Explore cloud security in the DevOps era through this BSidesSF 2016 conference talk. Discover the evolving landscape of cloud security, including new paradigms and attack vectors. Learn about innovative approaches like security as code, continuous scanning, and automated defense. Gain insights into rugged DevOps practices, dynamic firewall changes, and compliance management over time. Understand how to refresh your security stack and implement cloud monitoring techniques to stay ahead of threats in the rapidly changing cloud environment.
Overview
Syllabus
Intro
Welcome
Cloud Security
What is Cloud
DevOps
Security
The two worlds
The new paradigm
The new vectors
Wheres the security innovation
How to freshen the stack
How scary is that
Security as code
Amazon JSON structure
Security roles
Ruggedization
Refresh the Approach
Continuous Scanning
Identity Change
Cloud Monitoring Tech
Dynamic Firewall Changes
Heartbleed
Manual audits
Compliance over time
Automated defense
Rich Mullins
