Securing DevOps : Security in the Cloud

Teleport

Jun 28, 2021

Key Topics

For startups, it's important to start with the smallest attack

surface possible for a startup, to focus on their product and leave
complex infrastructure security and cloud security problems for later
on.

The need to start segmenting permissions when there are too many people in a team is a natural, and getting into the cloud services and cloud security business knowing that rearchitecting regularly will be needed is healthy.

One of the most critical issues we observe in cloud environments today is leaking credentials that give attackers access to identities or accounts in the cloud; such access can be misused to break into services or abuse resources.

Log management is absolutely critical for security teams of course, but also for anyone else involved with building and running services in the cloud.

When trying to identify top threats, talk to organization leadership. Often the top threats are already known to the executives.

Engineers typically want to build security into their systems or their services. They often don't necessarily have the support to do so because that security requirement is not well-documented or explained.

### Pickup the Book: Securing DevOps
Get 35% off with when using `podaccctrl21`.

https://www.manning.com/books/securing-devops

http://mng.bz/y9ed