The Cloud Is Under Attack. How Do You Secure It?

The New Stack · Intermediate ·🔐 Cybersecurity ·2y ago

Key Takeaways

The video discusses the growing problem of cloud-focused attacks and provides best practices for cybersecurity in the cloud, including the use of infrastructure as code, shifting left, and cloud security posture management. It features Elia Zaitsev, Global CTO of CrowdStrike, who shares insights on cloud security challenges and opportunities.

Full Transcript

[Music] you're watching the new sack makers a podcast for people who develop deploy and manage at scale software for more information and articles about at scale Technologies please visit the new stack.io now enjoy the show crowdstrike has redefined modern cyber security with our Advanced Cloud native platforms for protecting endpoints and Cloud workloads identity and data crowdstrike's adversary focused approach to cnap provides agent-based and agentless solutions delivered from the crowdstrike Falcon platform everyone and welcome to the new stack makers I'm your host Heather Joslin features editor of the new stack in today's episode we're going to talk about something pretty scary The Horizon in cyber attacks that are focused on the cloud your Cloud specifically the one where you're basing your distributed architecture and the one where you run your critical applications and data the latest crowd risk report from crowdstrike shows an alarming rise in cases of adversaries targeting Cloud environments they've nearly tripled from 2021 to 2022 see today told you today's uh episode is going to be scary we'll link to our previous coverage of the report in the notes accompanying this podcast but to learn more about the nature of today's Cloud focused threats and how to protect against them we're joined by Ilya zaitsev Global CTO of crowdstrike Welcome Melia hi Heather thank you for having me thank you for joining us and before we begin we want to thank crowdstrike for sponsoring today's conversation so let's get started let's start all right um so Elia first of all what makes a cloud environment so hard to protect well I don't know if it's necessarily hard to protect in and of itself but it's different it has unique opportunities and benefits and it has you know unique challenges and circumstances so I think first of all it's again it's new it's something that a lot of individuals who have maybe been in security you know infosec for years for decades they've gotten very used to doing things one way and well now the the game has shifted a little bit and people are playing catch-up so that's part of it um I think as we evolve as an industry and people you know come into the business and they start with cloud and that's kind of their natural habitat from day one you know it'll be a little bit less of an issue from that regard but there are also some fundamental things about the nature of cloud again it's a double-edged sword it can cause benefits but it could also cause issues and one of that is the scale um you know in the in the old days of on-premise hardware and servers you know if I'm an application developer and I want to build something new someone's got to physically bring in boxes and set them up and plug them in and I've got to work with a bunch of teams to do that and of course all that gives me an opportunity if if I'm doing it correctly to build a process and a program and do it the right way with security by Design and one of the reasons why developers love the cloud so much is because hey it makes things quick and easy B you can scale to Crazy levels you know really quickly as long as you've got a big enough credit card uh to you know keep adding on the infrastructure but also in many cases especially if you're using like a modern devops you know programming Paradigm it lets the developer who's writing the code also set up the infrastructure and the the configurations of how it talks to each other the uh the security rules firewall the software it's running and this is a very powerful technique from a developer perspective it's called infrastructure as code it means that I can determine and design the entire environment along with my application and you know the way it operates on my developer laptop is or should be the same way it operates when I push it to the cloud and that's all great if you do it the right way of course if you make a mistake if I don't understand how to secure it properly and I put a wrong configuration you know in my infrastructure as code and then I go put it in the public cloud and I say run a million copies of this now I've just introduced that same mistake a million times over and there may not be any other teams departments processes limiting factors getting in my way to stop me from doing a bad thing that I don't realize yeah so if you if you unlock a door you're not just unlocked leaving one door unlocked you're leaving potentially a lot of doors unlocked the whole neighborhood is unlocked right the whole the whole city is unlocked now yeah um well I want to talk about misconfigurations and how to how to prevent them a little later in our talk but um you spoke at crowdstrike's recent Summit about how there are three kinds of attackers the cloud conscious the cloud capable and the cloud comfortable which I understand is a term you coined can you describe what those categories mean and how they play out in terms of threats yeah so uh that uh that interview that you mentioned I was doing it with a co-worker of mine Adam Myers he's our senior vice president of threat intelligence um so I think I don't know if he coined it if it's an existing term but he had talked about Cloud uh Cloud conscious and Cloud capable and we were kind of spitballing and I came up with this third term on the Fly I'm not a marketing person calling it Cloud comfortable so yeah let's let's break it down I guess if he's it's really all about the the maturity and the sophistication of the attacker the adversary when it comes to operating in that you know Cloud environment that cloud domain if you start with the cloud conscious adversary and again these are as far as I know unofficial terms but you know they it's pretty common sense a cloud conscious adversary knows that many organizations are going to be running some or all of their you know workloads have their data and infrastructure and systems living in the cloud and you know they know to look for things things they're going to check if there's misconfigurations and you know it's just something that they're going to do as part of their day-to-day if you will of looking for mischief and Mayhem to cause data to steal you know Etc Cloud capable you're kind of moving it up another layer you're not just familiar with the fact that there is this thing called the cloud but maybe you're treating it as just a different place to host you know traditional servers and applications but you're aware that there's unique capabilities unique threat models unique risks that the cloud pose and you're more actively pursuing them then you kind of get to this you know new area this emerging area that again we kind of made up on the on the fly during this uh interview that we called Cloud comfortable which is when you're not just aware and you can do some damage but it's actually your preferred Vector it's kind of like what we talked about a second ago you know you you the cloud is new for everyone right including the adversary but just like on the you know defensive side we have a new generation of individuals coming up and entering I.T and security that are basically being born in the cloud you're going to have the same thing with adversaries right they they typically you know unless you're working for a nation-state organization they're not checking your age and saying you've got to be 18 and you know meet uh child labor laws to to go be it yeah a hacker right so we've got this new generation of uh of adversaries that are coming up and they totally get the cloud and they implicitly understand what those risks are and again because of that scale that we talked about the ability and the risk of hey if there's an issue in one place it might be scaled up to many many systems that's actually the preferred attack Vector because they know if they find an issue that they're comfortable exploiting they can actually uh much more rapidly achieve their actions on objective cause damage um you know make financial gain on their side cause pain to you know the end user Etc what is it about um how infrastructure folks work and how developers work and how they do or don't work together it makes it hard for them to collaborate on cloud security yeah it's a great question um it's not that it has to make it hard um and I've seen it done right in many organizations but I've also seen it done wrong first of all there's cultural issues at play between your infrastructure your developer individuals and your security team not not just Cloud security but Security in general if you think about you know a typical stereotype of a infosec practitioner you know they're they're paid to be paranoid they want to do things slow and methodical and deliberate and make sure you're going through all these processes and doing things secure by Design they don't want to be bolting it on after the after the fact when you think about how developers tend to operate especially if they're used to the speed and flexibility of the cloud everything I just said you know is is anathema to them they're they want to go as quick as possible they don't want to be told hey you need to build something this way because it's the safe way they want to do it the fastest way the most efficient way the most scalable way and unfortunately sometimes that can be you know directly opposed to doing things securely so that that's part of it you know the other is what we talked about a little bit earlier where in the traditional kind of on-premise world you have to work with security and other teams to take your code and then progressively move it to the different systems and get it deployed out into production when you think about those you know infrastructure as code paradigms that devops mentality where that developer can put the whole thing together from start to finish they can now move quickly and if the security team isn't aware right they don't have an opportunity to engage you're left with you know this tension where the developer is happy with what they built and the security team is kind of left trying to catch up and say no way you forgot to do this please include us another reason that this happens again doesn't have to but we see it from time to time again cloud is new so you have new organizations within and actual company we have new teams new departments spinning up you know that don't have that security integrated from day one and maybe they don't have the relationships there's politics involved between the new shiny thing and the older Legacy thing and that can cause tension it doesn't have to happen but you know we do see it frequently the report which we'll we'll link to in the in the in the notes accompanying this and you can you who are listening to this can can go read it at your leisure um uh found that attackers are getting better at avoiding detection what are some of the ways they do this yeah in many ways it's not that different than what we've seen attackers do and increasingly doing on the in the in on-premise uh infrastructure um the cloud doesn't make it any different typically what they want to do or the most effective way for them to penetrate an organization is to pretend to be you so things that we've heard about before like social engineering right get the credentials of an administrator and then log in as an administrator that's a lot stealthier than trying to send somebody a Spearfish and convince them to click on a malicious document which typically isn't something you even think about in the cloud right you're not really hosting your laptop in the cloud you're running your server applications there's no one there to click on emails right so you're looking at misconfigurations you're looking to compromise credentials you're leveraging the fact that those credentials might be reused in a much wider environment for example or they have uh overly permissive privileges so that's really what they're trying to do they're trying to look like you you being the legitimate user the legitimate administrator and that's the most effective way to escape and avoid detection uh TNS I've written a few stories up and we talked so far in this about how attackers initially gain access through existing credentials are organizations issuing too many credentials in general and and if so what are some of the ways to tighten up security around this I actually don't know if the issue is that there are too many credentials um certainly when you have this very scalable infrastructure you know you you could do things maybe in a sub-optimal way where everything gets its own you know unique saying it's Unique account it's Unique password and maybe that's a bit you know needless and there's extra ones running around but I think the bigger issue is kind of what I touched on a second ago which is the permissions associated with those credentials um just like authorization is as opposed to authentication or yeah right so you know one of the things that we're always recommending um you know myself personally in Crosstrek in general and most security practitioners is to practice you know the principles of least privilege don't set up an account that has more access than what you need it to and again if you think about the unique qualities of the cloud that's more important than ever right if I have an account that is you know overly uh powerful and I can touch you know 10 servers at home that's very different than you know like a master administrative account in the cloud that can touch a million endpoints and has too many privileges um so that's I think that's overall you know the bigger issue that I'm seeing not the number of credentials but the the power that they have and this kind of gets back to I think your first question of you know why is the cloud hard to protect again it's it's not necessarily harder to protect and in fact there's some big advantages to the cloud the the cloud infrastructure providers this is their job right it's their it's all about their brand it's an existential risk to them if they're shipping you know insecure by default clouds they've got a lot of financial incentives to get things right out of the box so actually what you see in cloud is usually you start from in many cases a more secure standpoint but it's so secure in in many situations that um if you're not used to the cloud you go up and you run Apple try to run an application and you can't do anything nobody can talk to it because it's so locked down and then again if you're maybe a developer not working with a security team not used to doing things secure by Design you want to get things running as quickly as possible so what's the easiest way I'll open it up to the whole world and give it the most uh privileged set of uh credentials so I don't have to worry about carefully analyzing what is the minimum set of abilities that this account needs to do the job much easier just to give it access to everything but of course then if I forget to lock that back down and I ship my product into the cloud well now I've got this possibly one credential but it has way more privileges than it needs to and I think organizations need to be regularly doing this kind of ongoing hygiene and assessment looking at all the accounts the credentials that they've created in their environment and doing that regular assessment of is this really what they need can I dial it back a little bit and be a bit more secure I think the other thing we see in the cloud which not unique but more prevalent in the cloud is it's very easy to leak credentials for example I may have an application that I developed and it needs to have some credential to access some sensitive system um and maybe I accidentally stick that file in like a storage system like an Amazon S3 bucket that I forgot to restrict to only certain users I've left it open to the world or I've built these plain text credentials into my application into the artifacts of the application instead of doing it the more secure way using a proper credential management system so now if an attacker can somehow compromise that application maybe a vulnerability or a misconfiguration they one of the first things they'll typically do especially if they're not just you know conscious but capable and comfortable is they're going to look for those credentials and then say okay what else can I do with these credentials and then you combine that with them having too much privilege well now you can see you've got some trouble there so so one takeaway don't hard code your credentials in into your into your applications and your because correct never do it and there's almost never a good reason to do it other than you know it being quicker and cheaper and lazier I think it's definitely an unforced error that you can avoid um we talked a little bit about misconfigurations um the report found that 38 of The observed Cloud environments in the study were running insecure default settings from the cloud providers um obviously that's a that's a that's a that's an unforced error right there what are what are some of the best ways to sort of best practices I guess to to avoid misconfigurations yeah so there's I think about that it resulted that can make your Cloud insecure sure so there's there's probably I mean depending on who you talk to and how you categorize it there's I'd say three um principal typical ways that you can address it now I think and I'll go through those in a second I think that the mistake that a lot of uh shops make is that they'll rely on maybe one of these methods because it's quicker or cheaper what they're more comfortable with Etc but yeah I think this is one of those defense in-depth Concepts where you want to use all of them you want to have multiple layers of the fence but let's let's go back to what those techniques are and it basically you can look at it at as where it fits along that development and deployment process or pipeline if you will there's this concept they talk a lot about in cloud of Shifting left so if you go all the way to the beginning right if you're looking at your how does one build an application in the cloud well step one you know you could write the code you'd design the infrastructure often using Code infrastructure as code techniques so you have an opportunity when you're first building that code and when you have those configuring built into the code to do an assessment do a scan do an audit before it ever actually becomes physical or virtual hardware and say hey do I have any misconfigurations there you secure code analysis things of that nature then you have the next step which is okay you know we wrote Our code we maybe we did some assessment maybe not we turned that code into actual infrastructure Services uh virtual machines Etc well now you have another opportunity to do an assessment of scan monitoring of what those settings are when you initially create the environment it's very similar to doing at the code level but again you shouldn't assume that you've caught every mistake at the code level you should be looking and analyzing at what the actual state is of the environment and then there's the third aspect which is kind of the continuous real-time monitoring so I I have a misconfiguration perhaps maybe I have a tool to identify it maybe it's something brand new that nobody knows how to catch but there's still the actual system itself and I can instrument and monitor that system in real time similar to what we've been doing you know for years at Crossroads Flagship technology Falcon's next gen AV and EDR technology designed to do exactly that regardless of how the the attacker gets in and this configuration or vulnerability let's make sure that if they get through the perimeter if you will that we've got almost like a camera inside the house right looking for the burglar moving around and again as I said at the beginning of this uh response I see all too often organizations will put all their eggs in one of those three baskets when I think the correct thing to do the smart thing to do the resilient thing to do is to use all three of those in concert give yourself the maximum chance for success the full the full life cycle of the of the not just not just at build time not just it every full life cycle is that's a perfect term for it right end to end from creation to deployment to ongoing you know operations yeah to what what um which of those three stages do you find organizations are most likely to um fall down and like don't don't follow through in the in in in uh scanning or well when you're talking about clouds specifically I actually it's kind of ironic I find that it's that last piece the runtime piece which we've gotten so good and we're so focused on in our traditional Computing environments it's like second nature yeah how you'd be crazy to run a system you know a sensitive system in your corporate Network and not have some sort of real-time monitoring but remember we have a bit of that different that cultural uh misalignment you know this new paradigm of cloud um it's this very ephemeral concept of hey I have this micro service or a container it spins up it's up there for 15 20 30 minutes and then it disappears why would I need to look at it if it's only alive for 30 minutes well that's 30 minutes when an attacker could have circumvented your other controls and settings and don't you want to know what they've done during that 30 minutes right just because you erase the system doesn't mean they haven't stolen data or something of that nature doesn't mean that you don't have a million other systems with the same identical settings that are just waiting to be exploited somewhere else so for for many reasons that seems to be a part that gets a little bit less attention in the cloud world that it does you know in the traditional on-premise environment but there's no reason it should I think it's equally as important if anything it might be even more important because of that ephemeral nature of cloud I don't have a disk to go pull and do forensics on after the fact to try to piece together what happened real-time monitoring in many cases is the only way I'll ever know if and when and what happened in those environments so another takeaway just runtime environment runtime observability matters runtime security matters yeah if you wouldn't if you wouldn't run a system in your corporate Network without real time why would you do it in your Cloud environment um we've talked about a little bit about this already mentioned um a flagship product of strike but what is crowdstrike's approach to the problem of cloud focused attacks and and how does it help protect against them yeah so I think we've got two key things in our approach um and they they kind of touch on what we just talked about one we not only do we offer capabilities in our platform for all three of those steps right the full life cycle from scanning a container to um it's a technology that the industry calls Cloud security posture management or cspm looking at how the infrastructure once it gets deployed how it's actively configured and then of course the runtime security which is that's our bread and butter that's our claim to fame that's where we got our start with things like EDR xdr next-gen antivirus but I think what we do that's a little bit special unique in our secret sauce is two things number one we do it all in one platform in one system and we haven't bought like a couple different Technologies and we've you know stuck them side by side and you've got one screen to do this one screen to do that we unify that entire view so an analyst can look at a single pane of glass and they can see hey I have a misconfiguration over here did that misconfiguration was it you know leveraged by an adversary to do something or conversely hey I can see through real-time monitoring that there's something weird going on in this system great crowdstrike blocked it but is there a misconfiguration I should be looking out for that allowed the attacker to get there in the first place so that holistic view is won we're also really big proponents of the multi-cloud Paradigm and that's another area I forgot to mention this earlier that can trip up organizations working with the cloud it's very rare that you're working with one Cloud usually you've got many that it's very common that you've got you know Amazon AWS Microsoft Azure Google gcp and other providers and now you're asking a security team hey not only do you have to become an expert in this new Cloud world and you have to understand the correct settings for this one vendor but guess what you're going to be working with several others who have similar but different Technologies with kind of the same sounding name game but is that really the same thing it's it's it's crazy to some extent that you expect teams to be able to handle this all well that's what we do for example with our Cloud security posture management we focus on the ability to operate in all the clouds and kind of aggregate and normalize it so we can just tell you in one instant you know in one one snapshot hey you've got a misconfiguration in this database service whether it's you know from Microsoft or from Amazon you know we'll figure that out for you you just focus on the fact that there's an issue and here are the steps you want to take to resolve it and that's a wrap we'd like to thank Elia zaitsev for joining us today from crowdstrike thank you Elia thank you heather it's been a blast likewise and we'd like to thank crowdstrike itself for sponsoring today's conversation and we'd like to thank all of you for joining us this has been Heather Joslin for the new stack makers and we'll see you next time if you like this video please give us a thumbs up and if you'd like to see more videos like this you can always subscribe to our YouTube channel we're on all the major social media platforms you can always find us at the newstack.io we hope to see you soon foreign [Music]

Original Description

In this episode, Elia Zaitsev, Global CTO of CrowdStrike, spoke with us about the growing problem of cloud-focused attacks, the challenges involved in protecting against those attacks and some best practices that can help with cybersecurity in the cloud. Building and deploying applications in the cloud offers significant advantages, primarily driven by the scalability it provides. Developers appreciate the speed and ease with which cloud-based infrastructure can be set up, allowing them to scale rapidly as long as they have the necessary resources. However, the very scale that makes cloud computing attractive also poses serious risks. The risk lies in the potential for developers to make mistakes in application building, which can lead to widespread consequences when deployed at scale. Cloud-focused attacks have seen a significant increase, tripling from 2021 to 2022, as reported in the Cloud Risk Report by Crowdstrike. The challenges in securing the cloud are exacerbated by its relative novelty, with organizations still learning about its intricacies. The newer generation of adversaries is adept at exploiting cloud weaknesses and finding ways to attack multiple systems simultaneously. Cultural issues within organizations, such as the tension between security professionals and developers, can further complicate cloud protection. To safeguard cloud infrastructure, best practices include adopting the principle of least privilege, regularly evaluating access rights, and avoiding hard-coding credentials. Ongoing hygiene and assessments are crucial in ensuring that access levels are appropriate and minimizing risks of cloud-focused attacks. Overall, understanding and addressing the risks associated with cloud deployments are vital as cloud-native adversaries grow increasingly sophisticated. Implementing proper security measures, along with staying up-to-date on runtime security and avoiding misconfigurations, are essential in safeguarding cloud-based applications an
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from The New Stack · The New Stack · 0 of 60

← Previous Next →
1 What's Next for the Cloud Foundry Foundation in 2017 with Executive Director Abby Kearns
What's Next for the Cloud Foundry Foundation in 2017 with Executive Director Abby Kearns
The New Stack
2 How Unikernels Can Better Defend against DDoS Attacks
How Unikernels Can Better Defend against DDoS Attacks
The New Stack
3 Weaveworks is Bringing Horizontal Scaling to Prometheus
Weaveworks is Bringing Horizontal Scaling to Prometheus
The New Stack
4 TNS Analysts Thanksgiving Special: The Evolution of Kubernetes and the Container Ecosystem
TNS Analysts Thanksgiving Special: The Evolution of Kubernetes and the Container Ecosystem
The New Stack
5 How Rancher Labs is Seeing Kubernetes Put to Work in Production
How Rancher Labs is Seeing Kubernetes Put to Work in Production
The New Stack
6 SAP Tests Kubernetes for Cloud-Native Enterprise Software Deployments
SAP Tests Kubernetes for Cloud-Native Enterprise Software Deployments
The New Stack
7 Event Marketing for Today's Developer Evangelists and Community Managers
Event Marketing for Today's Developer Evangelists and Community Managers
The New Stack
8 NodeSource Introduces Certified Modules to Improve Node.js Security
NodeSource Introduces Certified Modules to Improve Node.js Security
The New Stack
9 How Lightstep is Illuminating the Case for Distributed Tracing
How Lightstep is Illuminating the Case for Distributed Tracing
The New Stack
10 How OpenStack Aims to be More Inclusive without being Exclusive
How OpenStack Aims to be More Inclusive without being Exclusive
The New Stack
11 How Shuttlecloud Saves Time and Money by Monitoring with Prometheus
How Shuttlecloud Saves Time and Money by Monitoring with Prometheus
The New Stack
12 Creating Analytics-Driven Solutions for Operational Visibility
Creating Analytics-Driven Solutions for Operational Visibility
The New Stack
13 Understanding the Application Pattern for Effective Monitoring
Understanding the Application Pattern for Effective Monitoring
The New Stack
14 Building On Docker's Native Monitoring Functionality
Building On Docker's Native Monitoring Functionality
The New Stack
15 The Importance of Having Visibility Into Containers
The Importance of Having Visibility Into Containers
The New Stack
16 How Getting Your Project in the CNCF Just Got Easier
How Getting Your Project in the CNCF Just Got Easier
The New Stack
17 Tectonic Summit Pancake Breakfast: How to Sell Kubernetes to the Hypervisor-Minded
Tectonic Summit Pancake Breakfast: How to Sell Kubernetes to the Hypervisor-Minded
The New Stack
18 The Buzz at Tectonic Summit 2016 in New York City
The Buzz at Tectonic Summit 2016 in New York City
The New Stack
19 Bringing Clarity to the Future of Node.js Modules
Bringing Clarity to the Future of Node.js Modules
The New Stack
20 How FluentD Can Help Monitor Microservice Architectures Through Unified Logging
How FluentD Can Help Monitor Microservice Architectures Through Unified Logging
The New Stack
21 Reshaping Front End Development with Warehouse.ai
Reshaping Front End Development with Warehouse.ai
The New Stack
22 2016 Year End Wrap-Up: Discussing Docker, OpenStack, and Open Source
2016 Year End Wrap-Up: Discussing Docker, OpenStack, and Open Source
The New Stack
23 Here's Why You Should Build a Robot Using Node.JS: Because You Can
Here's Why You Should Build a Robot Using Node.JS: Because You Can
The New Stack
24 How the Node.js Foundation is Utilizing Participatory Governance Models
How the Node.js Foundation is Utilizing Participatory Governance Models
The New Stack
25 Set Up an MongoDB Replica Set in Less Than an Hour Using Bitnami Packages
Set Up an MongoDB Replica Set in Less Than an Hour Using Bitnami Packages
The New Stack
26 Determining Who Bears the Burden of Ensuring NPM Module Security
Determining Who Bears the Burden of Ensuring NPM Module Security
The New Stack
27 How Intel Snap uses Telemetry and Kubernetes to Drive Enterprise Efficiency
How Intel Snap uses Telemetry and Kubernetes to Drive Enterprise Efficiency
The New Stack
28 How the NFL Scored a Touchdown with its Open Source React Framework Wildcat
How the NFL Scored a Touchdown with its Open Source React Framework Wildcat
The New Stack
29 Aporeto CEO Dimitri Stiliadis: When it Comes to Security, Context is King
Aporeto CEO Dimitri Stiliadis: When it Comes to Security, Context is King
The New Stack
30 The Buzz at Node.JS Interactive
The Buzz at Node.JS Interactive
The New Stack
31 Why Going Serverless Doesn't Mean 'No Ops'
Why Going Serverless Doesn't Mean 'No Ops'
The New Stack
32 How Node.js is Transforming Today's Enterprises
How Node.js is Transforming Today's Enterprises
The New Stack
33 JJ Asghar Interview
JJ Asghar Interview
The New Stack
34 How Capital One is Using APIs to Streamline Auto Financing
How Capital One is Using APIs to Streamline Auto Financing
The New Stack
35 SXSW 2017: How Machine Learning Differs From Regular Programming
SXSW 2017: How Machine Learning Differs From Regular Programming
The New Stack
36 SXSW 2017: Data-Driven Applications with Capital One DevExchange's Hydrograph
SXSW 2017: Data-Driven Applications with Capital One DevExchange's Hydrograph
The New Stack
37 SXSW 2017: How Good Engineers Make Bad Business Decisions
SXSW 2017: How Good Engineers Make Bad Business Decisions
The New Stack
38 CloudNativeCon & KubeCon EU Pancake Breakfast 2017: Kubernetes and the Multi-Cloud
CloudNativeCon & KubeCon EU Pancake Breakfast 2017: Kubernetes and the Multi-Cloud
The New Stack
39 CNCF Executive Director Dan Kohn: What's Next for CNCF in 2017
CNCF Executive Director Dan Kohn: What's Next for CNCF in 2017
The New Stack
40 Exploring the Latest Container Runtime Projects in the CNCF
Exploring the Latest Container Runtime Projects in the CNCF
The New Stack
41 Exploring the Future of the Kubernetes Ecosystem
Exploring the Future of the Kubernetes Ecosystem
The New Stack
42 Kubernetes and Continuous Deployment
Kubernetes and Continuous Deployment
The New Stack
43 Kris Nova of Deis at CouldNativecon/Kubecon in Berlin
Kris Nova of Deis at CouldNativecon/Kubecon in Berlin
The New Stack
44 Docker's Quest for Simplicity with the Evolution of Containerd
Docker's Quest for Simplicity with the Evolution of Containerd
The New Stack
45 Developers First: The Cloud Foundry Service Broker API and Kubernetes
Developers First: The Cloud Foundry Service Broker API and Kubernetes
The New Stack
46 Mapping the Future of CoreOS's rkt in the CNCF
Mapping the Future of CoreOS's rkt in the CNCF
The New Stack
47 Red Hat and Dell EMC: Two Perspectives from DockerCon
Red Hat and Dell EMC: Two Perspectives from DockerCon
The New Stack
48 Capital One Opened its APIs to Third-Party Developers — Here’s What They Learned
Capital One Opened its APIs to Third-Party Developers — Here’s What They Learned
The New Stack
49 SUSE Joins the CNCF, Brings Kubernetes to OpenStack Cloud 7
SUSE Joins the CNCF, Brings Kubernetes to OpenStack Cloud 7
The New Stack
50 How Capital One Brings Open Source To The  Banking Industry
How Capital One Brings Open Source To The Banking Industry
The New Stack
51 OSCON Is Coming Back To Portland, A Show Wrapup With Co-Chair Kelsey Hightower
OSCON Is Coming Back To Portland, A Show Wrapup With Co-Chair Kelsey Hightower
The New Stack
52 Dev Or Ops Doesn’t Matter, You Need Observability
Dev Or Ops Doesn’t Matter, You Need Observability
The New Stack
53 Taking The Next Steps In Developing An Open Source Culture
Taking The Next Steps In Developing An Open Source Culture
The New Stack
54 SXSW 2017: How Capital One Became Technology-First With Open Source
SXSW 2017: How Capital One Became Technology-First With Open Source
The New Stack
55 Apcera   Old Apps Spanning New Clouds
Apcera Old Apps Spanning New Clouds
The New Stack
56 Provenance: The Peace of Mind Chef Habitat Seeks to Deliver
Provenance: The Peace of Mind Chef Habitat Seeks to Deliver
The New Stack
57 InSpec: Human Readable, Automated Compliance
InSpec: Human Readable, Automated Compliance
The New Stack
58 The Evolution of SAP HANA Express
The Evolution of SAP HANA Express
The New Stack
59 Women Engineers Who Inspire And Never Give Up
Women Engineers Who Inspire And Never Give Up
The New Stack
60 Three Perspectives on the Evolution of Container Security
Three Perspectives on the Evolution of Container Security
The New Stack

The video teaches viewers about the importance of cloud security and provides best practices for protecting cloud environments, including the use of infrastructure as code, shifting left, and cloud security posture management. It also discusses the challenges and opportunities of cloud security and features insights from Elia Zaitsev, Global CTO of CrowdStrike. By watching this video, viewers can learn how to secure their cloud environments and protect against cloud-focused attacks.

Key Takeaways
  1. Write code and design infrastructure using infrastructure as code techniques
  2. Use a cloud provider's security features to address misconfigurations
  3. Use a cloud security platform to address misconfigurations
  4. Use a DevSecOps approach to address misconfigurations
  5. Assess and audit before physical or virtual hardware creation
  6. Scan and monitor settings when creating the environment
  7. Instrument and monitor the system in real-time
💡 Cloud security is equally or more important in the cloud world due to its ephemeral nature, and runtime environment and runtime observability matter in cloud security.

Related Reads

📰
#12 The First Time I Opened a Door to the Outside Internet
Learn how to securely expose internal tools to the outside internet by understanding the risks and benefits of opening up your network
Dev.to AI
📰
Crypto Market Faces Compromised Code Integrity Threat Amidst Emerging Opportunities
The crypto market faces threats to code integrity amidst new opportunities, learn how to identify and mitigate these risks
Dev.to AI
📰
From Knowing Nothing About Programming to Becoming a Cybersecurity Intern
Learn how to transition from no programming knowledge to becoming a cybersecurity intern by following a structured approach to learning and practicing programming skills
Medium · Cybersecurity
📰
Symmetric or asymmetric encryption on Security+? The answer is almost always both
Learn when to use symmetric and asymmetric encryption for Security+ certification
Dev.to · TiltedLunar123
Up next
What happens if Q-Day arrives before crypto is ready?
AllinCrypto
Watch →