to talk about the future “3 huge shifts

    taking place in the tech world; platforms, app dev and therefore security”

  5. PLATFORM SHIFTS 3 Tier to Cloud Native Apps & IaaS

    to CaaS 5 Monoliths to Microservices Virtual Machines on IaaS to Containers on Kubernetes

  6. 6 Waterfall DevOps Cloud-Native Ops Cloud Native Developer Head Platforms

    & CloudNative APP LIFECYCLE SHIFT Redefined Roles IT Admin/App Dev turned into DevOps Head of DevSecOps/SRE Enterprise App Developer AppSec Pentester

  7. 7 Event & data driven security Perimeter based Application Security

    in Virtual Machines with traditional network and web application firewalls SECURITY ARCHITECTURE SHIFT Perimeter to Data Centric Security Events & Data Firewalls (Network/WAF) Port/Service Allowed API access (HTTPs)

  8. What is covered when we say Cloud Native

  9. Cloud Native Security requires ★ DevSecOps + DevOps working together

    ★ Immutable Infrastructure for production, usually achieved by Infra as Code (IaC) ★ Continuous Deployment pipelines for infrastructure and code and supporting services ★ Event Driven Security to enable automation for monitoring and response

  10. Learn for the cloud ★ To setup Virtual Machines with

    CLI (AWS, Azure, GCP) and with code (Terraform, AWS CDK, Pulumi) ★ Learn using Just in Time security for eg. enable port access using API based on events & triggers ★ Learn deploying complete applications with databases as Docker on VMs and managed services like AWS Fargate, Google Cloud Run ★ Write asynchronous event based cloud functions in Python/NodeJS/Golang for Functions as a Service

  11. Go in depth Day2 ops for SREs ❏ Secure access

    to production ❏ How to deploy source code to app using CI/CD ❏ How to do encrypted backups ❏ How to manage vulnerabilities ❏ How to alert, notify and respond ❏ How to define Service Level Objectives

  12. Freshers do 3 things now! 2 3 1

  13. @makash https://linkedin.com/companies/kloudle @kloudleinc http://linkedin.com/in/akashm