With self-service access, richer service capabilities, and API-based configurations, public cloud infrastructure and Kubernetes-based environments are making DevOps teams more flexible and agile.
However, the decentralized and ephemeral nature of cloud-native workloads also creates heightened risk of security vulnerabilities and compliance gaps due to misconfigurations. Research has shown that misconfiguration due to human error is one of the most common causes of data breaches for organizations operating in the cloud. As more critical workloads move to cloud-native environments, mitigating this risk will only become more important.
The biggest challenges for organizations involve enabling DevOps teams to identify and remediate these risks without inhibiting productivity. Security processes are often designed to notify DevOps teams about all vulnerabilities in the environment, but can tend to inundate these teams with false positives or irrelevant alerts that lack the context needed to take action. Any processes that slow these teams down are likely to be ignored.
Managing this risk requires striking a balance between visibility, governance, and productivity. On Tuesday, September 8, the Cloud Security Alliance is hosting a virtual fireside-style chat on Mitigating Misconfiguration Risk Across Public Cloud & Kubernetes Infrastructure. Patrick Loring, Cloud Security Strategist for CloudHealth by VMware, and Shemer Schwarz, Sr. Director of Product Management for VMware Carbon Black, will join the Cloud Security Alliance to discuss best practices that have helped organizations scale cloud-native security and compliance processes effectively.
Join this discussion to learn:
- How to identify and remediate misconfigurations in your public cloud and Kubernetes-based infrastructure
- What goes into an effective governance program to mitigate this risk without inhibiting the agility benefits of cloud-native workloads
- Best practices for effective security posture at every stage of your cloud journey