Name: Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster
Start: 2019-09-17T17:00:00Z
End: 2019-09-17T17:48:30.000Z
Location: BrightTALK
Rating: 0

Listen to industry experts discuss the latest trends and disruptions in microservices, container and cloud security and how to deploy Zero Trust in the cloud.

Enabling an effective cloud migration strategy requires rethinking static, perimeter-centric data center security for a dynamic and scalable solution that includes protection for every end point in the cloud. A Zero Trust security model is particularly effective for cloud-based applications because it calls for enterprises to leverage microsegmentation and granular perimeter enforcement based on users, their locations and other data to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise. However, most organizations typically have a hybrid environment with applications on-prem as well as in the cloud making a Zero Trust implementation challenging. What is needed is a new identity-based approach to cloud security that enables a Zero Trust posture for any infrastructure, and any workload at scale. 

Aporeto provides comprehensive cloud network security through microsegmentation and secure access to applications and infrastructure using identity rather than IP addresses for a Zero Trust security solution. In this 60 minute webinar Trace3 and Aporeto will discuss the Zero Trust security framework components and what to consider to enable a successful cloud security strategy.

In this webinar you will learn how:
Aporeto’s SaaS-based platform allows you to build and enforce distributed policies enabling authentication, authorization and encryption regardless of infrastructure

Policies remain portable and persistent across workloads including containers, Kubernetes, serverless, service mesh and VMs

 Aporeto provides complete visualization and centralized management of application security across hybrid environments from a single tool

Key Considerations for a Successful Zero Trust Security Strategy

Alec Chattaway, Director Cloud Infrastructure Operation at Informatica will share how he and his team leverage Aporeto’s Cloud Privileged Access Management (PAM) solution to eliminate the need for SSH keys. With Aporeto, every user gets a unique, ephemeral, time-bound SSH certificate based on his/her identity. This approach enables Informatica to enforce just-in-time administrative access to cloud infrastructure, with dramatically simplified operations. 
 
In this webinar you will learn about: 
* Informatica's journey to building a robust cloud security posture to meet stringent compliance requirements all while accelerating consumption of cloud infrastructure to meet their business needs
* The security challenges that Alec and his team faced in managing administrative access to their cloud infrastructure and the approach his team embarked on to remediate these challenges
* How Aporeto's turn-key Cloud PAM solution enabled Informatica to enforce just-in-time administrative access to cloud infrastructure so they could focus on more impactful business activities

Informatica Accelerates a CloudTrust Security Model with Aporeto Cloud PAM

Migrating workloads to the cloud can be a daunting task for many enterprise organizations. This is especially challenging when trying to combine an on-prem static environment that relies on IP addresses for security with the dynamic nature of the cloud, where IP addresses are ephemeral by design and any unsecured endpoint can leave your business exposed. Have you been thinking, if only there was an easier way to make security uniform across my entire cloud/hybrid environment, is backward compatible, future built, easily scales, infrastructure agnostic and provides end-to-end visibility all within a single tool? The answer is YES! The solution is Identity! 

Aporeto uses rich identity (not IP addresses) to eliminate the constraints from traditional Firewalls, VPNs, Cloud Security Groups, SDNs, and virtual appliances. Aporeto fingerprints servers, services, and workloads to generate actual application identity. Application identity enables stronger security because it only allows sanctioned whitelist communications. Security policies remain portable and persistent. Aporeto enables distributed workload protection with centralized visibility and control. 

In this webinar you will learn:
•How Aporeto uses identity context, vulnerability data, threat monitoring and behavior analysis to build and enforce authentication, authorization and encryption policies for applications. 
•How Aporeto auto-generates a unique workload “fingerprint” by combining workload metadata from any available system and user identity data from OIDC-compliant providers. 
•How Aporeto allows you to microsegment and secures your network across heterogeneous infrastructures that include: containers, Kubernetes, serverless, service mesh, and VM architectures for a Zero Trust security posture.

Presenter: 
Mark Jimenez, Technical Marketing Engineer, Aporeto

Identity is a Game Changing Model for Cloud Security - So What is it?

As more organizations migrate to the cloud, many are confronted with the challenge of securing workload environments both on-prem and in the cloud. The increasing use of cloud-native technologies like containers, Kubernetes, service mesh and serverless add more complexity to effectively providing security for these very different environments. These shortcomings are emphasized with a traditional network security model that relies on IP addresses and lacks scalability and protection against advanced threats. What is needed is a new, identity-based approach to cloud security.

The Aporeto platform abstracts security away from the IP infrastructure to address application segmentation requirements and improves application risk posture. Aporeto’s identity-based segmentation approach transcends the security constraints of on-prem infrastructure while securing all cloud services, by effectively implementing a Zero Trust security posture across any infrastructure at any scale. Aporeto provides the ultimate segmentation for modern applications based on cryptographic workload identity rather than IP addresses. Security policies remain persistent no matter where the application resides in your cloud or hybrid environment.

In this webinar we will demo Aporeto’s cloud security services:

Distributed Firewall: Protect any application across all hybrid and cloud environments

Cloud PAM: Turn-key privileged access management to your cloud infrastructure

Identity-Aware Proxy: Enable secure, VPN-less access to any web application

Unleash the Power of Identity-based Cloud Security with Aporeto

How to Accelerate Business Agility with Zero Trust Security Posture

Kubernetes-orchestrated microservices and containers is a boon for business agility. By enabling a more agile and distributed software architecture, Kubernetes allows businesses to release new features and capabilities faster than ever before. Red Hat OpenShift is the enterprise choice for a supported Kubernetes release. 

Distributed software architectures require a new approach to security. Aporeto secures all workloads on any infrastructure with identity-based access control, making it the enterprise choice for visualizing and protecting Kubernetes-orchestrated applications on hybrid infrastructures. 

Together, Red Hat OpenShift and Aporeto Identity-Powered Cloud Security enable organizations to achieve greater agility while implementing a Zero Trust security posture.

Join this webinar to learn:
- Security benefits of using Aporeto in Red Hat OpenShift
- Benefits of adding open ID connect (OIDC) to any web service with Aporeto
- Understanding the future of Red Hat OpenShift 4

Speakers:
Jason Dobies, Red Hat
Jason has 18+ years of experience as a software engineer,12 of those being his time at Red Hat. He is currently working as a Principal Technical Marketing Manager on the Cloud Platforms team where he provides direction and technical advice for applications integrating with OpenShift. Prior to that, Jason's experience includes being a core contributor on multiple OpenStack projects and leading the Red Hat Satellite content management project.

Marcus Hesse, Aporeto
Marcus is an Open Source and Security Enthusiast, and a DevOps Engineer with 15 years of experience. Before joining Aporeto as a Principal Engineer, and driving forward the Kubernetes and Layer 7 development and integration efforts, he worked in FinTech, helping to modernize application deployments. As a previous Aporeto customer, he knows Aporeto can be paramount to achieve security and compliance in Kubernetes environments.

Enterprise-Grade Security for Containerized Applications with Red Hat & Aporeto

The objective is to accelerate customers' migration to AWS. If we simplify and strengthen application security, we are half-way there.  

Aporeto's identity-powered cloud security protects workloads based on their identity independent of the underlying infrastructure. This makes Aporeto's security portable: Once customers secure their workloads on-premise, they may migrate all or part of their workloads to AWS and still preserve the same zero trust posture.  

Goodbye complex security setups. Hello easier migration to AWS. Join us on this webinar to learn more.

Aporeto Unplugged: Sales Workshop

Jason Schmitt is CEO at Aporeto, a firm focused on new approaches to securing applications in the cloud. In this video from RSA 2019, Jason speaks with Charlene O’Hanlon about the security pitfalls around moving applications to the cloud, and why network infrastructure’s own baked-in security isn’t enough.

For Cloud Apps, Network Security Isn’t Enough

Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it. 

Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

Topics up for discussion:
- Making information security relatable
- Building security programs 
- Defining your cybersecurity strategy
- Translating your cybersecurity strategy into a risk management plan
- Operationalizing your cybersecurity strategy
- Using the maturity capability model for measuring success

Moderator:
Michelle Drolet, CEO, Towerwall
Panelists:
Amy McLaughlin, Director of Information Services, Oregon State University
Ariful Huq, Director of Product Management, Aporeto

Live Webcam Panel: Operationalizing Cybersecurity

Today’s IT infrastructures are vast, complex, and consequently fragile. The problem is that while developers need the sophisticated functionality modern IT provides, the fragility poses a significant roadblock—particularly when security and infra requirements enter the picture. In this video, Amir Sharif discusses how Aporeto addresses the security aspects of this problem by bringing unified identity-powered security to complex hybrid infrastructures.

Identity-Powered Cloud Security

The security architecture we have adopted in Aporeto worked. The Aporeto enforcers were preventing any attack against CVE-2018-1002105 before it was even announced. In this video we will illustrate how a separation of concerns architecture that isolates security functions while placing them close to applications can maximize security defenses, even when the application protected follow the most strict security guidelines.

Aporeto: How We Prevented the Kubernetes API-Server Vulnerability

Watch how Aporeto visualizes and protects VMware Cloud PKS environments.

Aporeto - VMware Cloud PKS Demo

Most organizations are moving existing applications to public cloud environments or building new applications that are designed for the cloud from the beginning. When this shift to the cloud occurs there are a number of security assumptions in the legacy, datacenter-centric security approach that tend to fail. In this webinar learn more about:  

-Why the concept of  network segmentation as a security counter measure is not translating successfully to cloud environments. 
-The pitfalls of relying on security groups and 3rd party firewall appliances for segmentation in public clouds
-Introduction of zero trust security model coupled with workload identity as a new control point for security applications in the cloud

Cloud Security Gaps

Secure applications on Red Hat OpenShift Container Platform in the multi-cloud with Aporeto. Workload isolation, API access control, host threat detection, container image vulnerability management, secrets & certificates management, and visualization, all based on your application identity.

Red Hat OpenShift Multicloud Application Security with Aporeto

The adoption of cloud-managed services such as managed databases and machine learning gives developers the freedom to innovate in the application business logic. Coupling microservices with adoption of cloud infrastructure and cloud managed offerings is a recipe for high-velocity application development. But what does this transformation mean for security teams?

Watch this webinar to learn:

-How to secure heterogeneous cloud environments.
-How to follow Zero Trust principles of authentication and authorization for all transactions.
-What are the main components of security in the microservices stack?

Best Practices for Securing Microservices

The adoption of cloud and containers requires new and more dynamic methods of securing applications. These methods need to address the complexity associated with applications that can span multiple clouds, hybrid infrastructure and private deployments. Instead of relying on traditional networking constructs, cloud-native security needs to enable security teams to centrally manage security policies and enforce them in a distributed fashion.

In this webinar, we will discuss how to enable faster cloud adoption with less security friction. We will also address the following topics:

– Customer case studies for addressing PCI & SWIFT requirements in the cloud

– Gaining visibility into applications data flow before moving to, and after deploying in, the cloud

– Adopting the Zero Trust security model that requires authentication and authorization for all communication

Cloud Security for Financial Institutions

Zero Trust security for microservices, containers and cloud works through the transparent generation of strong application identity. This identity is used for authenticating and authorizing application component interaction with themselves, user interfaces, and external services. In this webinar we will discuss how enterprises can adopt microservices and the cloud while leveraging their existing, brownfield infrastructure without compromising security.

Why Cloud Security Requires a Strong Application Identity

Hear from Aporeto’s CEO, Jason Schmitt, on our products, solutions and key use cases.

Aporeto Overview: Zero Trust Security for Microservices, Containers and Cloud

With Kubernetes network security policies only operating within the context of a single cluster; multi-cluster and multi-cloud deployments become challenging to manage. Cloud-native applications are often deployed across multiple regions and sometimes across multiple clouds for high-availability/resiliency which inevitably translates to a deployment across multiple clusters. Kubernetes network policies boil down to IP-based ingress and egress rules for access control outside the cluster in which IP-based rules do not work well with dynamic microservices. What is needed is a new approach that eliminates the need for IP-based Kubernetes network security policies.

Aporeto uses a workload identity based-approach to cloud security, not IP addresses, to authenticate and authorize policies distributed across a Kubernetes cluster. Aporeto automates the most complex security requirements for operating workloads in Kubernetes, including network access control, API security, security conﬁguration automation, policy distribution and enforcement across hybrid and multi-cluster environments all from a single platform. 

In this webinar we will demonstrate how:
* Aporeto assigns a cryptographic signed and attested service identity to every Kubernetes pod
* The use of a service identity tied to a Kubernetes pod allows all policies to be enforced independent of infrastructure - cross regions, cross clouds and cross data centers
* You can route your traffic as needed by your network team, independent of security concerns - north/south or east/west due to Aporeto use of service identity to protect your workloads
* Aporeto strengthens security against bad actors and malicious threats to prevent a security breach

Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster

Kubernetes

Security

SecOps

multi-cluster

multi-cloud

Cloud-native

API Management

Network Access Control

Workload Automation

api security

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster

Presented by

About this talk

More from this channel