Name: Unlocking Business Potential with Cloud-Native Application Modernization
Start: 2023-04-25T19:00:00Z
End: 2023-04-25T19:00:30.000Z
Location: BrightTALK
Rating: 4.3

Panoptica, Cisco’s Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets. Powered by graph-based technology, Panoptica’s Attack Path Engine prioritizes and offers dynamic remediation for vulnerable attack vectors helping security teams quickly identify and remediate potential risks across cloud infrastructures. 

Generative AI has already entered workflows across business departments. But how should you be using GenAI for cloud security to achieve optimal efficiency and value? 
 
Join us in this fireside chat, featuring Papi Menon, VP and Chief Product Officer, Outshift by Cisco and Melinda Marks, Practice Director, Application & Cloud Security, Enterprise Strategy Group, as they discuss: 

• The role of generative AI technology in bolstering cloud security
• GenAI’s ability to autonomously identify and address emerging threats in real-time
• How to enhance overall defense mechanisms in cloud security with generative AI technology

Leveraging GenAI for Cloud Security

As we kick off 2024, join David Terrar, CEO of Cloud Industry Forum and guests for episode 47 of Digital Transformation in Action, where they share trends and predictions for the cloud landscape in the coming year.

Driving Cloud Change in 2024: Trends to Know

The difficulties of securing data in cloud-native applications are many, for example:
• There exists a proliferation of data islands, complicating the creation of a unified cloud security view;
• As microservices are created, evolved, and removed, those islands can remain unused—yet still pose a risk to you;
• Propagation and caching of sensitive data between microservices can result in compliance blindness.

That’s not to mention the variety of data storage formats with which IT pros must contend and protect (such as file, object, block, and SQL). Let’s hit the reset button, shall we?

Join us in this Fireside Chat at the Data Security Risks and Challenges BrightTALK Summit to discover 5 principles—based on the basics—with which you can improve cloud-native app security and to see how CNAPP solutions are making a real difference. Tim Miller, Technical Marketing Engineer at Outshift by Cisco joins the discussion with Enterprise Strategy Group analysts.

Securing Your Data in a Cloud-Native Application World

"If there has been a single dominant topic of discussion in 2023, it has to be the rapid rise of generative AI. New developments in the technology have drawn mass attention and it seems like everyone is trying to figure out how best to deploy generative AI in their own organizations. This presents a great opportunity to optimize existing machine learning efforts and automate operations even further – but it also opens the door to dangerous gaps in governance. Without the right protocols, companies can become vulnerable to a host of problems, from data loss and increased attack surface area to copyright issues and misinformation. 

The technology is so new that many organizations won’t yet have clear policies in place around the use of generative AI. And while there are licensed, regulated generative AI tools available, many people are currently using the vast array of free apps that have not been scrutinized from a compliance standpoint. How can teams take advantage of these new opportunities created by generative AI, while maintaining their standards of security and governance? How can teams protect themselves from the risks of shadow IT and create clear governance policies?

Tune into this latest episode of CISO Insights to hear Dan Lohrmann, Earl Duby and guest experts discuss how to govern data and balance the dual threat and opportunity of generative AI.

Threat & Opportunity: Governing Data in the Age of Generative AI

Although multi cloud architecture empowers organizations with a flexible and resilient approach to cloud computing, there are various intricacies and challenges when it comes to multi cloud security. From managing the complexity of different clouds, to cloud skill gaps your organization desperately needs to fill, managing a multi cloud environment is difficult if you don’t have the right tools in place.

Join us in this webinar to explore the dynamic landscape of multi cloud security. We'll delve into the essence of safeguarding data, applications, and infrastructure distributed across your diverse cloud environments. You’ll also learn about:

•. How a multi cloud security solution can act as a central orchestrator for your business, offering comprehensive protection against cyber threats
•. The benefits of consistent security controls, centralized visibility, integrated security tools, and efficient incident response
•  Why strategic prioritization of attack paths and efficient remediation are vital for proactive vulnerability management across diverse cloud environments

Mastering Multi Cloud Security: Strategies and Solutions

Join David Terrar, CEO of Cloud Industry Forum and guests for episode 44 of Digital Transformation in Action, as they revisit cloud security - with a particular focus on security spend and risk management.

Revisiting Cloud Security: Managing Spend and Risk

After the success and interest in our first cyber myth busting episode, we’re bringing a second instalment to this topic - answering your hot questions, and diving into common cyber misconceptions.

In this special episode of The (Security) Balancing Act, Diana Kelley and cyber experts will sit down, and deep dive into the common cyber myths.

 What misconceptions drive you crazy? Bring your best myths and join Diana Kelley and guests as we decipher common cyber myths in a bid to clear up the confusion.

Blasting Cyber Myths: Part Two

Cybersecurity is so often focused on securing enterprise infrastructures from external threats – for good reason. Cyber attacks are always evolving alongside security protocols, so organizations must stay vigilant. Yet when so many resources are devoted to protecting operations from the outside, it is easy to leave yourself at risk of another kind of attack: insider threats. In fact, a 2023 study from Cybersecurity Insiders found that 74% of organizations are at least moderately vulnerable to insider threats.

Insider threats require an entirely different security approach, especially as they bring up an entirely new problem: accidental or unintentional threats. Not all internal damage is done maliciously, with many incidences tied more to human error than criminal intent. The Ponemon’s Institute’s “2022 Cost of Insider Threats Global Report” found that over half of insider threats (56%) came from employee or contractor negligence. Creating an internally secure environment for your organization therefore requires a multi-pronged strategy that can protect against both intentional and unintentional attacks.

In this episode of CISO Insights, series hosts Dan Lohrmann and Earl Duby will be joined by security experts to break down what it takes to tackle insider threats.

From Inside the House: Tackling Intentional & Unintentional Insider Threats

As more organizations adopt microservices, containers, Kubernetes, and serverless architectures, the complexity of their IT environments continues to grow, creating an expanded attack surface. Given the dynamic and complex nature of cloud-native environments, how confident are you in your development and security teams' ability to identify and prioritize the most significant security risks and remediate vulnerabilities in a timely manner to reduce the risk of a security breach? 
 
To secure cloud-native applications, organizations use multiple tools from different vendors. However, these tools are often not developer-friendly, creating a fragmented view of risk. This results in an excessive number of alerts that can waste developers' time and delay remediation efforts.
 
Join this fireside chat to learn why you need an end-to-end cloud application security solution in today’s dynamic and complex multi-cloud environment. And why it’s essential to address the most significant risks first, reducing the risk of a breach and saving valuable time and resources when time is of the essence.
 
Key takeaways:
 
• Improve Visibility: Gain real-time insights into security issues across cloud assets to reduce compliance violations and expedite deployment of cloud-native apps.
• Contextualize Risks: Prioritize vulnerabilities that can have the most significant impact on cloud apps.
• Enable Security through Collaboration: Prioritize vulnerabilities through collaboration among teams to develop effective remediation plans.

How to Prioritize Critical Vulnerabilities to Protect Your Cloud Applications

Video: How to Prioritize Critical Vulnerabilities to Protect Cloud Applications

Context is critical as IT professionals are tasked with making sense of vulnerabilities in a cloud-native world. For example, vulnerabilities can happen at any point in the app development cycle (CNAPP), and security pros are staring down the tunnel of information overload with unceasing alerts.

With so much on their plates, how can these pros dial into the security vulnerabilities that are a must-tackle and protect their cloud-native environments?

ESG Senior Analyst Melinda Marks sits down with Papi Menon, VP of Product Management, Emerging Technologies & Incubation at Cisco Panoptica, to discuss this topic and explain:

•        Context is critical: why does vulnerability matter?
•        How Cisco’s Panoptica helps secure your cloud journey
•        Why a trusted partner like Cisco matters in your cloud security

Context is Critical: Making Sense of Vulnerabilities in a Cloud-Native World

Panoptica's dashboard makes it easy for security engineers to figure what risks to deal with by highlighting them based on pods, APIs, and serverless functions, and the miTRE Attack framework. This video gives you a complete overview of the Panoptica dashboard.

How to: Use the Panoptica Dashboard

Panoptica's API Security dashboard presents a prioritized list of the top six security risk findings identified in your cloud environments. This video shows how Panoptica helps you drill down into advanced API risk assessments.

How to: Identify API Risks in Your Cloud-Native Environments

Panoptica gives you visibility into all the functions deployed in your cloud accounts. This video shows you how Panoptica inspects your Serverless runtime environment for risks, vulnerabilities, and leakage of secrets.

How to: Visibility Assessment & Remediation of Risks in Serverless Environments

Panoptica's assessment information comes from its runtime scans and CI?CD pipeline events. This video shows you how Panoptica provides a complete inventory of your cluster and the workloads it is running.

How to: Get a Comprehensive View of K8 Clusters and Running Workloads

Obtaining a comprehensive inventory of your runtime environment in Panoptica starts with onboarding your Kubernetes cluster. This video provides a step-by-step tutorial of how to set up Panoptica for a standard cluster deployment or a more advanced deployment.

How to: Set Up a Cluster in Panoptica

Join Helen Beal, Chief Ambassador at DevOps Institute and guests for episode 35 of Day-to-Day DevOps, where they discuss all things GitOps.

This discussion will explore:

- GitOps as an operations model and how it accelerates software delivery
- GitOps vs DevOps
- The role of GitOps in a DevSecOps world
- How GitOps is evolving secure development, API security and CI/CD pipeline security
- And more

Gaining Insight Into GitOps

What if you could combine the ease and efficiency of Kubernetes architecture with the high performance and low latency of Redis? Our Tech Talk shows you how to do just that. In this session, you learn how Redis Enterprise on Kubernetes delivers benefits like automatic scalability, persistent storage, simplified database endpoint management, zero downtime upgrades, and more.

Getting Started Series: Make Kubernetes Even More Efficient

Kubernetes security is crucial in ensuring the safety and integrity of your organization's data and systems. However, keeping up with the latest security threats and vulnerabilities can be a daunting task. This is where Kubernetes Goat comes in - a "vulnerable by design" Kubernetes Cluster environment that allows you to practice and learn Kubernetes security in a hands-on way.

In this webinar, Pragmatic Security Leader Madhu Akula presents the latest version of Kubernetes Goat and demonstrates how to use it to identify and mitigate vulnerabilities in Kubernetes and containerized environments. He will cover various attack scenarios and real-world vulnerabilities and show how Kubernetes Goat scenarios can be mapped with them. The session will also explore open-source security tools that can be used to write secure code and deploy secure containers in production.

Key Takeaways:
- Gain practical, hands-on experience with Kubernetes security through 25+ offensive and defensive scenarios.
- Learn about the latest security threats and vulnerabilities in containers, Kubernetes, and cloud-native environments.
- Access detailed documentation, labs, and other resources to continue your learning and development in Kubernetes security.
- And more...

Mastering Kubernetes Security with Kubernetes Goat

We're told that a "DevOps culture" involves developers fully embracing operations, and understanding how their applications are deployed and maintained. In the cloud, however, anyone who has looked at the CNCF landscape recently will probably have given themselves a headache! 

The number of technologies available to solve cloud native application deployment problems is as dazzling as the number of problems is terrifying. How can a development team be product-centric and work on improving their applications all the time whilst still keeping a DevOps mindset and maintaining a secure, cost-effective cloud native platform?

The answer is in creating a platform to assist them. But platform engineering as a discipline has been around a long time, and has so far not succeeded in freeing up development teams. Why is this? What needs to change? I'll discuss the concept of product-centric teams and the developer platform, and go through a few major and important points to consider when setting up a platform of your own.

Key takeaways:
- The cloud native landscape is too complex for developer teams to fully understand and also be productive to their business area.
- There must be a platform team to support them.
- The platform team must be agile and must be customer-centric.

Platforms for product-centric teams

In the digital era of business, IT infrastructure and reliability are critical to success. However, with increasingly complex and dynamic environments to grapple with, maintaining IT reliability in enterprises is challenging.  

As the rate of innovation continues to speed up, open-source observability tools are transforming IT operations, creating clarity from chaos, by providing insights into potential issues before they become problems. 

In this session, Atulpriya Sharma (CNCF Ambassador) shares insights and best practices for leveraging open-source observability tools to optimize IT operations in modern enterprises. 

Join this session to:
- Explore the role of observability in driving IT reliability
- Understand the four pillars of observability and explore popular open-source observability tools
- Hear case studies, demonstrating the real-world impact of open-source observability on IT reliability and
- Discover how to leverage community-driven advancements in open-source observability to optimize enterprise IT operations
- And more...

From chaos to clarity: How open source observability transforms IT reliability

The cloud native development ecosystem is expanding at an unprecedented and chaotic pace. With access to increasingly powerful technologies, developers should be well-positioned to drive innovation forward and work more creatively than ever. However, the problems they are attempting to solve have become more complex than ever, creating friction in the innovation process and limiting developers' ability to deliver.

In this session, Suzanne Daniels shares her insights on how organizations can overcome these challenges and improve developer velocity. She will discuss three key solutions that organizations can use to help their developers be more productive and explains how to combine them using an internal developer portal.

Topics for discussion include:
- Why platform engineering is not just "the new DevOps," and why it's essential to improving developer velocity.
- How to improve collaboration between developers and other teams to streamline software development and speed up innovation.
- How a developer portal can help organizations embrace chaos, foster collaboration, and integrate solutions for greater productivity.

Designing an internal portal to supercharge developer velocity

DataStax and Temporal are on a mission to help developers build durable, resilient apps that never fail, no matter how fast they scale or how demanding the business. But building reliable apps can be complex, creating obstacles and delays for developers working under intense pressure. 

Temporal and DataStax are delivering a new programming model for developers: cloud-native, invincible apps, without the burden of complexity, helping you focus on what you do best: building great software, fast.  Join us and hear:

- Temporal’s durable execution paradigm provides extreme reliability, and makes it trivial or unnecessary to implement distributed systems patterns like event-driven architecture, task queues, sagas, circuit breakers, and transactional outboxes.
- DataStax’s Astra platform provides the tools to build out real-time systems.
- Temporal and DataStax together provide a robust platform on which to build scalable, fault-tolerant applications.

We’ll also explore why Temporal chose Cassandra as the highly-reliable, scalable database for their own platform. And how this combination can deliver invincible apps for your business as well.

Building Invincible Applications with Temporal & Astra DB

As organizations continue to evolve and innovate, the need for agile integration solutions becomes increasingly important. In this webinar, Digibee’s CTO and Co-founder, Peter Kreslins, and Head of Market Strategy, Matt Durham, will share insights on modern integration architecture and its role in driving organizational agility.
Attendees will learn about the five key principles of modern integration architecture: decentralization, empowerment and enablement, low code, ecosystem-driven, and continuous activity. The session will also cover the importance of democratizing technology and empowering citizen developers while maintaining governance and guardrails.

To wrap up the conversation, Digibee leadership will delve into how an integration platform as a service (iPaaS) can help organizations achieve modern integration architecture and improve their agility.

Modern integration architecture: A new approach to unlock organizational agility

In today's fast-paced business environment, cloud computing has become a critical component for many organizations. As companies embrace the cloud, it's important to understand the various cloud architecture frameworks available and choose the one that best fits your business needs. Using the right cloud architecture framework can help you achieve greater scalability, reliability, security, and cost-effectiveness. 

The public cloud offers so many services and features that it can be overwhelming to navigate. From microservices and event-driven architecture to serverless, containers, and modern compute, choosing the best tools for your needs is by no means easy. 

In this session, join Marius Zaharia (Cloud Solutions Architect & Principal Engineer at Societe Generale) to get insights into the Modern Architecture and explore the factors you should consider when deciding what cloud architecture framework is best for your business needs.  

Topics for discussion include: 

- The fundamentals of Modern Architecture and how it can help you make sense of the modern cloud landscape. 
- How to evaluate and choose the best approach for your needs, from microservices to serverless to containers and beyond. 
- Best practices for designing and implementing cloud architecture.

Navigating modern cloud architectures in 2023

Cloud-Native Modernization

The Global Cloud-native Application Protection Platform (CNAPP) Market size is expected to reach $21.2 billion by 2028, rising at a market growth of 18.6% CAGR. Adopting cloud-native architectures can significantly reduce IT costs, improve operational efficiency, and increase development speed and agility—although, they also introduce security risks, such as vulnerabilities in containers, microservices, and APIs. 

Implementing the proper security measures in this context requires a cloud-native security approach, in which solutions are purpose-built for cloud environments and can leverage automation and machine learning to detect and respond to security threats in real-time. 

Watch this exclusive Fireside Chat with experts from Cisco and BrightTALK to discover the key to unlocking cloud-native application modernization in today’s sprawling environments, alongside a discussion on how to formulate a cloud-native app security protection plan.

Unlocking Business Potential with Cloud-Native Application Modernization

Cloud Applications

Cloud Architecture

Cloud Infrastructure

Cloud Native

cloud native security

Cloud Security

Application Modernization

Application Vulnerabilities

Application Security

Application Development

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Unlocking Business Potential with Cloud-Native Application Modernization

Presented by

About this talk

Cisco – Panoptica