Cloud Native Security Operations: From Observability to … – Francesco Beltramini & Abdullah Garcia
Presented at Open Source In Finance Forum 2023 – NYC
Presented by Francesco Beltramini – ControlPlane & Abdullah Garcia – JP Morgan Chase & Co.
Title: Cloud Native Security Operations: From Observability to Response
Abstract: An effective Incident Response Process is critical to any regulated organization that’s serious about security. Handling threats and associated security events is a well-understood operation, with established widely-adopted frameworks such as SANS or NIST Incident Response. The cornerstone of each framework is always the Preparation phase where SecOps teams must ensure the infrastructure they look after is in a defensible position, with sensors and signals correctly deployed and configured in line with the organisation’s threat model. Cloud Native platforms like Kubernetes may become a real challenge to defend due to their complex, fast-paced and dynamic nature, and they require significant efforts from multiple teams to get security observability right. In this talk Abdullah and Francesco will: Recap incident response 101 Present a pioneering Kubernetes-4-SOC Threat Library, which includes Threats, Threat Objects, Attack Vectors Walk the audience through a response to a real-world attack against a regulated organisation and its K8s clusters: threat model, preparation, detection and response.
Find more info about FINOS:
On the web: https://www.finos.org/
Twitter: https://twitter.com/finosfoundation
LinkedIn: https://www.linkedin.com/company/finosfoundation/
OSFF NYC: https://events.linuxfoundation.org/open-source-finance-forum-new-york/
by FINOS
linux foundation
