the CYBER5

Challenges of Containerized and Cloud Environments with Alan Orlikoski, Detection and Response Engineering Team Lead at Square

Episode 11 of the podcast covers challenges and baselining of container and cloud security. 

  • (0:54) Introduction
  • (01:29) Question 1: What are the right and left bounds when deciding to use a container environment as part of the infrastructure and how much of that is security minded?
  • (03:03) Question 2: How do you approach a baseline level of security for your containerized environments? Is it mainly configuration or do you consider other aspects for hardening of your containerized environments?
  • (06:30) Question 3: From your experience, which of the environments, if any, are more security forward than any other and why? Kubernetes? Docker?
  •  (12:06) Question 4: Does the way you defend and track threats against container environments differ from the non-containerized environments? Is a containerized environment inherently easy to secure or more work? 
  •  (12:54) Question 5: How have containerized environments changed the penetration testing, threat hunting, and incident response process? Are there different skillsets needed? Could you provide examples? 
  • (19:41) Bonus: In the security world, what keeps you up at night?
  • (21:50) Closing