O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×

SecDevOps 2.0 - Managing Your Robot Army

Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Carregando em…3
×

Confira estes a seguir

1 de 17 Anúncio

SecDevOps 2.0 - Managing Your Robot Army

Baixar para ler offline

Configuration management builds systems to run the code, Orchestration spins up and manages entire systems, and SDN creates the network architecture. All of these things are programmable, the entire system can be operated by a developer from a terminal. Teams of 5 or 6 people can build and operate really big systems.

Configuration management builds systems to run the code, Orchestration spins up and manages entire systems, and SDN creates the network architecture. All of these things are programmable, the entire system can be operated by a developer from a terminal. Teams of 5 or 6 people can build and operate really big systems.

Anúncio
Anúncio

Mais Conteúdo rRelacionado

Diapositivos para si (20)

Semelhante a SecDevOps 2.0 - Managing Your Robot Army (20)

Anúncio

Mais recentes (20)

SecDevOps 2.0 - Managing Your Robot Army

  1. 1. SecDevOps 2.0 - Managing Your Robot Army (A.K.A Securing your Cattle from Rustlers) Josh Bregman Vice President/Evangelist @kingoauth
  2. 2. Elizabeth Lawler - CEO/Founder Conjur, Inc. Elizabeth Lawler is CEO and Co-founder of Conjur, Inc., a security company which focuses on security for next generation infrastructure. Lawler has over 20 years of experience working in highly regulated and sensitive data environments. Prior to founding Conjur, she was Chief Data Officer of Generation Health and held a leadership position in research at the Department of Veterans Affairs. She has been a programmer herself, and is constantly working to make software development and IT systems easier to manage for people working in regulated industries. Elizabeth’s RSA Presentation “Is DevOps Breaking your Company?” is still available on line
  3. 3. Josh Bregman - “Enterprise Guy”/Evangelist Josh has 20 years experience successfully architecting, evangelizing, and delivering innovative identity management and security products to customers. Prior to joining Conjur , Josh spent a decade as a solutions and pre-sales leader in the Oracle ecosystem. A developer at heart, early in his career Josh worked as a software engineer at IBM, GTE Labs, and Netegrity. He has 2 U.S. patents and received a B.A. in Math from the University of Rochester in 1995. Elizabeth’s RSA Presentation “Is DevOps Breaking your Company?” is still available on line
  4. 4. My Hiring Process at Conjur - Pets vs. Cattle ◁ Conjur is in a “hot” space - just out of stealth ◁ Team dynamic is SUPER important ◁ Project Based Interview “We secure cattle. Put together some go-to market materials”
  5. 5. Securing Cattle from Rustlers – Step 1 ● Maintain Good Records of the Cattle that You Own
  6. 6. Securing Cattle from Rustlers – Step 6 ● Keep an eye out for suspicious activity
  7. 7. Securing Cattle from Rustlers – Step 2 ● Make sure all of your cattle have their tags and/or have been branded with the brand of your farm or ranch
  8. 8. Securing Cattle from Rustlers – Step 4 ● Ensure the proper location of your handling facilities or loading areas meet farm bio- security measures
  9. 9. My Hiring Process at Conjur - Pets vs. Cattle - cont ◁ Got some more guidance from Elizabeth When you treat your servers like Cattle, this introduces a number of security challenges... “...actually Josh, Pets vs. Cattle is a common meme in DevOps”
  10. 10. SecDevOps 1.0: Current State of Evolution ◆ Source Control ◆ Automated Build and Test ◆ Configuration Management ◆ Orchestration ◆ Software-Defined Networking ◆ Monitoring
  11. 11. SecDevOps 1.0 - Challenges ◁ Lack of Visibility ⊃ Compliance Challenges ◁ Wrong Tool for the Job ⊃ Production Only-Workflows ⊃ Human Bottlenecks ⊃ Conflation of Concerns ◁ Configuration Management as DIY Security System
  12. 12. What is SecDevOps 2.0? Security Orchestration System RBAC for people, machines and code | Self Auditing |Fully programmable with fine granularity | Highly available across any cloud, hybrid and global architecture |End to end encryption DevOps Enabled EnterpriseUsers
  13. 13. Process Environment SecDevOps 2.0 - Reference Architecture Security Orchestration System DevOps Toolchain Process Environment .secrets Cauldron Cauldron Driver SCM/CM/CI Host Factory Secrets Storage S D F “Host” - xxx Service to Service Access SSH Access Policy Users
  14. 14. SecDevOps 2.0 - Continuous Secrets Delivery Policy Cauldron/ .secrets Host Factory High Availability Tools ● 5 step process based on years of delivering secrets management solutions to highly regulated industries ● Skipping steps will result in issues down the road and cause disruption and delay ● DIY projects that start with tools and then try to work backward are extremely difficult
  15. 15. SECRETS SOURCE (Vault, Keywhiz, AWS IAM…) SUMMON PROCESS ENVIRONMENT DOCKER CONTAINE R Summon uses a pluggable secrets provider to load secrets into the environment of an application, service or container. Introducing Summon
  16. 16. Get Involved in Cauldron ● Summon is coming soon ○ Sign up to be notified when it’s ready! ○ If you’re doing DIY or even using another open source project, you can build a driver - spread the word! ● Try to adopt the Continuous Secrets Delivery approach ○ If you think it’s no good, let’s hash it out - join the discussion #cauldron ● Get Connected ○ Follow us on Twitter and LinkedIn
  17. 17. @ConjurInc www.conjur.net Thank you!

×