Bill McGee, SVP & GM Hybrid Cloud Security, Trend Micro, sits down with John Furrier & Stu Miniman for AWS re:Invent 2019 at the Sands Expo & Convention Center in Las Vegas, NV.
#reInvent #TrendMicro #theCUBE
https://siliconangle.com/2019/12/10/malicious-attackers-zeroing-developers-next-big-score-reinvent/
Malicious attackers are zeroing in on developers for their next big score
BY MARK ALBERTSON
Cybercriminals are training their sights on developers, and this is raising alarm bells in the global security community.
It’s a concern because one recent survey by GitLab Inc.found deficiencies in a developer’s ability to spot security holes for the code they create.
“Unfortunately, what we expect is for the attackers to move to developers, move to the development pipeline, injecting code not at runtime, but earlier in the lifecycle,” said Bill McGee (pictured), senior vice president and general manager of hybrid cloud security at Trend Micro Inc. “We’ve seen evidence of container images up on Docker Hub getting infected and developers just pulling in without thinking about it. We need to move some our security technology to the development pipeline to help customers defend themselves.”
McGee spoke with John Furrier (@furrier) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Invent event. They discussed the recent launch of a new service to improve application development security and enterprise responsibility for protecting workloads in the cloud. (* Disclosure below.)
Helping developers manage risk
Trend Micro is moving some of its own technology in the development direction through the launch of its Cloud One service last month. The security platform allows developers to build applications while managing organizational risk.
“It cuts across about 70 services right now and gives you visibility of potential security configuration errors that you have in your environment,” McGee said. “If it’s in production, that is a big deal.”
Potential vulnerabilities created by developers are part of the ongoing discussion around cloud and the platform’s security. As the cloud model has evolved, dialogue has shifted from blanket acceptance of security to one of shared responsibility.
“Initially, I would say there was what I would call a naive perception that the cloud was magic and it was perfectly secure,” McGee said. “Amazon did the industry a real favor by establishing the shared responsibility model and making it crystal clear what they’ve got covered that you don’t need to worry about anymore as a customer and then the capabilities you still need to worry about.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Invent event. (* Disclosure: Trend Micro Inc. sponsored this segment of theCUBE. Neither Trend Micro nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2019 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AWS re:Invent 2019 | Las Vegas
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AWS re:Invent 2019 | Las Vegas.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2019 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AWS re:Invent 2019 | Las Vegas
Please sign in with LinkedIn to continue to AWS re:Invent 2019 | Las Vegas. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Bill McGee, Trend Micro | AWS re Invent 2019
Bill McGee, SVP & GM Hybrid Cloud Security, Trend Micro, sits down with John Furrier & Stu Miniman for AWS re:Invent 2019 at the Sands Expo & Convention Center in Las Vegas, NV.
#reInvent #TrendMicro #theCUBE
https://siliconangle.com/2019/12/10/malicious-attackers-zeroing-developers-next-big-score-reinvent/
Malicious attackers are zeroing in on developers for their next big score
BY MARK ALBERTSON
Cybercriminals are training their sights on developers, and this is raising alarm bells in the global security community.
It’s a concern because one recent survey by GitLab Inc.found deficiencies in a developer’s ability to spot security holes for the code they create.
“Unfortunately, what we expect is for the attackers to move to developers, move to the development pipeline, injecting code not at runtime, but earlier in the lifecycle,” said Bill McGee (pictured), senior vice president and general manager of hybrid cloud security at Trend Micro Inc. “We’ve seen evidence of container images up on Docker Hub getting infected and developers just pulling in without thinking about it. We need to move some our security technology to the development pipeline to help customers defend themselves.”
McGee spoke with John Furrier (@furrier) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Invent event. They discussed the recent launch of a new service to improve application development security and enterprise responsibility for protecting workloads in the cloud. (* Disclosure below.)
Helping developers manage risk
Trend Micro is moving some of its own technology in the development direction through the launch of its Cloud One service last month. The security platform allows developers to build applications while managing organizational risk.
“It cuts across about 70 services right now and gives you visibility of potential security configuration errors that you have in your environment,” McGee said. “If it’s in production, that is a big deal.”
Potential vulnerabilities created by developers are part of the ongoing discussion around cloud and the platform’s security. As the cloud model has evolved, dialogue has shifted from blanket acceptance of security to one of shared responsibility.
“Initially, I would say there was what I would call a naive perception that the cloud was magic and it was perfectly secure,” McGee said. “Amazon did the industry a real favor by establishing the shared responsibility model and making it crystal clear what they’ve got covered that you don’t need to worry about anymore as a customer and then the capabilities you still need to worry about.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Invent event. (* Disclosure: Trend Micro Inc. sponsored this segment of theCUBE. Neither Trend Micro nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
