Aaron Newman
๐ค SpeakerAppearances Over Time
Podcast Appearances
I mean, so there's two things we do.
Secure configuration.
So make sure you have lockdown.
You're using all the security capabilities and features.
I mean, any system you buy today has the ability to be secure.
It's just have you turned it on the right way?
Have you set it up?
Have you enabled the security features?
The second piece is activity monitoring.
So yes, then we're monitoring who's doing what within there.
So we don't specifically do honeypots, but we'll monitor who's creating resources, who's changing permissions.
A lot of it is keeping the record of that, everything from audit logs to identifying anomalous behavior to just helping you see, hey, when your security guy comes to the DevOps person and says,
hey, give me the IP addresses of who connected into our app three weeks ago.
Well, the IP addresses changed 100 times in the last three weeks.
So how do you answer that question?
It's very different.
It used to be you'd go to the logs for that server and you'd look through it.
You don't have logs for that server anymore.
So very different problem.
So we've constructed it so you could answer that question just in a very different way.