enhancing-cyber-resilience-through-zero-trust-chaos-experiments-in-cloud-native-environments-chuan-hui-nano-chang-hou-mao-chan-xi-mo-jie-zhang-sayan-mondal-harness-rafik-harabi-sysdig.pdf

《enhancing-cyber-resilience-through-zero-trust-chaos-experiments-in-cloud-native-environments-chuan-hui-nano-chang-hou-mao-chan-xi-mo-jie-zhang-sayan-mondal-harness-rafik-harabi-sysdig.pdf》由会员分享，可在线阅读，更多相关《enhancing-cyber-resilience-through-zero-trust-chaos-experiments-in-cloud-native-environments-chuan-hui-nano-chang-hou-mao-chan-xi-mo-jie-zhang-sayan-mondal-harness-rafik-harabi-sysdig.pdf（42页珍藏版）》请在三个皮匠报告上搜索。

1、Enhancing Cyber Resilience Through Zero Trust Chaos Experiments in Cloud Native Environments Rafik Harabi,Senior Solutions Architect-SysdigSayan Mondal,Senior Software Engineer-HarnessWho we are?Senior Solution Architect at Sysdig,Cloud Security AdvocateFocus on Cloud Native SecurityPreviously worki

2、ng on go to Cloud programmesSenior Software Engineer II at HarnessMaintainer of LitmusChaos(CNCF Incubating)LFX MentorChaos Engineering Practitionerrafikharabirafik8_s_ayanides-ayanideAgendaCloud Native Application and Threat LandscapeChaos Engineering and Cyber ResilienceEnhance Security with Chaos

3、 EngineeringSolutions ArchitectureTooling and ArchitectureHands on demoNext stepsTakeaways Once,there was a perimeterYou had a perimeter guarded by a firewallDetecting intrusions was your breach indicator Now,there is no perimeter in the cloudCloud providers own external connections Cloud is exposed

4、 to the outside worldYou need to control access to services your team usesYou need to detect unusual activity6Cloud Native Application ArchitectureCloud Infrastructure Cloud ProviderManagementLogs&MonitoringMessaging ServiceIdentity and AccessIAMWorkloadInstanceServerlessContainersNetwork/SecurityCl

5、oud LoadBalancerSecurity GroupsAudit logsPlatformsKubernetesContainer as a ServiceDataStorageObject storageDatabaseManaged SQLCloud Application Security Challenges Dynamic attack surface,Threat actors are using your tools today,Distributed systems and microservices enlarge attack surface,Number of c

6、alls generated by distributed systems,Lack of visibility,Cloud delivery vs security process speed.Runtime architecture,CI/CD,DevOps,Environments,SecOps,Configuration Management,Version Management,Testing,Observability,Analytics,SREDevops goes to canary,etcSelf Service and Policy DrivenZero Trust env