using cloud native technologies to solve complex
play

Using Cloud Native Technologies to Solve Complex Application - PowerPoint PPT Presentation

Jan 25, 2024 •133 likes •304 views

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments Cequence Security: A Cloud Native Approach to Application Security Venture-backed start-up bringing much-needed innovation to

  1. Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments

  2. Cequence Security: A Cloud Native Approach to Application Security • Venture-backed start-up bringing much-needed innovation to application security • Award-winning AI-powered security platform delivered as containers to CLOUD NATIVE protect web, mobile, API-based applications from bot attacks and vulnerability exploits • Built on top of cloud native components like Kubernetes and Prometheus • Plays well with existing ingress controllers and Sidecars like Envoy and NGINX, without needing to replace them PUBLIC CLOUD • Visit us at www.cequence.ai DATA CENTER 2

  3. Your Public Facing Applications Are Attack Targets Partner API Supplier API Web Customer Mobile Customer Business Logic Abuse Vulnerability Exploits Highly automated Highly targeted • • Content appears legitimate Exploiting app vulnerabilities • • Difficult to detect and block Both known and unknown • • 3

  4. Runtime Application Protection for Monolithic Applications Vulnerability Frontend Scan Breach Business Data Internet WAF Logic Access Load Balancer MONOLTHIC APPLICATIONS DATA CENTER PUBLIC CLOUD 4

  5. Runtime Application Protection for Monolithic Applications Scraping Inventory Lockup Fake Likes Vulnerability Fake Accounts Frontend Scan Credential Breach Stuffing Business Data Internet BOT WAF Logic Access Load Balancer MONOLTHIC APPLICATIONS DATA CENTER PUBLIC CLOUD 5

  6. Runtime Application Protection for Monolithic Applications Scraping Inventory Lockup Fake Likes Vulnerability Fake Accounts Frontend Scan Application Credential Breach Floods Stuffing Business Data Internet App DDOS BOT WAF Logic Access Load Balancer MONOLTHIC APPLICATIONS DATA CENTER PUBLIC CLOUD 6

  7. Monolith to Microservices User User Interface Interface Business Data </> </> API API Logic Access USER MANAGEMENT INVENTORY MGMT MICROSERVICE MICROSERVICE </> API </> </> API API MONOLTHIC DATA ACCESS CUSTOMER REVIEWS APPLICATIONS MICROSERVICE SHOPPING CART MICROSERVICE MICROSERVICE 7

  8. New Security Challenge: Increased Entry Points Scraping Inventory Lockup User Interface Fake Likes Vulnerability Fake Accounts Scan </> </> API API Application Credential Breach Floods Stuffing USER MANAGEMENT INVENTORY MGMT MICROSERVICE MICROSERVICE Internet App DDOS BOT WAF </> API </> </> API API DATA ACCESS CUSTOMER REVIEWS MICROSERVICE SHOPPING CART MICROSERVICE MICROSERVICE 8

  9. New Security Challenge: Keep up with DevOps Pace Scraping Inventory Lockup User Interface Fake Likes Vulnerability Fake Accounts Scan </> </> API API Application Credential Breach Floods Stuffing USER MANAGEMENT INVENTORY MGMT MICROSERVICE MICROSERVICE Internet App DDOS BOT WAF </> API </> </> API API DATA ACCESS CUSTOMER REVIEWS MICROSERVICE SHOPPING CART MICROSERVICE MICROSERVICE </> API </> API CUSTOMER RATINGS MICROSERVICE SHOPPING CART v2 MICROSERVICE 9

  10. New Security Challenge: Heterogeneous Environments Scraping Inventory Lockup User Interface Fake Likes Vulnerability Fake Accounts Scan </> </> API API Application Credential Breach Floods Stuffing USER MANAGEMENT INVENTORY MGMT MICROSERVICE MICROSERVICE Internet App DDOS BOT WAF </> API </> </> API API DATA ACCESS CUSTOMER REVIEWS MICROSERVICE SHOPPING CART MICROSERVICE MICROSERVICE 10

  11. New Security Challenge: Multi-Cloud Environments Scraping Inventory Lockup User Interface Fake Likes Vulnerability Fake Accounts Scan </> </> API API Application Credential Breach Floods Stuffing USER MANAGEMENT INVENTORY MGMT MICROSERVICE MICROSERVICE Internet App DDOS BOT WAF </> API </> </> API API DATA ACCESS CUSTOMER REVIEWS MICROSERVICE SHOPPING CART MICROSERVICE MICROSERVICE 11

  12. New Approach: From Perimeter Defense to Microservices Defense WAF Bot App DDoS Frontend App DDOS BOT WAF Business Data Logic Access </> API MONOLTHIC APPLICATIONS MICROSERVICES PODS 12

  13. Runtime Application Protection for Microservices User Interface W AF W Bo AF t App Bo DDoS t App DDoS </> </> API API Internet USER MANAGEMENT MICROSERVICE INVENTORY MANAGEMENT MICROSERVICE W AF Bo t App W DDoS AF Bo t App W DDoS AF </> Bo t API App DDoS </> API </> API DATA ACCESS MICROSERVICE SHOPPING CART MICROSERVICE CUSTOMER REVIEWS MICROSERVICE 13

  14. Must-Haves in Runtime Application Protection for Microservices Designed to work with existing applications without making modifications • SIMPLE Non-invasive: no agents, SDK, or JavaScript • Microservices based protection for protecting other microservices • RELEVANT Co-exist and not replace with existing Ingress Controllers and Sidecars • Single pane of glass for all microservices • EFFECTIVE Protection moves with the microservices to any cloud • 14

  15. New Security Stack for Microservices Runtime Application Protection (WAF, Bot & Application DDoS) Container Security & Compliance Infrastructure Security 15

  16. 16

  17. Thank you! 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

fundamental technologies to work on for cloud-native networking Magnus Karlsson, Intel

fundamental technologies to work on for cloud-native networking Magnus Karlsson, Intel

fundamental technologies to work on for cloud-native networking Magnus Karlsson, Intel Cloud-Native Network Functions My View Many small network functions App App App App Runs in containers / processes Routing / Switching

207 views • 16 slides
Are We Really Cloud-Native? Bert Ertman Cloud-Native Computing What is Cloud-Native? answer:

Are We Really Cloud-Native? Bert Ertman Cloud-Native Computing What is Cloud-Native? answer:

Are We Really Cloud-Native? Bert Ertman Cloud-Native Computing What is Cloud-Native? answer: Blah blah blah Kubernetes! Kubernetes is the Greek god of spending money on cloud services - @QuinniPig About me: Java/Cloud

1.03k views • 67 slides
Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29

Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29

Cloud Native Go 6/28/17, 11)02 AM Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29 file:///Users/kimberlyamaral/Desktop/cng-presentation/pres.html#1 Page 1 of 38 Cloud Native Go 6/28/17, 11)02 AM Agenda

566 views • 38 slides
Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by

Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by

Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by design Ecosystem integration Strong momentum Founded by Wireshark Cloud-native security Customer expansion mirrors co-creator and

247 views • 22 slides
Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry Foundation Why does Cloud Native matter? Since 2000, 52% of the Fortune 500 are no longer on the list Continuous Innovation There is a rough

794 views • 50 slides
A Multi-Tenancy Cloud-Native Digital Library Platform Yinlin Chen, Jim Tuttle, William A. Ingram

A Multi-Tenancy Cloud-Native Digital Library Platform Yinlin Chen, Jim Tuttle, William A. Ingram

A Multi-Tenancy Cloud-Native Digital Library Platform Yinlin Chen, Jim Tuttle, William A. Ingram {ylchen, jim.tuttle, waingram}@vt.edu Information Technologies and Services Virginia Tech Libraries Agenda Cloud-native concept Virginia

411 views • 20 slides
Cloud Native Data Pipelines with Apache Kafka Gwen Shapira, Software Engineer @gwenshap 2

Cloud Native Data Pipelines with Apache Kafka Gwen Shapira, Software Engineer @gwenshap 2

1 Cloud Native Data Pipelines with Apache Kafka Gwen Shapira, Software Engineer @gwenshap 2 What is a Cloud Native Application? 3 Resilience Elasticity Common ideas Agility DevOps 4 You will build Cloud Native Applications

716 views • 47 slides
PATH TO CLOUD-NATIVE APP DEV 8 steps to cloud-native app dev Thomas Qvarnstrom Cesar Saavedra

PATH TO CLOUD-NATIVE APP DEV 8 steps to cloud-native app dev Thomas Qvarnstrom Cesar Saavedra

PATH TO CLOUD-NATIVE APP DEV 8 steps to cloud-native app dev Thomas Qvarnstrom Cesar Saavedra Technical Marketing Manager Product Marketing Manager tqvarnst@redhat.com csaavedr@redhat.com @ tqvarnst @cesar_saavedr June 2018 EVOLUTION OF

657 views • 28 slides
The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP

The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP

The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP Developer Relations Oracle Cloud Bob Quillin, VP Developer Relations Oracle Cloud @bobquillin @bobquillin Cloud Native: New Rules, New Game How we

351 views • 17 slides
What is Cloud Native? WW Developer Advocacy Contents App Modernization Docker

What is Cloud Native? WW Developer Advocacy Contents App Modernization Docker

Cloud Native Applications Workshop Cloud Native Applications Workshop What is Cloud Native? WW Developer Advocacy Contents App Modernization Docker Overview Kubernetes Overview OpenShift Overview 12 Factor Apps IBM

281 views • 27 slides
Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder,

Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder,

Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder, Hyper.sh Reinvent IaaS with Container! Agenda Hyper.sh: a Container Native Cloud Under the Hood: How We Build a Container Native Cloud

442 views • 23 slides
PolarDB Cloud Native DB @ Alibaba Lixun Peng Inaam Rana Alibaba Cloud Team Agenda

PolarDB Cloud Native DB @ Alibaba Lixun Peng Inaam Rana Alibaba Cloud Team Agenda

PolarDB Cloud Native DB @ Alibaba Lixun Peng Inaam Rana Alibaba Cloud Team Agenda Context Architecture Internals HA Context PolarDB is a cloud native DB offering Based on MySQL-5.6 Uses shared storage

1.27k views • 25 slides
5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna

5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna

5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna Edupuganti, Intel Muhammad (Asim) Jamshed, Intel 2020 Agenda Cloud Native Disaggregated Network Infrastructure Transition to 5G Near

639 views • 38 slides
Honey, I shrunk the database! Resilience and recoverability in Cloud Native services JEFFREY

Honey, I shrunk the database! Resilience and recoverability in Cloud Native services JEFFREY

Honey, I shrunk the database! Resilience and recoverability in Cloud Native services JEFFREY FARBER SIDNEY SHEK Cloud infrastructure = reliable services right? SUPER RESILIENT CLOUD-BASED ARCHITECTURE Canary Progressive Rollouts

1.11k views • 93 slides
COSYTEC COS C Complex Systems Technologies Complex Systems Technologies A Problem

COSYTEC COS C Complex Systems Technologies Complex Systems Technologies A Problem

COSYTEC COS C Complex Systems Technologies Complex Systems Technologies A Problem Classification Scheme - When to use CLP Helmut Simonis COSYTEC SA COSYTEC SA (c) 1996 COSYTEC SA class96hs/ 1 COSYTEC COS C Complex Systems Technologies

1.35k views • 111 slides
Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native deployment Cloud native deployment Multi-repo DAG management Manage Airflow Variables with code through Terraform Airflow monitoring

478 views • 30 slides
Preventing bit stuffing in CAN G. Cena, I. Cibrario Bertolotti, T. Hu, and A. Valenzano

Preventing bit stuffing in CAN G. Cena, I. Cibrario Bertolotti, T. Hu, and A. Valenzano

15 th international CAN Conference (iCC 2015) October 27-28, 2015 Austria Center Vienna (AT) Preventing bit stuffing in CAN G. Cena, I. Cibrario Bertolotti, T. Hu, and A. Valenzano CNR-IEIIT (Torino) Outlook Bit stuffing is a very

361 views • 24 slides
Protocols for Checking Compromised Credentials Lucy Li Bijeeta Pal Junade Ali Nick Sullivan

Protocols for Checking Compromised Credentials Lucy Li Bijeeta Pal Junade Ali Nick Sullivan

Protocols for Checking Compromised Credentials Lucy Li Bijeeta Pal Junade Ali Nick Sullivan Cornell Tech Cloudflare Inc. Cornell Tech Cloudflare Inc. Rahul Chatterjee Thomas Ristenpart University of WisconsinMadison Cornell Tech

586 views • 30 slides
MA162: Finite mathematics . Jack Schmidt University of Kentucky August 22, 2012 Schedule: HW

MA162: Finite mathematics . Jack Schmidt University of Kentucky August 22, 2012 Schedule: HW

. MA162: Finite mathematics . Jack Schmidt University of Kentucky August 22, 2012 Schedule: HW 0.1 is due Friday, Aug 24th, 2012. HW 0.2 is due Thursday, Aug 30th, 2012. (Do both!) HW 1.1-1.4 are due Friday, Aug 31st, 2012. Exam 1 is

509 views • 27 slides
Link Layer Where we are in the Course Moving on up to the Link Layer! Application Transport

Link Layer Where we are in the Course Moving on up to the Link Layer! Application Transport

Link Layer Where we are in the Course Moving on up to the Link Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Scope of the Link Layer Concerns how to transfer messages over one or more

629 views • 23 slides
1 1 The Code of Hammurabi , translated by L. W. King, available at

1 1 The Code of Hammurabi , translated by L. W. King, available at

1 1 The Code of Hammurabi , translated by L. W. King, available at http://avalon.law.yale.edu/ancient/hamframe.asp . 2 Jessica Goldberg, Re-considering risk and the 'Maghribi' traders: Agency relations, contract enforcement, and the economy of the

579 views • 17 slides
CS 640: Computer Networks Aditya Akella Lecture 6 - Datalink Layer I Signals and Binary Data

CS 640: Computer Networks Aditya Akella Lecture 6 - Datalink Layer I Signals and Binary Data

CS 640: Computer Networks Aditya Akella Lecture 6 - Datalink Layer I Signals and Binary Data Analog Signal Digital Signal Bit Stream 0 0 1 0 1 1 1 0 0 0 1

440 views • 12 slides
Introduction to Information Retrieval: IR Basics and Evaluation Prof. Srijan Kumar 1 Srijan

Introduction to Information Retrieval: IR Basics and Evaluation Prof. Srijan Kumar 1 Srijan

CSE 6240: Web Search and Text Mining. Spring 2020 Introduction to Information Retrieval: IR Basics and Evaluation Prof. Srijan Kumar 1 Srijan Kumar, Georgia Tech, CSE6240 Spring 2020: Web Search and Text Mining Logistics Class size: Due

658 views • 29 slides
CompSci 356: Computer Network Architectures Lecture 6: Link layer: Error Detection and Reliable

CompSci 356: Computer Network Architectures Lecture 6: Link layer: Error Detection and Reliable

CompSci 356: Computer Network Architectures Lecture 6: Link layer: Error Detection and Reliable transmission Ref. Chap 2.4, 2.5 Xiaowei Yang xwy@cs.duke.edu Overview Link layer functions Encoding NRZ, NRZI, Manchester, 4B/5B

1.06k views • 28 slides

More recommend