Automating Cloud Security Monitoring at Scale presented at CloudSecuritySummit&Training 2019

by Chris Farris,

Summary : The big three cloud providers innovate at a pace that security teams have a hard time keeping up with. New architectural patterns for cloud security and governance call for each team or application to get its own account to limit blast-radius and provide for better financial accountability. The depth of services and the breadth of accounts across multiple different cloud providers prevent many security organizations from detecting issues before they become a data breach. Most vendor-based solutions either lack the ability to scale to hundreds of accounts or ignore the misconfiguration risks of the newer, more advanced offerings from the cloud providers. Cloud providers innovate faster than the security vendor community, and the security team shouldn’t have to slow the adoption of new services because our vendor community cannot keep up. Turner Broadcasting is a cloud-first organization with a variety of brands ranging from CNN to the Cartoon Network and Adult Swim, in addition to broadcast and streaming partnerships with organizations such as the National Basketball Association and the National Collegiate Athletic Association. Turner operates in all three public cloud providers. In this talk, we will touch on the history of our cloud migration and dive deep into how we blended a set of policies with a swarm of Amazon Web Services lambda to deliver customized compliance reports to all our business stakeholders for all three public clouds. Attendees will come away with a strategy and actionable set of tasks to kick-start their cloud security program, along with guidance on how to find and select tools they can use to automate configuration checking at scale.