AWS re:Invent 2022
Prepare for the Unexpected with Code to Cloud Security Prt240

Title

AWS re:Invent 2022 - Prepare for the unexpected with code-to-cloud security (PRT240)

Summary

  • Ankur, SVP of Products for Prisma Cloud at Palo Alto Networks, and Sam Rubin, VP at Unit 42, discuss cloud security and the collaboration between DevOps and security.
  • They emphasize the importance of "secure by design" and the role of security in helping shift left to ensure secure code pipelines, infrastructure, and applications.
  • Sam highlights the increase in cloud-related incidents and the cloud as the new cyber battlefield, with misconfigurations, overprivileged accounts, and lost credentials being the main issues.
  • Ankur demonstrates Prisma Cloud's capabilities in identifying and fixing security issues in code repositories, infrastructure as code, and production environments.
  • Prisma Cloud offers a platform approach to security from code to cloud, reducing the need for multiple point products and providing continuous visibility and prevention-first mindset.
  • The platform supports a wide range of AWS services and workload protection for hosts, VMs, containers, and serverless functions.
  • Ankur showcases the platform's ability to detect and remediate issues in real-time, including secrets in code, misconfigurations, and runtime threats.

Insights

  • The cloud's expanded attack surface due to mass migration and remote work has led to an increase in security incidents, making cloud security a critical concern.
  • Misconfigurations, overprivileged accounts, and credential loss are the most common causes of security incidents, indicating a need for better configuration management and access control.
  • The shift-left approach in security is gaining traction, with the goal of embedding security early in the development lifecycle to prevent issues from reaching production.
  • Prisma Cloud's integration with development tools like GitHub allows for seamless security checks and fixes within the development workflow, promoting developer adoption of security practices.
  • The platform's comprehensive coverage of AWS services and workload types, along with its ability to scale, positions it as a leading solution for organizations seeking to secure their cloud environments.
  • The demonstration of Prisma Cloud's capabilities in a live environment underscores the importance of real-time security monitoring and the ability to quickly respond to and remediate threats.
Practical Experience with a Serverless First Strategy at Capital One Svs311Preserving and Maximizing the Value of Digital Media Assets Using S3 Stg215