Datadog on the Lifecycle of Threats and Vulnerabilities скачать в хорошем качестве

Datadog on the Lifecycle of Threats and Vulnerabilities

The security industry is full of complex terminology like threat, vulnerability, and mitigations. Definitions matter as we design processes that scale. At Datadog, the Security Research functions are focused on detection and response to specific types of threats and vulnerabilities. Workload vulnerabilities, cloud control plane vulnerabilities, and even cloud service provider vulnerabilities. Each security finding based on specific risk indicators needs to be addressed differently at Datadog and in our communications to the broader community. In this session Andrew Krug, Head of Security Advocacy will chat with Nick Frichette, Senior Cloud Security Researcher, and Adam Stevko Senior Security Engineer in the Cloud Security team. We’ll cover how we apply the hacker’s mindset to discovering potential threats, what we mean when we say vulnerability vs threat, and how each is handled in our internal Cloud Security team. In this episode you’ll get a peak at how Datadog scales our incident handling process for the most impactful vulnerabilities and threats. You’ll leave with a firm understanding as well of steps you can take to apply a similar process in your engineering organization to respond to the next security headline. 0:00 - Datadog On The Lifecycle of Threats and Vulnerabilities 0:59 - Welcome to the episode 1:30 - Introductions 2:22 - Definitions of Threats and Vulnerabilities 4:30 - Deep Dive on Threats 11:21 - Deep Dive on Cloud Misconfigurations 17:46 - A Case study on a vulnerability in AWS AppSync 28:02 - Example mitigations for AWS AppSync Vulnerability 28:26 - Address Cloud Misconfigurations at Scale 32:07 - Misconfiguration Remediation Process 35:18 - Remediation process Dashboards 35:38 - Cloud Asset Inventory 37:13 - Detection of Misconfigurations 39:00 - Open Source Tools used in Detection 42:49 - Prevention Strategies 43:55 - Experiments at Datadog in prevention 45:41 - How Datadog used Cloud Custodian for auto-remediation 46:40 - Summary 48:30 - Resources and Helpful Links from the Episode 48:51 - Q&A