Secure Operations and Architecture
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
9 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
10
Video Transcription
00:01
>> Once an application is deployed,
00:01
our focus shifts to managing it.
00:01
Secure operations is the third metaphase in
00:01
the CSA breakdown of the security SDLC.
00:01
In this video, we'll cover practices
00:01
highlighted by CSA for secure operations.
00:01
Then we'll talk about the impacts of
00:01
application design in the Cloud world.
00:01
Finally, we'll come back to see how
00:01
those design differences can be leveraged to improve
00:01
your secure operations through the use of
00:01
automated and even event-driven security.
00:01
Production in development environments
00:01
should always be separated.
00:01
Access to the management plane
00:01
for production environments should be
00:01
tightly locked down compared
00:01
to that of the development environment.
00:01
Consider separate user accounts or
00:01
privilege escalation procedures to
00:01
provide access to production.
00:01
Take into consideration the identities that
00:01
the Cloud resources themselves are
00:01
using and how that impacts the way
00:01
those resources access
00:01
other Cloud resources and services.
00:01
Sometimes, these are called service principles,
00:01
sometimes they're called application identities,
00:01
and just like any other user account,
00:01
the philosophy of least privileges
00:01
needs to be applied to these special accounts.
00:01
Within immutable infrastructure and server setup,
00:01
there really shouldn't be any deviations
00:01
of these elements from the approved baselines.
00:01
At the same time,
00:01
it may happen,
00:01
so be sure to set up active monitoring.
00:01
Depending on the particular Cloud provider,
00:01
this monitoring can and should
00:01
be automated whenever possible.
00:01
You can also use event-driven security,
00:01
which we'll talk about shortly to automatically roll
00:01
back unauthorized changes to the production environment.
00:01
Application testing and assessment
00:01
should be considered an ongoing process,
00:01
even if you're using an immutable infrastructure.
00:01
Keep in mind, new zero-day vulnerabilities are
00:01
being discovered in different
00:01
software components every day.
00:01
What is considered totally safe
00:01
today may be highly vulnerable tomorrow,
00:01
just because we learnt something new about problems with
00:01
the software component that was
00:01
introduced earlier in the software supply chain,
00:01
and thereby we inherited those vulnerabilities.
00:01
Always remember that change management
00:01
isn't just about application changes.
00:01
Any infrastructure and Cloud management plane
00:01
changes should also be approved and tracked.
00:01
Application design in the Cloud is different.
00:01
On the right is the fictitious city
00:01
in the clouds from Star Wars.
00:01
As you can see, the architecture for making
00:01
this building is quite
00:01
different from traditional architecture.
00:01
A risk-inverse mindset will
00:01
avoid anything new by default.
00:01
This assumption is that new equals bad.
00:01
But if you look at the Cloud, you'll
00:01
find is different and when you
00:01
incorporate and embrace
00:01
those differences into your design,
00:01
you'll end up with something more secure.
00:01
We've touched on most of these points in
00:01
earlier modules but I'm
00:01
going to highlight key areas where
00:01
the differences in Cloud can be
00:01
leveraged to create more secure applications.
00:01
Segregation by default,
00:01
applications can be run in
00:01
their own isolated environment.
00:01
Depending on your provider,
00:01
you can run applications in
00:01
separate virtual networks or different accounts.
00:01
Although operational overhead will be
00:01
incurred when using separate accounts
00:01
for every application,
00:01
using separate accounts offers the benefit
00:01
of enabling management plane segregation,
00:01
thus minimizing access to the application environment.
00:01
Immutable infrastructure allows you
00:01
to increase security by
00:01
disabling remote logins to
00:01
immutable servers and workloads.
00:01
You can add file integrity monitoring to
00:01
detect changes which in this paradigm
00:01
would be unexpected and your recovery plans can leverage
00:01
the immutable assumption to quickly
00:01
swap out problematic servers.
00:01
Microservices allow you to
00:01
compartmentalize your software nodes.
00:01
This is done primarily using container technology.
00:01
With the smaller components,
00:01
it's easier to create new instances or
00:01
reduce the number of instances.
00:01
This is also referred to as scaling out and scaling in.
00:01
Each node is also hyper-specialized,
00:01
so you minimize the attack surface
00:01
by stripping out all of
00:01
the unnecessary parts and
00:01
libraries associated with that node.
00:01
These benefits do bring
00:01
more complexities when it comes to
00:01
facilitating secure communication between nodes.
00:01
Providing ways for the nodes to discover
00:01
each other and other areas that require
00:01
a container orchestration platform like Kubernetes
00:01
and/or a service mesh solution such as Istio.
00:01
PaaS and serverless technologies can reduce
00:01
the scope of your security responsibilities.
00:01
The provider is responsible for securing
00:01
the underlying services and operating systems.
00:01
We'll talk further about
00:01
serverless in future videos, but right now,
00:01
I want to dive a bit further into how that technology can
00:01
help with the software-defined security
00:01
and event-driven security.
00:01
When I think of automated security enforcement,
00:01
the old movie Robocop comes
00:01
to my mind, I don't know why.
00:01
Software-defined security involves automating
00:01
security operations and
00:01
automating Cloud incident response.
00:01
This includes activities like rolling back
00:01
infrastructure configuration changes
00:01
that were not approved.
00:01
Event-driven security puts the concept
00:01
of software-defined security into action,
00:01
you've system monitoring that kicks off
00:01
automatic responses whenever
00:01
certain changes are discovered.
00:01
For example, a security group is
00:01
changed but the change was not authorized.
00:01
Say there is no approved change record,
00:01
then you kick off a serverless script to undo the change.
00:01
This interaction is usually performed through
00:01
some form of notification messaging.
00:01
Cloud planes provide notification
00:01
for many types of these events.
00:01
As an exam tip,
00:01
if you're asked about the difference between
00:01
software-defined security and event-driven security,
00:01
remember that software-defined security is a concept
00:01
whereas event-driven security puts
00:01
that concept into action.
00:01
In this video, we've reviewed
00:01
the important practices for
00:01
secure operations in the Cloud.
00:01
We examined the impacts of application design in
00:01
the Cloud and then we finished off by
00:01
reviewing how serverless technology can be
00:01
leveraged to have automated and event-driven security.
Up Next
Similar Content
