Sergio Garcia
I’m a Cloud Security Engineer with mainly experience in AWS. Among my roles, I completed an internship in Amazon and support a digital bank to secure its assets in the cloud for 2 years. I’m passionate about cloud automation, even more if it helps to ease the security management. Currently, I am working at Prowler being one of the maintainers of Prowler Open Source, since 2 years.
Session
Do you want to build a big OSS swiss-army knife tool? Go for it my friends, but please know: it's dangerous to go alone.
After 12 years of securing cloud workloads and building open-source cloud security tools, I will share my expertise, war stories, and gotchas on how cloud security has evolved over the years by way of AWS, Azure, Google Cloud and Kubernetes; and how you can meet the challenges of securing a multi-cloud environment without dying trying.
In the dynamic world of cloud computing, navigating the complexities of building an open-source security tool for multi-cloud environments is very difficult. This talk will walk you through the challenges of authentication, variety of SDKs (python in this case), cloud provider inconsistencies and the madness of compliance and attribute mapping; the trials and tribulations of allowing users to build their own visualization; and creating output and reporting formats to satisfy compliance officers, auditors, and practitioners.
You will walk away with a better understanding of how to improve your security posture by building a multi-faceted tool and also with tips for keeping the tool simple, effective, and user-friendly.
Join us for a session full of fire, iron and, why not, a bit of blood and tears to forge your best tool in your arsenal.
Outline:
Introduction (5 minutes):
* Brief personal introduction and background in cloud security and open-source tools.
* Overview of the evolution of cloud computing and security challenges across AWS, Azure, Google Cloud, and Kubernetes.
* Highlight the main goal: to share knowledge on building a robust, multi-cloud open-source security tool.
The Genesis of Multi-Cloud Security Tools (5 minutes):
* Historical context: the early days of cloud computing and initial security challenges.
* The evolution of threats and security measures over the past 12 years.
* The motivation behind creating a tool for cloud security.
Core Challenges and war-stories in Multi-Cloud Environments (25 minutes):
* Authentication maze: navigating through different cloud providers and their authentication and authorization capabilities.
* SDK diversity: handling Python SDKs across AWS, Azure, Google Cloud and Kubernetes.
* Cloud provider inconsistencies: dealing with varying features and services.
* Compliance and attribute mapping madness: satisfying diverse regulatory requirements and how to make it easier.
* Results and reporting: crafting output formats that meet the needs of compliance officers, auditors, and practitioners alike.
* UI-UX and User-Driven visualization: allowing users to customize their security visibility.
* Performance: Concurrency, throttling and other cloud APIs tales.
Maintaining Your Tool now and in the future: Best Practices and Lessons Learned (5 minutes):
* Open Source Cloud Security Community is a different Open Source Security Community.
* Insights on future-proofing your security tool against evolving threats and cloud services.
Conclusion and Q&A (5 minutes):
* Recap of the key points covered and the importance of a robust multi-cloud security tool.
* Encouragement and advice for those embarking on the journey of building their own open-source tools.
* Open floor for questions, sharing experiences, and further discussion.