Ankur Shah, VP, Products, Public Cloud Security, Palo Alto Networks & Richard Weiss, Cloud Security Engineer, Robert Half, sit down with John Walls & Justin Warren at AWS re:Invent 2018 in Las Vegas, NV.
#reInvent #PaloAltoNetworks #theCUBE
https://siliconangle.com/2018/12/27/shift-left-prevents-missteps-that-lead-to-90-of-breaches-reinvent/
‘Shift left’ prevents missteps that lead to 90% of breaches in cloud computing
Lugging workloads from on-premises to public cloud is straining when done with flimsy security policies. Making sure workloads are secure and compliant the minute they arrive in cloud is even harder. How do companies do it? With a methodology called “shift left” that pushes security back to the earliest stages of developer operations.
“As they move to the cloud, they want to make sure they have the visibility and the security controls to make sure that they are not in the news,” said Ankur Shah (pictured, left), vice president of products, public cloud security, at Palo Alto Networks Inc.
Hackers are finding new inroads to users’ data via the vast attack vector of cloud. “A lot of the next-gen breaches are going to happen in the cloud,” Shah said. Cyber criminals are coming up with ingenious new attacks all of the time, such as cryptojacking, so businesses need monitoring and visibility at all stages to fend them off, he added.
Shah and Richard Weiss (pictured, right), principal cloud security engineer at Robert Half International Inc., spoke with John Walls (@JohnWalls21), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, and guest host Justin Warren (@jpwarren), chief analyst at PivotNine Pty Ltd, during AWS re:Invent in Las Vegas. They discussed the challenges of cloud migration and security and the benefits of shift left. (* Disclosure below.)
Tools, tricks and training spread security all over
Staffing firm Robert Half began migrating workloads to the Amazon Web Services Inc. cloud about seven years ago. “We were doing all the right things, but we didn’t have the visibility we needed,” Weiss said.
The company tapped Palo Alto Networks a couple of years ago for tools to help it gain 360 visibility into its environment.
“Customers have to understand the kind of AWS services that they’re adopting, understand the security implications, make sure they have the security guard rails,” Shah said.
Basic security hygiene, network security, user-activity monitoring, and host monitoring tools go into that holistic 360 view. And the work of securing apps has to be spread holistically throughout a company’s staff, according to Shah. Ninety percent of breaches occur because of some silly mistake someone made — often someone who was not on the security team, he explained.
Shifting left brings those staffers into the security fold and educates them, so these mistakes can be avoided. “Now DevOps teams have to be part of the equation as well. They need to be trained and coached in understanding the security implications of their day-to-day operations,” Shah concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: Palo Alto Networks Inc. sponsored this segment of theCUBE. Neither Palo Alto Networks nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2018 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AWS re:Invent 2018 | Las Vegas
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AWS re:Invent 2018 | Las Vegas.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2018 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AWS re:Invent 2018 | Las Vegas
Please sign in with LinkedIn to continue to AWS re:Invent 2018 | Las Vegas. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Ankur Shah, Palo Alto Networks & Richard Weiss, Robert Half | AWS re:Invent 2018
Ankur Shah, VP, Products, Public Cloud Security, Palo Alto Networks & Richard Weiss, Cloud Security Engineer, Robert Half, sit down with John Walls & Justin Warren at AWS re:Invent 2018 in Las Vegas, NV.
#reInvent #PaloAltoNetworks #theCUBE
https://siliconangle.com/2018/12/27/shift-left-prevents-missteps-that-lead-to-90-of-breaches-reinvent/
‘Shift left’ prevents missteps that lead to 90% of breaches in cloud computing
Lugging workloads from on-premises to public cloud is straining when done with flimsy security policies. Making sure workloads are secure and compliant the minute they arrive in cloud is even harder. How do companies do it? With a methodology called “shift left” that pushes security back to the earliest stages of developer operations.
“As they move to the cloud, they want to make sure they have the visibility and the security controls to make sure that they are not in the news,” said Ankur Shah (pictured, left), vice president of products, public cloud security, at Palo Alto Networks Inc.
Hackers are finding new inroads to users’ data via the vast attack vector of cloud. “A lot of the next-gen breaches are going to happen in the cloud,” Shah said. Cyber criminals are coming up with ingenious new attacks all of the time, such as cryptojacking, so businesses need monitoring and visibility at all stages to fend them off, he added.
Shah and Richard Weiss (pictured, right), principal cloud security engineer at Robert Half International Inc., spoke with John Walls (@JohnWalls21), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, and guest host Justin Warren (@jpwarren), chief analyst at PivotNine Pty Ltd, during AWS re:Invent in Las Vegas. They discussed the challenges of cloud migration and security and the benefits of shift left. (* Disclosure below.)
Tools, tricks and training spread security all over
Staffing firm Robert Half began migrating workloads to the Amazon Web Services Inc. cloud about seven years ago. “We were doing all the right things, but we didn’t have the visibility we needed,” Weiss said.
The company tapped Palo Alto Networks a couple of years ago for tools to help it gain 360 visibility into its environment.
“Customers have to understand the kind of AWS services that they’re adopting, understand the security implications, make sure they have the security guard rails,” Shah said.
Basic security hygiene, network security, user-activity monitoring, and host monitoring tools go into that holistic 360 view. And the work of securing apps has to be spread holistically throughout a company’s staff, according to Shah. Ninety percent of breaches occur because of some silly mistake someone made — often someone who was not on the security team, he explained.
Shifting left brings those staffers into the security fold and educates them, so these mistakes can be avoided. “Now DevOps teams have to be part of the equation as well. They need to be trained and coached in understanding the security implications of their day-to-day operations,” Shah concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: Palo Alto Networks Inc. sponsored this segment of theCUBE. Neither Palo Alto Networks nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
