Navigating the Cloud Native Security Landscape - Pablo Musa - NDC Porto 2023

This talk was recorded at NDC Porto in Porto, Portugal. #ndcporto #ndcconferences #security #cloud #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com https://ndcporto.com/ Subscribe to our YouTube channel and learn every day: /@NDC Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences/ Transitioning applications to the cloud offers numerous benefits, such as increased agility, innovation, and expedited time-to-market. However, securing cloud-native applications presents a complex, multidimensional challenge that involves various teams, workflows, and infrastructure layers. As the attack surface expands, companies must enhance their understanding of how to bolster their security posture. In this talk, we will delve into the cloud-native security landscape and demystify the numerous acronyms in the field, including CSPM, KSPM, CIEM, CWPP, CDR, and CNAPP. For each acronym, we will explore its meaning and associated attack surface, examine real-world exploitation examples, and discuss relevant research data. Furthermore, we will demonstrate an attack, such as Log4Shell, and explain how it relates to different security layers. This presentation is designed for professionals in the computer software industry seeking to gain a better understanding of the cloud-native security landscape.