Speaker: Yinon Costica
- Identity and access management
- Threat protection
- Information protection
- Cloud security
Exposure -> Access -> Lateral Movements -> Actions
How Your Teams and Users Work With The Cloud
- Users use SaaS (sanctioned), apps you build.
- Developers code apps you build, deploy to IaaS/PaaS (sanctioned).
- DevOps operate apps you build and IaaS/PaaS (sanctioned).
Plus there is un-sanctioned SaaS/IaaS/PaaS
Where Do Problems Occur?
- Misconfigured resources
- Infrastructure vulnerabilities
- Open network ports
- Secret leakage in code
- App vulnerabilities
- Open source vulnerabilities
Protect the Infrastructure
Not just VMs. Visibility and protection across all resources and cloud with Azure Security Center.
- Visibility with Secure Score
- Avoid misconfigurations with control plane recommendations
- Patch infrastructure vulnerabilities
- Close open endpoints using AI powered attack surface reduction controls
Driving Secure Score Through the Organization
AF: I don’t use Secure Score because too many recommendations are wrong and Secure Score changes without infrastructure changes, so a hammer is swung without mistakes.
ASC uses Azure Policy to run an assessment. Driving secure score using governance.
More workloads added to ASC
Didn’t have a chance to note them, but I saw AKS and Key Vault in there.
- Protecting the IaaS hosts
- Protecting the containers
DevOps Good Practices
- Good hygiene
- Turn on threat protection
- Reduce your attack surface
- Integrate alerts into your SIEM.
- Identify root cause
Shipping Secure Applications
- Build secure applications – security is in the pipeline
- Protect every layer of the application
- Use guidance – best practices, Secure DevOps toolkit.
Securing Your Codebase with GitHub
Understand and secure your software supply chain – very important with opensource. See dependency insights and dependabot. Get automated security alerts and version patches.
Protect the Usage
Average app uses 1,000 apps.
Cloud App Security. I lost interest here – sorry!