Kubernetes, containers, and serverless have been part of the "new stack" that everyone talks about, but hasn't quite yet fully harnessed. And, security best practices for these are still being formulated. That's where Lacework's CEO Dan Hubbard is looking to change all of that through Lacework's end-to-end security and compliance platform for multicloud and new stack environments. Dan is a security and tech OG, and a font of security knowledge. Here are the best practices he recommends for securing the "new stack."Listen to the episode here.
Before he became CEO at Lacework, Dan started his career building the network at one of the first ISPs in Canada. Over the years, he helped build Websense (and a new web security category!) and take it public. Afterward, he became CTO at OpenDNS and had a successful exit with Cisco. Given his experience and having been in security for ~30 years, Dan shares:
[03:53] What are the most commonly missed things around securing containers, Kubernetes, and other parts of the "new stack".
[06:10] How vulnerable Kubernetes is when you think about it.
[09:55] How to secure serverless technology like Lambda.
[12:39] How to prep for and pass security audits when you're using "new stack" technology.
[16:59] Security considerations for multicloud environments.
[23:00] Other cloud security best practices.Listen to the episode here.
Tugboat Logic presents The Security Demystified Show: a podcast to help you become more secure and tame the dark (and not-so-thrilling) art of compliance. Every other week, check in with Tugboat Community Manager Cheryl, Marketing Guy Victor, and security experts and practitioners to find out all of the "secrets" and myths surrounding security and compliance so you can apply what's worked.