Security Is Still an Afterthought in the Cloud-Native World


Manage episode 278621704 series 2596419
著作 TFIR: Open Source & Emerging Technologies and TFiR Media LLC の情報はPlayer FM及びコミュニティによって発見されました。著作権は出版社によって所持されます。そして、番組のオーディオは、その出版社のサーバから直接にストリーミングされます。Player FMで購読ボタンをタップし、更新できて、または他のポッドキャストアプリにフィードのURLを貼り付けます。
As much as we want to think that companies are prioritizing security in the cloud-native world, that is not the case. According to Karsten Samaschke, CEO of Cloudical, “Companies plan for security when pretty much everything is deployed, but that’s too late in the cloud and cloud-native environments.” Misconfigurations and bugs are primary causes of security, but Samaschke believes not having the right processes in place also exposes companies to attackers. Security is as much a people/culture problem as it is a technology problem. Developers often have this mindset of looking at Ops and Security folks as their enemies. DevSecOps is trying to address that, but there is still a long way to go. Samaschke also highlighted the complexity of modern cloud-native architecture that contributes to security issues. This has been an eye-opening discussion and I hope you enjoy it as much as I did.

106 つのエピソード