Why Collecting the Right Metadata is Crucial for Scaling a Security Program

Presented by

Gurneet Kaur, Engineer, Cloud OpSec Team

About this talk

At Adobe, security is a critical priority for us and we believe in defense-in-depth, which begins with monitoring — from collecting event logs and configuration data made available by public cloud providers to logs from EDR systems and vulnerability scanning pipelines. These logs are centrally collected and analyzed by the Adobe security organization using SIEM tools in order to proactively identify potential vulnerabilities or misconfigurations and generate action items (in the form of conveniently trackable tickets) for product teams. But to do this effectively, it is important to identify who owns a particular set of resources. In an organization with thousands of services and developers, this is not a simple task. Unassigned or misassigned tickets can delay resolution of security issues that could increase exposure to malicious attacks. So how do we bridge this gap between visibility (using monitoring tools to detect potential risks at the infrastructure layer) and accountability (assigning and remediating these issues in a timely manner)? Join Gurneet Kaur from the Adobe Operational Security (OpSec) team as she talks about this project, lessons learned, and offers best practice suggestions on how you can implement a similar program to help better scale your own security program for cloud operations.
Related topics:

More from this channel

Upcoming talks (6)
On-demand talks (902)
Subscribers (66023)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa