Automated Incident Response for Cloud Native Risks (EN)
Incident response teams are already drowning in alerts – and potentially are missing critical vulnerabilities. What usefulness there is to a security scanner which tells you there are thousands of vulnerabilities, but you need to take the time to go fix them? Extending visibility and responsibility to cloud native environments compounds this challenge faced by teams of weeding through huge volumes of alerts to determine which risks are the most urgent, and how best to respond to incidents. This session will cover how security teams can use open source projects to better identify high risk cloud native events, orchestrate responses with other third-party integrations based on these high-fidelity insights, and execute playbooks for more automated and effective incident analysis and handling processes. We will cover a variety of use cases ranging from simple cases such as acting upon CVE detections when performing vulnerability scans to more complex scenarios of runtime d etection. The session will focus on practical use case scenarios that are commonly observed in day-to-day situations.
Speaker
-
Simarpreet SinghAqua SecuritySimar is an Open Source Engineer at Aqua. He works on projects that improve container security. He is also an avid Open Source contributor outside of work and currently maintains a few projects. While not in front of a computer screen, he likes to row competitively, ride a bike and travel.