Container security, DevOps, Cloud Security

ESW #162

November 21, 2019

 

 

Jorge Salamero is the Director of Product Marketing at Sysdig. Jorge joins us on the show to talk about Kubernetes, Project Falco, vulnerability pre-deployment, and containers.

To learn more about Sysdig, visit: https://securityweekly.com/sysdig

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Kubernetes and Project Falco

  • What are the challenges of implementing security in Kubernetes environments?
  • What are the approaches you have seen out there?
  • Scan for vulnerabilities pre-deployment (CI/CD)
  • Continuously check compliance and audit changes across the stack
  • Block runtime threats and attacks
  • Respond to incidents and conduct forensics on Kubernetes
  • Use cases when monitoring and security come together
  • Can you tell me a bit more about the open source project Falco?

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Jorge Salamero

Jorge Salamero – Director of Product Marketing

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

 

 

Reuven Harrison is the Chief Technology Officer at Tufin. Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor’s degree in Mathematics and Philosophy from Tel Aviv University.

To learn more about Tufin, visit: https://securityweekly.com/tufin

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Cloud, Containers, and Microservices

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Reuven Harrison

Reuven Harrison – Chief Technology Officer

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

In the enterprise news, discussing how Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production, StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management, and some acquisition and funding updates from CyberCube, 1Password, Docker, WhiteSource, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Kubernetes, CyberCube, and Illusive

  1. Illusive Networks Extends Cyber Protection to OT and IoT Attack Surfaces – “Adversaries are increasing their focus on non-traditional IT attack surfaces, and concerns raised by evaporating perimeter security in the areas of IoT and OT are impacting transformation efforts,” said Ofer Israeli, CEO and founder of Illusive Networks. Really? I’d like to see the research to back up this claim please.
  2. Vista Acquires a Majority Interest in Sonatype: A Great Day for our Customers, Partners and Community
  3. iTWire – Check Point Software says Cymplify acquisition brings new IoT cyber security technology – According to Check Point the proliferation of Internet-of-things (IoT) devices in consumer, enterprise, industrial and healthcare organisations, and their inherent security weaknesses, have created a security blind spot where cybercriminals launch 5th and 6th generation of cyber attacks to breach devices (IP camera surveillance), manipulate their operation (medical device infiltration) or even take over critical infrastructure (manufacturing plant) to generate “colossal damage”.
  4. StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management
  5. After selling enterprise biz, Docker lands $35M investment and new CEO TechCrunch
  6. WhiteSource acquires automated dependency update solution Renovate
  7. Cyber Risk Analytics Firm CyberCube Raises $35 Million
  8. New infosec products of the week: November 15, 2019 – Hive Fabric enables users to deploy virtual desktops, virtual servers, and software-defined storage in a single install, eliminating the need for a multi-vendor and multi-contract approach. The latest software release brings increased security and integrations, furthering operational-focused capabilities and removing overhead associated with the day-to-day support of virtualization.
  9. Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production
  10. 1Password Raises $200 Million in Series A Funding
  11. NeuVector releases Security Policy as Code capability for Kubernetes – The release – built into the NeuVector platform – enables DevOps teams to automate container security by using Kubernetes Custom Resource Definitions (CRDs) to define and manage application security policies throughout application development and production.

Hosts

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
prestitial ad