Continuously Delivering Security in the Cloud – Casey West
- This is a talk about operation excellence
- Why are system attacked? Because they exist
- Resisting Change to Mitigate Risk – It’s a trap!
- You have a choice
- Going fast with unbounded risk
- Going slow to mitigate risk
- Advanced Persistent Threat (ATP) – The breach that lasts for months
- Successful attacks have
- Time
- Leaked or misused creditials
- Miconfigured or unpatched software
- Changing very little slowly helps all three of the above
- A moving target is harder to hit
- Cloud-native operability lets platforms move faster
- Composable architecture (serverless, microservices)
- Automated Processes (CD)
- Collaborative Culture (DevOps)
- Production Environment (Structured Platform)
- The 3 Rs
- Rotate
- Rotate credentials every few minutes or hours
- Credentials will leak, Humans are weak
- “If a human being generates a password for you then you should reject it”
- Computers should generate it, every few hours
- Repave
- Repave every server and application every few minutes/hours
- Implies you have things like LBs that can handle servers adding and leaving
- Container lifecycle
- Built
- Deploy
- Run
- Stop
- Note: No “change “step
- A Server that doesn’t exist isn’t being cromprimised
- Regularly blow away running containers
- Repave ≠ Patch
- uptime <= 3600
- Repair
- Repair vulnerable runtime environments every few minutes or hours
- What stuff will need repair?
- Applications
- Runtime Environments (eg rails)
- Servers
- Operating Systems
- The Future of security is build pipelines
- Try to put in credential rotation and upsteam imports into your builds
- Rotate
- Embracing Change to Mitigate Risk
- Less of a Trap (in the cloud)
