Defender's guide to cloud native infrastructure security
Who is this presentation for?DevOps/SysAdmin/Security Teams and Anyone interested in Cloud Native Infrastructure Security
Developer and Operation teams (DevOps) have moved towards cloud, containers, kubernetes, serverless and cloud native infrastructure. Security teams are still catching up with understanding these technologies and applying their knowledge of security expertise. As we work with modern technologies to build our organizations infrastructure, we prefer to make the application available in production as soon and as many times as possible. In this workshop, we will get started with setting up real-world cloud native infrastructure using containers, serverless, service mesh with automated deployments and each phase will contain built-in security with help opensource tools and cloud services.
We will perform security at multiple layers like Infrastructure Security, Supply chain Security and Run time Security with real-world scenarios. At the end of the workshop we will verify the security of the cloud native infrastructure by performing automated security scan with the help of CIS Benchmarks. The outcome of this workshop can be directly applied in their organizations and daily operations to apply practical security skills in the modern era.
Some of the interesting real-world scenarios we will be covering during the training includes:
- Secure infrastructure setup using ingress controller, OAuth2 proxy and cert-manager
- Near real-time security defense of micro services and APIs using Istio (Service Mesh)
- Runtime container security monitoring using Sysdig Faclo to detect and defend against security attacks
Note: We will be deploying mostly in Goolge Cloud Platform (GCP), but all the scenarios and concepts will be applied in different cloud providers and on-premise environments.
Participants will get
- Step by Step ebooks covering the entire training in multiple formats (html, pdf, epub, mobi)
- All the custom code, snippets, scripts and playbooks
- Complete solutions for the scenarios, so participants can apply when they required
- Automation code for setting up cloud native infrastructure using Terraform, Packer, Helm Charts, etc
- 30-days private slack channel access for questions, discussions and more learning :)
Prerequisite knowledge* Familiarity with Linux basics and CLI * Basic system administration and networking concepts * Some cloud, containers and modern technologies knowledge would be advantage
Materials or downloads needed in advance
What you'll learn
Madhu Akula is a security ninja, published author and Security Automation Engineer at Appsecco. He is passionate about DevOps and security and is an active member of the international Security and DevOps communities. His research has identified vulnerabilities in over 200 companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress and Adobe, etc. He is co-author of Security Automation with Ansible2(ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Madhu frequently speaks and runs technical sessions at security events and conferences around the world including; DEF CON 24 and 26, Blackhat USA 2018 and 2019, USENIX LISA 2018, Appsec EU 2018, All Day DevOps 2016, 2017 & 2018, DevSecCon London, Singapore and Boston 2016, 2017 & 2018, DevOpsDays India, c0c0n 2017, 2018, Serverless Summit, null and multiple others. He is also active member of CNCF community speaker’s bureau.
Leave a Comment or Question
Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?
Join the conversation here (requires login)
Premier Diamond Sponsor
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
For media/analyst press inquires