In the first part of the workshop you will learn about what are the must know constructs of Container Security (SELinux, Seccomp, Cgroup and Namespace). A container is a runtime process executed within a namespace which is resource managed by cgroups and various other LSMs and security features to ensure complete process isolation during runtime.
In the second part of the workshop you will learn more about eBPF (Extended Berkeley Packet Filter a new kernel technology) and how can Security Observability be achieved with open sourced eBPF-based projects, like Tetragon and it will allows to secure Cloud Native workloads very efficiently.
Join us for an eBPF-based Security Observability and Runtime Enforcement deep dive with a following demo section:
– Inspect system, application, and network behavior via the amazing Tetragon CLI
– Automated detection of I/O & Sensive File Access, Namespace, Capabilities with real-time enforcement
In the last part of the workshop (equally important) you will learn about “Is Cloud (AWS) Secure for mission critical and sensitive data?”
An effective strategy for securing sensitive data in the cloud requires a good understanding of general data security patterns and a clear mapping of these patterns to cloud security controls. As organisations manage growing volumes of data, identifying and protecting their sensitive data at scale can become increasingly complex, expensive, and time-consuming. You will learn how you can leverage AWS Services and avoid these security risks and secure your data.
🗣️ Join the DevSecOps Community on our Discord channel to discuss this talk with other security-focused practitioners!