Securing Hybrid Workloads Why is a consistent view important? Why is continuous security important? 32 12 47 What is the cloud shared responsibility model and how does it impact me? How do I select a solution? ? Native multi-cloud - Cloud provider integration Microservices – Enables continuous assessment Agentless – Less bloat and more secure Rapid Assessment – Lowest time to baseline Open APIs – DevSecOps Broad coverage – OSs and frameworks How do I reduce my attack surface – on-premise and multi-cloud, bare-metal and VM, and containers? Now, I’m secure In an hour, am I still secure? I know I’m always secure Conflicting Guidance Weak Links Continuous Security Assessment and Remediation for Hybrid Workloads On-Premise IaaS PaaS SaaS Applications Data Runtime Middleware O/S Virtualization Servers Storage Networking Your responsibility in blue Cloud provider responsibility in purple 65 65 65 Correlated Guidance Single unified view across all cloud providers and on-premise Workloads APIs How do I enable this? Cloud Discovery and Security Policy Enforcement (IaaS and PaaS) RDS S3 VPC EBS IAM EC2 Reporting Inspector CloudTrail CloudWatch Security Event Monitoring Security Event Assessment @ AWS