Securing AWS Containerized Environments: A Peek Under the Lid

BSides RDU 2022

Hacktoberfest

This Event
Is Hosted By…

BSides

Security BSides is a community-driven framework for building events for and by cyber security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Learn More

Aligned is Proud to Present at BSides

Please join Aligned Technology Group at BSides for a local information/cyber security conference on Securing AWS Containerized Environments and an opportunity to network and learn.

WHEN

Saturday, October 15, 2022
8:00 AM – 6:00 PM

WHERE

The Carolina Theatre
309 W Morgan St, Durham, NC 27701

OUR PRESENTATION

Understanding and Securing Containerized Environments: A Peek Under the Lid
Manny Landron, VP of Security Consulting & Advisory Services
Oct 15th @ 10:45AM

Abstract: Security teams face unfamiliar challenges as more organizations transition to and adopt containerized AWS workloads including microservices. This session will explain the fundamental differences between containerization and virtualization, the pros and cons of containerization from a security perspective, and the challenges associated with securing and monitoring containers throughout their lifecycle from container registry to production. Additionally, we’ll explore the concept of ‘container escape’, review the role kernel namespaces and control groups play to enforce segmentation and control resource allocation respectively. Last, we’ll rely on the Linux command ‘strace’, a useful diagnostic, instructional, and debugging tool to intercept and record system calls as a technique to understand a container’s runtime behavior and the importance of implementing safeguards, including least privilege access, to promote container isolation.

CONNECT WITH THE ALIGNED TEAM AT THIS EVENT

Cost Optimization

Issue: Small AWS deployment with little management oversight and a lack of cloud skills internal to the organization moving from traditional infrastructure to SaaS and cloud based solutions.

 

What we did

  1. AWS Audit
  2. Cost Optimization Review
  3. Ongoing Monitoring

 

Result:

  • Eliminated unused storage volumes and the old application server no longer in use, the charges for AWS resulted in a savings of 51% per month.
  • We’ll continue to monitor AWS billing and finance to ensure maintenance of savings and identify other future changes.

Cost Optimization

Issue: Small AWS deployment with little management oversight and a lack of cloud skills internal to the organization moving from traditional infrastructure to SaaS and cloud based solutions.

 

What we did

  1. AWS Audit
  2. Cost Optimization Review
  3. Ongoing Monitoring

 

Result:

  • Eliminated unused storage volumes and the old application server no longer in use, the charges for AWS resulted in a savings of 51% per month.
  • We’ll continue to monitor AWS billing and finance to ensure maintenance of savings and identify other future changes.