Name: Container and Kubernetes Security Best Practices: Forensics & Incident Response
Start: 2022-05-26T17:00:00Z
End: 2022-05-26T18:03:27.000Z
Location: BrightTALK
Rating: 0

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

As organizations in the market continue to shift to cloud environments, it is suggested that if you aren’t already cloud-first at this point you are already behind your competitors… and there is a significant portion of organizations who are taking on a hybrid approach, employing both public cloud providers and on-premise private data infrastructure. In this webinar, we will look at the benefits, challenges and best practices of secure hybrid cloud adoption, its components. We will walk through the 3 pillars that are key to securing your hybrid environment: people, processes, and tools.

3 Key Pillars to Securing Your Hybrid Environment

Cloud adoption has left security teams struggling to balance enabling the business with securing it. This blurred line comes into sharp relief when applying the controls required to comply with security standards. Should a team prioritize compensating controls - to overcome shortcomings in existing controls - or mitigating controls - to reduce the likelihood of an exposure altogether?  Join veteran CISO Emily Heath and Cyera's VP of Product and GTM Strategy Ari Weil as they discuss this, and the case for automation and machine learning to enable modern security teams to gain control over their data in the cloud era.

Cloud Data Controls - From Compensation to Mitigation

The evolving cyber threat landscape has security teams scrambling to respond to an onslaught of attacks from all angles. Between sophisticated phishing kits, to vulnerabilities across the global supply chain, and the sheer volume of emerging attack vectors, the CISO’s job now includes much more than just securing an organization’s internal network. Enter external cyber defense. By combining the most comprehensive digital risk protection (DRP) solution with cutting-edge supply chain defense, you can extend visibility outside your perimeter to identify, validate, and shut down cyber threats as they emerge in the darkest corners of the internet and across your vendor ecosystem.

Join this webinar to learn how a packaged DRP and SCD solution can help your security team:
● Advance from a reactive to proactive security posture to thwart attacks at the source
● Identify and remediate risks across the entire third-party vendor and partner ecosystem
● Scale threat response regardless of organization size and improve patch time for identified vulnerabilities

External Cyber Defense for When Your Attack Surface is Everywhere

Infrastructure as code (IaC) is the key to embedding cloud security earlier in the development lifecycle. In practice, adopting and implementing an IaC security program is a complex and iterative process – especially for large organizations. Your IaC security program path will depend on your current tooling and workflows, security and compliance requirements, and resources. And your IaC security rollout strategy should be deliberate, iterative, and measurable.

If you’re ready to get started with IaC security but aren’t sure where to start or if you’re in the process of adopting IaC security and need a strategy customized to meet your needs, this webinar is for you.

Join us as we walk you through how to roll out and operationalize an IaC security program based on your end goals and scale. You’ll also get best practices and milestones for each phase of your program rollout so you can optimize your IaC security program for efficiency and help your organization adopt a secure-by-default culture.

Secure-by-default: Scaling your IaC Security Program

By 2024, 75% of the global population will have its personal data covered under privacy regulations”', according to Gartner. 

Data security, governance and privacy are becoming increasingly complex for organizations operating in the cloud. Teams across security, privacy, data governance, and DevOps are struggling to implement programs that properly address these increasingly complex requirements and dynamic environments, with data sprawl as one of the biggest areas of risk.

Join Laminar and CDG to learn how to tackle the problem of keeping up with data security, privacy and governance by using the right people, processes, and technology.  During this webinar we’ll discuss who in the organization should be responsible for data security, what processes should be put into place to ensure you are doing what is required, and what tools can be used to help solve this complex problem.

What you’ll learn
• The most important areas to focus on for data security, governance, and privacy that meets compliance objectives
• Tools you should employ to automate data security and privacy as much as possible
• Tips on how data security teams should interact cross-functionally with Governance, Privacy, and DevOps
• Strategies for data mapping and data protection

How to Automate Security, Governance & Privacy for Cloud Data Innovation

The world’s data is under attack and cybercrime continues to be a persistent threat impacting every organization. No company, government, or industry is immune. In this fireside chat, Rubrik’s Steve Stone and John Murphy will share newly released research and insights from "The State of Data Security" by Rubrik Zero Labs. Based on conversations with 1,600+ global CISOs, CIOs, and VPs of IT and Security Operations, the findings explore what’s happening in cybersecurity and the human effects from cyberthreats. These insights will help you navigate the dynamic threat landscape and gain key learnings on how to prepare for and recover from a cyberattack to secure your business.

A Fireside Chat: The Human Effects of Cybercrime

Cloud Service Providers (CSPs) are often the first line of defense regarding new technology. CSPs support various financial services companies, including banks, insurance firms, asset managers, and investment funds. The role of a CSP is to provide the tools and infrastructure required to support these organizations' operations, whether it be a data center, disaster recovery site or any other IT requirements.

Our panel of CSP representatives will discuss how cloud providers support the financial services industry and what the industry needs from the cloud, and how using STAR as due diligence facilitates implementing good security posture for high-risk sectors.

This is an excellent opportunity for anyone who works in the financial services industry or wants to learn more about what it means for their business moving forward!

CSP Perspective Working with Financial Services

Cloud development has enabled amazing innovations and allowed our companies to move faster. It’s also completely broken the old methods for prioritizing risk remediations. 

With an infrastructure that changes day-to-day, minute-to-minute, a cloud’s perimeter is hard to define. Checking for open network access and CVEs doesn’t keep attackers out of your cloud. 

The number of software vulnerabilities present at any point in the cloud, particularly with open source-driven development, far outnumber what was typical in the data center world. And the explosion of identities - representing both real users and machine identities - has opened up the attack surface for credential abuse a hundred-fold. These massive changes in scale make it overwhelming to try and to answer the question, “what should I fix next?”

The sheer scale and ephemeral nature of cloud demands a new approach to risk prioritization. Beyond securing a perimeter, combinations of overlapping risks create a hidden blast radius that includes sensitive data. An attacker may enter the cloud via a vulnerability on a sandbox environment, but through subsequent indirect access abuse, be able to move laterally and access PII. The only way to stop this? Knowing where your sensitive data is, and how anyone or anything can access it - even if access requires a combination of workload, identity, and network-based risks.

We’ve brought together cloud security leaders responsible for securing many of the Fortune 100 enterprise clouds to discuss how to rebuild remediation prioritization, and how blast radius intel is critical to spending your team’s remediation efforts wisely. 

During this session, our panel of cloud security leaders will share:

• Ideas for building in the cloud fast and securely
• How to overcome the cloud complexity challenge
• What alignment between dev, security, and ops can do for your company
• Avoiding the common pitfalls around prioritization

Prioritizing Risk Among the Chaos of Cloud Development

Crawl, Walk, Run: Operationalizing IaC Security

Ransomware continues to have a significant impact on enterprises, and shows no signs of abating. Zero Trust security promises to improve organizations’ resilience and effectiveness. So what happens when these two trends intersect? Join us as we examine how a Zero Trust approach helps organizations prevent, detect, respond to, and mitigate Ransomware attacks. Attendees will gain an understanding of common security and networking weaknesses commonly exploited by ransomware, and how specific Zero Trust approaches will help.

Using Zero Trust to Mitigate Ransomware Threats

Software supply chains are the backbone of our digital connections. Unsecured software supply chains are becoming one of the biggest opportunities for hackers to strategically compromise mass amounts of victims with one entry point.    

How can you ensure and prove the code your organization develops does not contain vulnerabilities from open-source or third-party dependencies? That your development tools and practices are also secure and aren’t creating gaps for hackers to exploit? Most importantly, that the software you set out to develop, is not going to cause a customer to become compromised…   

In this talk we will answer these questions and look at the best frameworks and guidelines that can prevent software supply chain attacks and improve security posture.

Confidence in Software Supply Chains with Continuous Security

With a US economic recession looming, tech layoffs hitting the news, and security incidents continuing to climb at record rates, it’s a tough time to be a CISO. But experienced security leaders have dealt with economic pressures before, and in this discussion will share their insights into how new CISOs and security leaders should prepare to ‘recession-proof’ their security strategy for 2023 and beyond. Specifically, we’ll cover:

• Security trends from past recessions 
• How 2022 is different from past recessions
• What CISOs and security leaders can do to prepare
• Where to consolidate and where to invest for the best possible security outcomes 
• How to adjust your security strategy if you face resource constraints

Panel: CISO’s Guide to Security Strategy During a Recession

Moving to the cloud changes how we think about security, but we still want the most sophisticated detection and response systems money can buy. What’s the right formula for the best coverage against new threats?

In this session, we will:
-Learn about the nuances of machine learning in security
-Identify security use cases where ML shines or falls short
-Show how cryptojacking can be mitigated with carefully tailored ML

The Right Time and Place for Machine Learning Pixie Dust

Billions of financial transactions are routed digitally all over the world each day, requiring many third-party service providers to protect not only the confidentiality and integrity of the information but also be able to clearly demonstrate to their cloud customers adherence to regulatory expectations.

This session will explore the Top 5 risks for third-party cloud services and recommend risk-management best practices for successfully protecting financial data.

Best Practices for Effective Third-Party Management

The ever-changing nature of today's threat landscape, and the hyper-connected environments that today's businesses operate in, require that companies take a continuous approach to security that encapsulates their own environments as well as those belonging to the third parties they rely on to run their businesses. Moreover, continued migration to the cloud has created a need for a framework that accounts for requirements and controls necessary for running a business in a cloud first environment. Join CSA and SSC as we discuss the importance of continuously monitoring first and third parties, and how businesses can leverage CCM to guide and benchmark their security practices.

Continuously Monitoring First and Third Parties against the CCM Framework

Data security is arguably among the top concerns for anyone who uses cloud-based services – this is especially true for governments who are responsible for protecting nation-wide security. Prior to the creation of Federal Risk and Authorization Management Program (FedRAMP), cloud service providers had to conduct evaluations for each individual agency, often resulting in redundant and inconsistent efforts from both ends. Now, with FedRAMP, the U.S. government has established a standardized baseline of security assessment criteria for cloud services. This “authorize once, use many” approach ultimately helps to ensure government data is consistently secured in the cloud. 

 

At Adobe, we strongly believe that FedRAMP is an instrumental program in gaining customer trust for federal organizations and customers. To further support our ongoing compliance efforts, Adobe has also developed an open-source foundational framework of security processes and controls known as the Common Controls Framework (CCF). In this webcast, I will cover Adobe’s experience and continued success with FedRAMP, including how we’ve leveraged our CCF and the benefits we’ve uncovered. I will also share tips and best practices on how you can kickstart your organization’s own FedRAMP journey and how you can ensure all requirements are met.

Adobe CCF & FedRAMP Moderate: Building a Secure Compliant Environment

SaaS solutions have enabled healthcare organizations to better share EHRs (electronic health records) and similar PHI with patients, clinicians, and business partners involved in providing exceptional care. 

But is your organization using SaaS securely? Data breaches, misconfigurations, and 3rd party app integrations can potentially expose sensitive data across a healthcare organization’s SaaS ecosystem to the public and threat actors. On top of these risks, abiding by compliance considerations for PHI stored and accessed in the cloud adds additional configuration, permissions management, and audit complexity to SaaS within healthcare settings. 

Join healthcare SaaS security experts Mark Butler and Joshua Smith, along with AppOmni’s Michelle Jones as moderator, for an in-depth look at healthcare, SaaS security, and PHI. This panel discussion will cover topics such as:
• Controlling SaaS environments that store or touch PHI or EHRs
• Maintaining appropriate access roles that limit visibility to sensitive data 
• Considerations for data sharing and 3rd party integrations, such as Salesforce backend portals
• Policies and user education for phishing scams, ransomware, and other breach threats
• Regulatory requirements, increased audit diligence and compliance concerns across healthcare

Is PHI Secure in SaaS Applications — And Their  Ecosystems?

Conducting forensics and incident response for containers and Kubernetes helps you better understand security breaches, meet compliance requirements and recover quickly. On average, containers live less than 5 minutes, so having a cloud-native incident response plan is critical.

In this webinar we’ll cover:

• Detecting threats using security frameworks like MITRE ATT&CK
• Best practices to streamline your incident response workflow in container and Kubernetes environments
• A live demo of conducting threat investigation using open source Sysdig Inspect

Container and Kubernetes Security Best Practices: Forensics & Incident Response

Cloud Native

Incident Response

Kubernetes

Forensics

Containerization

Container Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Container and Kubernetes Security Best Practices: Forensics & Incident Response

Presented by

About this talk

More from this channel