AWS re:Invent 2022
Securing the Aws Environments of Arkose Labs Using Sysdig Prt258

Title

AWS re:Invent 2022 - Securing the AWS environments of Arkose Labs using Sysdig (PRT258)

Summary

  • Loris De Gianni, CTO and founder of Sysdig, and Glenn Arismith, VP of IT and Security Engineering at Arkose Labs, discuss Arkose Labs' journey in implementing security for their AWS cloud-native infrastructure.
  • Arkose Labs is a bot mitigation and detection company that provides both a product and a managed service to monitor and mitigate bot attacks.
  • The company started in Brisbane and has grown to over 250 employees across eight countries.
  • Initially, security was everyone's responsibility at Arkose Labs, leading to the bystander effect and scattered security efforts.
  • As the company grew, they created a dedicated IT security team, utilized AWS tools like CloudTrail and Security Hub, and eventually adopted Sysdig for more effective security management.
  • Sysdig helped Arkose Labs with reporting, prioritization, and handling alerts, and provided tools like Risk Spotlight to identify fixable vulnerabilities.
  • The company emphasizes the importance of shift-left security, integrating security checks early in the development process to catch issues before they reach production.
  • Arkose Labs has an engineering security champions group to facilitate collaboration and knowledge sharing between the security team and engineers.
  • The session highlights the evolution of security practices at Arkose Labs and the role of Sysdig in enhancing their security posture.

Insights

  • Arkose Labs' experience underscores the importance of having a dedicated security team to manage security effectively, especially as a company scales.
  • The use of AWS native tools like CloudTrail and Security Hub is common for initial security efforts, but third-party tools like Sysdig can offer more advanced features and better integration.
  • The concept of "security is everyone's responsibility" can lead to the bystander effect, where no one takes ownership of security issues. This can be mitigated by establishing clear roles and responsibilities.
  • Shift-left security is crucial for modern development practices, allowing teams to address security issues early in the development lifecycle and avoid costly rollbacks.
  • The use of security champions within engineering teams can help bridge the gap between security and development, fostering a culture of security awareness and collaboration.
  • Tools like Sysdig's Risk Spotlight can help prioritize vulnerabilities by identifying which ones are actively being used and which are fixable, allowing teams to focus on the most critical issues.
  • Reporting and progress tracking are essential for maintaining a strong security posture and demonstrating improvements to stakeholders, both internally and externally.
Securing Kubernetes How to Address Kubernetes Attack Vectors Con318Security Alchemy How Aws Uses Math to Prove Security Sec310