What's the expectation of how their laptops are configured, and how can you ensure that your developers' machines are securely configured before they access critical resources. Your application developers work with your company's most valuable intellectual property and have access to your most sensitive systems. Osquery also plays an important role in helping the SEI team to develop controls for those threats.Įw, don't touch me with that laptop! Using osquery to implement zero-trust controls The SEI team uses osquery at scale to assess what threats they have faced in the past, are facing, and are likely to face in the future. This session will explain how SEI quantified the value of its security operations thanks to osquery-powered visibility. Security Operations teams ought to be able to do the same through threat modeling and appropriate controls. Threat actors quantify the time and expense required to attack your organization. Steve Shedlock - SEIC - Incident Response Team Lead Using Endpoint Telemetry to Quantify Your Security Operations Risk Hopefully when I’m done you will agree that visibility is key and you’ll be able to see if osquery can help you improve as well no matter what your current posture might be. Let's talk about visibility in our environment and how osquery has helped the Comcast security team solve some key issues in recent months by enhancing that visibility. We’ll wrap up with some examples of the breadth of different challenges that we’ve been able to solve using Osquery and how we’re thinking about it in the future.Īndrew Mease - Comcast - Sr. We’ll discuss some of the trade-offs we made in this minimal design and how those choices have aged over time (spoilers: some came back to bite us!). This will include how we re-used existing Netflix systems to avoid standing up new infrastructure, tuned our query packs, and provided parity between monitoring EC2 and containers. In this talk, we’ll explain how we deployed Osquery while minimizing the burden of operating it on a large scale. Since 2019, we’ve used Osquery to help us understand our large environment, respond to security incidents, and unlock cost savings. This complex deployment spans thousands of microservice and data processing applications running on a mix of EC2 instances and containers running on the Titus platform. Netflix operates one of the largest AWS deployments in the world to power our streaming service, studio, and other business operations. Nabil Schear - Netflix - Staff Security Engineer Monitoring Millions of Workloads in AWS on the Cheap: How Netflix uses Osquery
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |