How to Prioritize Fixing Your Cloud Security

Logo
Presented by

Dr. Saumitra Das, CTO and Cofounder, Blue Hexagon

About this talk

A variety of threats affect your cloud security ranging from misconfigurations, network exploitation, brute-forcing, container malware, and account takeover to stolen credentials. These threats can affect your entire cloud estate - across multiple clouds, multiple regions, and multiple accounts with each having its own specific attack surface and active attack patterns. SecOps and DevOps teams are inundated with alerts on misconfigurations, CVEs, and active threats and it is a real challenge to prioritize what are the 10 next most critical things to do. In this talk, we will discuss potential strategies to prioritize which security findings need to be resolved and which can be snoozed for a later time. An ideal burn-down chart to resolve any cloud security alerts should provide optimal additional risk reduction, for every ticket created for an issue to be resolved. We will also discuss how coupling runtime monitoring and configuration checking intelligently can help you fix your cloud security in the right order.

Related topics:

More from this channel

Upcoming talks (17)
On-demand talks (829)
Subscribers (53090)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa