Demos are on Youtube.
Demo1
https://www.youtube.com/watch?v=qIGmlNk6Mr4
Demo 2
https://www.youtube.com/watch?v=2tNrL0dD_BA
Demo 3
https://www.youtube.com/watch?v=Jyl3ndjlYKo
Demo 4
https://www.youtube.com/watch?v=G5yUpvh8UJs
Gist 1 - Demo policy
https://gist.github.com/makash/0d969155e2f4de04bae5267f2f1c8a3c
Gist 2 - If policy was to be run periodically as an AWS Lambda
https://gist.github.com/makash/a8433db0245f36badb48ade2d3228f53
Gist 3 - All the commands from the demos
https://gist.github.com/makash/62c6e60d08c527202c088f745bb2923c
SecOps or Security Operations is changing enterprise IT the same way how DevOps
transformed enterprise Dev. The complexity of operations is ever increasing and with the advent and extensive usage of Public Cloud the risk is ever greater.
We need to gear up for this world and a workable approach is to tackle this new world with the same enthusiasm as developers have taken up.
By leveraging Cloud Native Services such as Serverless (Cloud functions, Lambda), Container run-times (Docker) and Container schedulers (Kubernetes) we can bring in near real time detection and blocking of security attacks, analyse incidents and even do remediation of potential security holes before they become a problem.
During this talk and demo we will cover two live demonstrations of this approach and use the demonstrations to expand on the following
1. What exactly is SecOps for the Cloud
2. When is it Cloud Native
3. Why do we need it to be Cloud Native4
4. What do you need to get started with this now
Demonstrations
1. Automated Real Time Blocking of Data Breaches due to public S3 buckets