Build resilient systems at scale
October 12–14, 2015 • New York, NY

Trust, but verify - a rational approach to workload security

Sam Bisbee (Threat Stack)
4:05pm–4:25pm Monday, 10/12/2015
Location: Rhinelander South
Average rating: ***..
(3.67, 3 ratings)

Prerequisite Knowledge

Any level of experience in security, building technology, or scaling technical organizations. Familiarity with infrastructure-as-code and cloud deployments will be helpful, but not necessary.


Workload and code have become the nucleus of all deployments regardless of whether they are in the cloud or not. Traditional security monitoring like Network IDS does not translate to these workload-centric modern architectures, especially as the rate of change in the environment increases with automated continuous deployment and infrastructure-as-code.

Meanwhile, the Security and DevOps communities find it difficult to collaborate, instead of empowering. Yet their roles increasingly overlap as they share the responsibility of security and compliance. This is increasingly frustrating to organizations — it appears that they cannot have both, which is unacceptable to them as security and technology platforms become more frequent boardroom topics.

The problem is that security has been left behind. Too often security has been viewed as a gating checklist instead of a symbiotic component of system-building. As such, the pendulum swung completely to a Trust model without any Verify. For example, while you cannot lock your developers out of production any longer, as they will build a better system if they are forced to run it, that does not mean that developers require unrestricted administrative access to customer data without approval.

It is time to center the pendulum between Trust and Verify, and the most logical place to gain this visibility is the workload. It is ubiquitous across cloud, hybrid cloud, and on-premises deployments, which means it doesn’t matter who owns the infrastructure. The system’s security posture has already been described through configuration management and role-based architectures. Immutable infrastructure, containers, and blue-green deployments make visibility and security easier to implement, not harder.

When done, here are some questions workload visibility can answer for you:

  • Who executed an unauthorized workload from the jump host in production?
  • Who is accessing or modifying private encryption keys?
  • What commands does an operator typically run?
  • Did the application server make an AWS IAM role change, or did a user-invoked process?
Photo of Sam Bisbee

Sam Bisbee

Threat Stack

As the chief technology officer at Threat Stack, Sam Bisbee is responsible for leading the company’s strategic technology road map for its continuous security monitoring service, purpose built for cloud environments. Sam brings highly relevant experience in distributed systems in public, private, and hybrid cloud environments as well as proven success scaling SaaS startups. Sam was most recently the CXO at Cloudant (acquired by IBM in February 2014), a leader in the database-as-a-service space, where he played a senior technical and product role.

Stay Connected

Follow Velocity on Twitter Facebook Group Google+ LinkedIn Group


More Videos »

O’Reilly Media

Tech insight, analysis, and research