Security Is Still an Afterthought in the Cloud-Native World


Manage episode 278621704 series 2596419
By TFIR: Open Source & Emerging Technologies and TFiR Media LLC. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.
As much as we want to think that companies are prioritizing security in the cloud-native world, that is not the case. According to Karsten Samaschke, CEO of Cloudical, “Companies plan for security when pretty much everything is deployed, but that’s too late in the cloud and cloud-native environments.” Misconfigurations and bugs are primary causes of security, but Samaschke believes not having the right processes in place also exposes companies to attackers. Security is as much a people/culture problem as it is a technology problem. Developers often have this mindset of looking at Ops and Security folks as their enemies. DevSecOps is trying to address that, but there is still a long way to go. Samaschke also highlighted the complexity of modern cloud-native architecture that contributes to security issues. This has been an eye-opening discussion and I hope you enjoy it as much as I did.

133 episodes