SlideShare uma empresa Scribd logo

From Gates to Guardrails: Alternate Approaches to Product Security

Jason Chan
Jason Chan

P

TecnologiaNegócios
1 de 37
From Gates to Guardrails: Alternate Approaches to Product Security LASCON 2013 Jason Chan chan@netflix.com
About Me •  Engineering Director @ Netflix: –  Security: Product, App, Ops, IR, etc. •  Previously: –  Led security team @ VMware –  Consultant - @stake, iSEC Partners
About Netflix
AGILE/CD/CLOUD/DEVOPS CHARACTERISTICS
SAFELY HANDLING SPEED & SCALE
Netflix Environment •  •  •  •  •  •  ~200 production pushes/day 40m+ subscribers Support for 1000+ devices Service in 40+ countries Concurrent delivery from 3 AWS regions ~1/3 of US download bandwidth at peak
CULTURE
Recruiting Infrastructure/Systems/ Cloud AppSec Development Monitoring & Response Online Operations
Waiting, working, Easy planning and complete reporting Per-user filters
VISIBILITY
Dashboards for Security Data Sub- Services and Dashboards Dashboards for Regional SecurityDrill-down Relevant Events for Key Services and Lookback
Meaningful subject Alert configuration What to do? Useful links for more data Embedded graph
Access to changes by app, region, environment, etc. Lookback in time as needed
Chat integration lets engineers easily access info
App name Jenkins (CI) job Currently running clusters by region/ environment
Cluster ID Deployment details AMI version SCM commit
Link to relevant JIRA(s) Modified files Source diffs
AUTOMATION
1000+ tests to compare proposed vs. existing
AWS components
Configuration history Details (rules)
ImmutableServer Pattern •  “ . . . a server that once deployed, is never modified, merely replaced with a new updated instance.” –  http://martinfowler.com/bliki/ ImmutableServer.html
Wrapping Up •  Cloud/DevOps/Agile/CD are transformative (for org & security) •  Orgs embracing tend to deal in speed and scale •  Look to culture, visibility, and automation as security enablers in these environments
Summary Meeting’s Over – Questions?
Netflix Links •  http://techblog.netflix.com •  http://netflix.github.io/#repo •  http://www.slideshare.net/netflix
Photo Credits •  •  •  •  •  •  •  •  Conzelman Road: http://www.california-travels.com/2012/05/04/pointbonita-lighthouse/ Canary: http://www.lafebervet.com/avian-medicine-list/basicinformation-sheets-for-the-canary/ Visibility: http://photography.nationalgeographic.com/wallpaper/ photography/photo-tips/city-photos/golden-gate-bridge-fog/ Scale: http://www.livestockscales.info/ Guinea fowl: http://danrouthphotography.blogspot.com/2009/07/ running-bird.html Culture Club: http://www.last.fm/music/Culture+Club/This+Time:+The +First+Four+Years Babou: http://wildstar-central.com/index.php?threads/extaticaswallpapers-post-my-1200-post-_.4400/ Derek: http://www.fastcocreate.com/3016905/kindness-is-the-newirony-ricky-gervais-on-bringing-an-unlikely-hero-to-netflix-with-derek

Recomendados

DAS Slides: Enterprise Architecture vs. Data Architecture
DAS Slides: Enterprise Architecture vs. Data ArchitectureDAS Slides: Enterprise Architecture vs. Data Architecture
DAS Slides: Enterprise Architecture vs. Data ArchitectureDATAVERSITY
 
Graph-Based Network Topology Analysis for Telecom Operators
Graph-Based Network Topology Analysis for Telecom OperatorsGraph-Based Network Topology Analysis for Telecom Operators
Graph-Based Network Topology Analysis for Telecom OperatorsNeo4j
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationNicholas Vossburg
 
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021accacloud
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAmazon Web Services
 
It's learning. Just not as we know it.
It's learning. Just not as we know it.It's learning. Just not as we know it.
It's learning. Just not as we know it.accenture
 
The Importance of DataOps in a Multi-Cloud World
The Importance of DataOps in a Multi-Cloud WorldThe Importance of DataOps in a Multi-Cloud World
The Importance of DataOps in a Multi-Cloud WorldDATAVERSITY
 
DXC ESO for SAP Client Event presentation
DXC ESO for SAP Client Event presentationDXC ESO for SAP Client Event presentation
DXC ESO for SAP Client Event presentationJoachim Mayer
 

Recomendados

DAS Slides: Enterprise Architecture vs. Data Architecture
DAS Slides: Enterprise Architecture vs. Data ArchitectureDAS Slides: Enterprise Architecture vs. Data Architecture
DAS Slides: Enterprise Architecture vs. Data ArchitectureDATAVERSITY
 
Graph-Based Network Topology Analysis for Telecom Operators
Graph-Based Network Topology Analysis for Telecom OperatorsGraph-Based Network Topology Analysis for Telecom Operators
Graph-Based Network Topology Analysis for Telecom OperatorsNeo4j
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationNicholas Vossburg
 
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021accacloud
 
Accelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAccelerating Your Cloud Migration Journey with MAP
Accelerating Your Cloud Migration Journey with MAPAmazon Web Services
 
It's learning. Just not as we know it.
It's learning. Just not as we know it.It's learning. Just not as we know it.
It's learning. Just not as we know it.accenture
 
The Importance of DataOps in a Multi-Cloud World
The Importance of DataOps in a Multi-Cloud WorldThe Importance of DataOps in a Multi-Cloud World
The Importance of DataOps in a Multi-Cloud WorldDATAVERSITY
 
DXC ESO for SAP Client Event presentation
DXC ESO for SAP Client Event presentationDXC ESO for SAP Client Event presentation
DXC ESO for SAP Client Event presentationJoachim Mayer
 
Architecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group WebinarArchitecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group WebinarCraig Martin
 
Cloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate LanguageCloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate LanguageIver Band
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.CCS Technologies (P) Ltd.
 
Setting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise CustomersSetting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise CustomersAli Asgar Juzer
 
Enterprise Architecture Visualization
Enterprise Architecture Visualization Enterprise Architecture Visualization
Enterprise Architecture Visualization Shkumbin Rrushaj
 
Future of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trendsFuture of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trendsDeloitte United States
 
Managing your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure MLManaging your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure MLParashar Shah
 
Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5accenture
 
Accenture ZBB
Accenture ZBBAccenture ZBB
Accenture ZBBAnaplan
 
Mainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best PracticesMainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best PracticesAmazon Web Services
 
Modern Data Platform on AWS
Modern Data Platform on AWSModern Data Platform on AWS
Modern Data Platform on AWSAmazon Web Services
 
Five keys to successful cloud migration
Five keys to successful cloud migrationFive keys to successful cloud migration
Five keys to successful cloud migrationIBM
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and SecurityJason Chan
 
Cloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case StudyCloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case StudyCAST
 
OCI Overview
OCI OverviewOCI Overview
OCI OverviewKamil Wieczorek
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Alan McSweeney
 
The Customer Journey Is a Graph
The Customer Journey Is a GraphThe Customer Journey Is a Graph
The Customer Journey Is a GraphNeo4j
 
Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0Regine Deleu
 
10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model Governance10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model GovernanceQuantUniversity
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud StrategyAmazon Web Services
 
Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleJason Chan
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services SecurityJason Chan
 

Mais conteúdo relacionado

Mais procurados

Architecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group WebinarArchitecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group WebinarCraig Martin
 
Cloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate LanguageCloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate LanguageIver Band
 
Setting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise CustomersSetting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise CustomersAli Asgar Juzer
 
Enterprise Architecture Visualization
Enterprise Architecture Visualization Enterprise Architecture Visualization
Enterprise Architecture Visualization Shkumbin Rrushaj
 
Future of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trendsFuture of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trendsDeloitte United States
 
Managing your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure MLManaging your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure MLParashar Shah
 
Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5accenture
 
Accenture ZBB
Accenture ZBBAccenture ZBB
Accenture ZBBAnaplan
 
Mainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best PracticesMainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best PracticesAmazon Web Services
 
Five keys to successful cloud migration
Five keys to successful cloud migrationFive keys to successful cloud migration
Five keys to successful cloud migrationIBM
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and SecurityJason Chan
 
Cloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case StudyCloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case StudyCAST
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Alan McSweeney
 
The Customer Journey Is a Graph
The Customer Journey Is a GraphThe Customer Journey Is a Graph
The Customer Journey Is a GraphNeo4j
 
Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0Regine Deleu
 
10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model Governance10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model GovernanceQuantUniversity
 

Mais procurados (20)

Architecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group WebinarArchitecture for the masses - An Open Group Webinar
Architecture for the masses - An Open Group Webinar
 
Cloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate LanguageCloud architecture with the ArchiMate Language
Cloud architecture with the ArchiMate Language
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.
 
Setting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise CustomersSetting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
Setting up a Cloud Center of Excellence (CCoE) for Enterprise Customers
 
Enterprise Architecture Visualization
Enterprise Architecture Visualization Enterprise Architecture Visualization
Enterprise Architecture Visualization
 
Future of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trendsFuture of controls: risks, realities, and next-generation trends
Future of controls: risks, realities, and next-generation trends
 
Managing your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure MLManaging your ML lifecycle with Azure Databricks and Azure ML
Managing your ML lifecycle with Azure Databricks and Azure ML
 
Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5Accenture Tech Vision 2020 - Trend 5
Accenture Tech Vision 2020 - Trend 5
 
Accenture ZBB
Accenture ZBBAccenture ZBB
Accenture ZBB
 
Mainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best PracticesMainframe Modernization with AWS: Patterns and Best Practices
Mainframe Modernization with AWS: Patterns and Best Practices
 
Modern Data Platform on AWS
Modern Data Platform on AWSModern Data Platform on AWS
Modern Data Platform on AWS
 
Five keys to successful cloud migration
Five keys to successful cloud migrationFive keys to successful cloud migration
Five keys to successful cloud migration
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and Security
 
Cloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case StudyCloud Migration: Cloud Readiness Assessment Case Study
Cloud Migration: Cloud Readiness Assessment Case Study
 
OCI Overview
OCI OverviewOCI Overview
OCI Overview
 
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
Integrating It Frameworks, Methodologies And Best Practices Into It Delivery ...
 
The Customer Journey Is a Graph
The Customer Journey Is a GraphThe Customer Journey Is a Graph
The Customer Journey Is a Graph
 
Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0Presentation GEA-NZ v3.0
Presentation GEA-NZ v3.0
 
10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model Governance10 Key Considerations for AI/ML Model Governance
10 Key Considerations for AI/ML Model Governance
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud Strategy
 

Destaque

Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleJason Chan
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services SecurityJason Chan
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
Defending Netflix from Abuse
Defending Netflix from AbuseDefending Netflix from Abuse
Defending Netflix from AbuseJason Chan
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
Practical Cloud Security
Practical Cloud SecurityPractical Cloud Security
Practical Cloud SecurityJason Chan
 
Practical Security Automation
Practical Security AutomationPractical Security Automation
Practical Security AutomationJason Chan
 
Careers in Security
Careers in SecurityCareers in Security
Careers in SecurityJason Chan
 
Real World Cloud Application Security
Real World Cloud Application SecurityReal World Cloud Application Security
Real World Cloud Application SecurityJason Chan
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedJason Chan
 
Security at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at YahooSecurity at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at YahooAlex Stamos
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at NetflixJason Chan
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Cloud Security @ Netflix
Cloud Security @ NetflixCloud Security @ Netflix
Cloud Security @ NetflixJason Chan
 
Ibm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalIbm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalaspyker
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
 
Netflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search RoadshowNetflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search RoadshowAdrian Cockcroft
 
Netflix Cloud Platform and Open Source
Netflix Cloud Platform and Open SourceNetflix Cloud Platform and Open Source
Netflix Cloud Platform and Open Sourceaspyker
 

Destaque (20)

Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and Scale
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security Automation
 
Defending Netflix from Abuse
Defending Netflix from AbuseDefending Netflix from Abuse
Defending Netflix from Abuse
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Practical Cloud Security
Practical Cloud SecurityPractical Cloud Security
Practical Cloud Security
 
Practical Security Automation
Practical Security AutomationPractical Security Automation
Practical Security Automation
 
Careers in Security
Careers in SecurityCareers in Security
Careers in Security
 
Real World Cloud Application Security
Real World Cloud Application SecurityReal World Cloud Application Security
Real World Cloud Application Security
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
 
Security at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at YahooSecurity at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at Yahoo
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at Netflix
 
Analyze System and Code Interactions
Analyze System and Code InteractionsAnalyze System and Code Interactions
Analyze System and Code Interactions
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
Cloud Security @ Netflix
Cloud Security @ NetflixCloud Security @ Netflix
Cloud Security @ Netflix
 
Ibm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalIbm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinal
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integration
 
Netflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search RoadshowNetflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search Roadshow
 
Netflix Cloud Platform and Open Source
Netflix Cloud Platform and Open SourceNetflix Cloud Platform and Open Source
Netflix Cloud Platform and Open Source
 

Semelhante a From Gates to Guardrails: Alternate Approaches to Product Security

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůMarketingArrowECS_CZ
 
Netflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open SourceNetflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open Sourceaspyker
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solutionxband
 
Introduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell HallIntroduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell HallAmazon Web Services
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
 
Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsTomasz Kopacz
 
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas parkAmazon Web Services Korea
 
Cisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud PlatformCisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud PlatformShashi Kiran
 
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frogWebinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frogQualiQuali
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraRogerChaucaZea
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunk
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA AutomationCisco Canada
 
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...Amazon Web Services
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 
AWS Summit Atlanta Keynote
AWS Summit Atlanta KeynoteAWS Summit Atlanta Keynote
AWS Summit Atlanta KeynoteKristana Kane
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Amazon Web Services
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud StackRapidScale
 
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...Amazon Web Services
 

Semelhante a From Gates to Guardrails: Alternate Approaches to Product Security (20)

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
 
Netflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open SourceNetflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open Source
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
 
Introduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell HallIntroduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell Hall
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 years
 
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
 
Cisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud PlatformCisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud Platform
 
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frogWebinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT Breakout
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA Automation
 
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 
AWS Summit Atlanta Keynote
AWS Summit Atlanta KeynoteAWS Summit Atlanta Keynote
AWS Summit Atlanta Keynote
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud Stack
 
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
 
Cloud computing ppt.
Cloud computing ppt.Cloud computing ppt.
Cloud computing ppt.
 

Último

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Último (20)

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

From Gates to Guardrails: Alternate Approaches to Product Security