4–7 Nov 2019

Defenders Guide to Cloud Native Infrastructure Security

Madhu Akula (Appsecco)
9:0012:30 Tuesday, 5 November 2019
Location: Hall A4

Who is this presentation for?

DevOps/SysAdmin/Security Teams and Anyone interested in Cloud Native Infrastructure Security

Level

Intermediate

Description

Developer and Operation teams (DevOps) have moved towards cloud, containers, kubernetes, serverless and cloud native infrastructure. Security teams are still catching up with understanding these technologies and applying their knowledge of security expertise. As we work with modern technologies to build our organizations infrastructure, we prefer to make the application available in production as soon and as many times as possible. In this workshop, we will get started with setting up real-world cloud native infrastructure using containers, serverless, service mesh with automated deployments and each phase will contain built-in security with help opensource tools and cloud services.

We will perform security at multiple layers like Infrastructure Security, Supply chain Security and Run time Security with real-world scenarios. At the end of the workshop we will verify the security of the cloud native infrastructure by performing automated security scan with the help of CIS Benchmarks. The outcome of this workshop can be directly applied in their organizations and daily operations to apply practical security skills in the modern era.

Some of the interesting real-world scenarios we will be covering during the training includes:

  1. Secure infrastructure setup using ingress controller, OAuth2 proxy and cert-manager
  2. Near real-time security defense of micro services and APIs using Istio (Service Mesh)
  3. Runtime container security monitoring using Sysdig Faclo to detect and defend against security attacks

Note: We will be deploying mostly in Goolge Cloud Platform (GCP), but all the scenarios and concepts will be applied in different cloud providers and on-premise environments.

Participants will get

  1. Step by Step ebooks covering the entire training in multiple formats (html, pdf, epub, mobi)
  2. All the custom code, snippets, scripts and playbooks
  3. Complete solutions for the scenarios, so participants can apply when they required
  4. Automation code for setting up cloud native infrastructure using Terraform, Packer, Helm Charts, etc
  5. 30-days private slack channel access for questions, discussions and more learning :)

Prerequisite knowledge

* Familiarity with Linux basics and CLI * Basic system administration and networking concepts * Some cloud, containers and modern technologies knowledge would be advantage

Materials or downloads needed in advance

* Laptop with web browser and wireless connectivity * Students MUST sign up for Google Cloud Platform(GCP) before training begins

What you'll learn

1. The outcome of this training can be directly applied in their organizations and daily operations to apply practical security skills 2. Step by step ebooks for applying what they learnt using Terraform, Packer, Helm Charts, etc 3. Hands-On experience with real-world scenarios to build modern cloud native infrastructure with continuous security
Photo of Madhu Akula

Madhu Akula

Appsecco

Madhu Akula is a security ninja, published author and Security Automation Engineer at Appsecco. He is passionate about DevOps and security and is an active member of the international Security and DevOps communities. His research has identified vulnerabilities in over 200 companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress and Adobe, etc. He is co-author of Security Automation with Ansible2(ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Madhu frequently speaks and runs technical sessions at security events and conferences around the world including; DEF CON 24 and 26, Blackhat USA 2018 and 2019, USENIX LISA 2018, Appsec EU 2018, All Day DevOps 2016, 2017 & 2018, DevSecCon London, Singapore and Boston 2016, 2017 & 2018, DevOpsDays India, c0c0n 2017, 2018, Serverless Summit, null and multiple others. He is also active member of CNCF community speaker’s bureau.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)

    Contact us

    confreg@oreilly.com

    For conference registration information and customer service

    partners@oreilly.com

    For more information on community discounts and trade opportunities with O’Reilly conferences

    velocity@oreilly.com

    For information on exhibiting or sponsoring a conference

    Contact list

    View a complete list of Velocity Conference contacts