Detective Controls in K8s Environments – Wrangling Security Data Out Of Your Clusters
As Kubernetes (K8s) usage becomes more common, Cloud Security teams are often tasked with securing K8s usage within their organization. K8s Clusters contain a variety of different logs and data sources. Feeding these data sources with appropriate detective controls can give Security teams deep insight into the activity of their clusters, and help identify both malicious activity and risky configurations. In this talk, we will explore: The different types of logs and data available within K8s environments What you should care about (and why) from a security perspective The differences between self-managed and CSP managed-K8s offerings, and how each affects detection Engineering aspects of plumbing these logs to a SIEM or Data Lake How to get started on generating your own detection cases, including real- world attack scenarios! Throughout the presentation, we will layer our guidance alongside input from industry frameworks like MITRE ATT&CK for Containers and real world experience.
SANS CloudSecNext Summit 2023
Detective Controls in K8s Environments – Wrangling Security Data Out Of Your Clusters
Speaker: Dakota Riley, Principal Security Engineer, Aquia, Inc.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Detective Controls in K8s Environments – Wrangling Security Data Out Of Your Clusters канала SANS Cloud Security
SANS CloudSecNext Summit 2023
Detective Controls in K8s Environments – Wrangling Security Data Out Of Your Clusters
Speaker: Dakota Riley, Principal Security Engineer, Aquia, Inc.
View upcoming Summits: http://www.sans.org/u/DuS
Видео Detective Controls in K8s Environments – Wrangling Security Data Out Of Your Clusters канала SANS Cloud Security
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Static Analysis of Infrastructure as Code | SANS Cloud Security Summit 2020](https://i.ytimg.com/vi/b3Wy01XXPlQ/default.jpg)
![Zero to Hero in Managing Enterprise Cloud Security](https://i.ytimg.com/vi/Xfq0sTW7cp8/default.jpg)
![Exfiltration Paths in Isolated Environments using VPC Endpoints](https://i.ytimg.com/vi/mFK-GksgopI/default.jpg)
![Self-Healing Infrastructure, GitOps, and Terrascan](https://i.ytimg.com/vi/TC2pROlU6kY/default.jpg)
![Hands-On Workshop: Avoiding Data Disasters: Techniques to Identify & Address Cloud Storage Misconfig](https://i.ytimg.com/vi/qaNIfw4opQQ/default.jpg)
![Why is Cloud Security an Opportune Field? - Frank Kim](https://i.ytimg.com/vi/l-RZ22gFzjM/default.jpg)
![Securing Lift and Shift Cloud Migrations](https://i.ytimg.com/vi/yrq6qd6LKfQ/default.jpg)
![Cloud Security Automation: From Infrastructure to App | SANS Cloud Security Summit 2019](https://i.ytimg.com/vi/aAGsFzqb3pQ/default.jpg)
![Implementing an Effective Multi-Account Strategy on AWS](https://i.ytimg.com/vi/AK0yYIn34Ks/default.jpg)
![Why You Need Automation to Achieve Compliance in the Cloud](https://i.ytimg.com/vi/Zec0zCYFlZE/default.jpg)
![Non-People Identities: The New Battleground in Cloud Security](https://i.ytimg.com/vi/Kpo_a0LtoWo/default.jpg)
![Lessons Learned from Illumina's SecDevOps Transition SANS Secure DevOps Summit 2018](https://i.ytimg.com/vi/gDEtpOZ1qhs/default.jpg)
![SANS CloudSecNext 2022 Annual Summit - FREE!](https://i.ytimg.com/vi/pwPeWdb19xM/default.jpg)
![Begin Using SSH in AWS](https://i.ytimg.com/vi/V2_qLudp9M8/default.jpg)
![Management View of How Cloud Security Services Help Your Organization Leapfrog on Security](https://i.ytimg.com/vi/o-gAWqnszKI/default.jpg)
![2022 CloudSecNext Jon Zeolla](https://i.ytimg.com/vi/jwqR_gtjSOc/default.jpg)
![Bernard Brantley: Cutting Edge Cloud Thinking and Team Building | Season 2, Episode 2](https://i.ytimg.com/vi/vdrARW7nXs0/default.jpg)
![Cloud Wars: Episode II - Attack of the Packets](https://i.ytimg.com/vi/g6RpTQbPiH0/default.jpg)
![GitHub Actions: Protecting Your CI from Attackers](https://i.ytimg.com/vi/UrODXOiqH0k/default.jpg)
![PowerShell: Part 2: Audit and Compliance Data Acquisition with PowerShell](https://i.ytimg.com/vi/RoSl1_6fAc8/default.jpg)
![Head in the Clouds Ep 18: Benchmarking AWS Flow Logs](https://i.ytimg.com/vi/AmN-1LKPhP0/default.jpg)