Cloud Security at Scale and What it Means for Your Application

No ratings

Presented at AppSecUSA 2014 by

Ben Hagen

Cloud computing is all the rage, but few organizations have really thought about what security means for their applications and networks in cloud-centric deployments. Netflix is amongst the largest users of public cloud resources and consumes roughly 1/3 of all the US’s downstream broadband at peak. This talk will cover the processes used at Netflix to deploy and secure large-scale applications to the Cloud. Netflix has developed a suite of architectures, processes, and tools to make security in the Cloud as elegant as possible... most of these are, or will soon be, Open Sourced. Several tools will be previewed in the talk. These systems include: - Hundreds of applications; with hundreds of production deployments a day ... all using an “immutable server model” - Crazy monkeys that roam the clouds to enforce availability models through random instance homicide - OCD fish that swim cloudy waters to make sure firewalls are sane and consistent across the globe - Inquisitive penguins automatically assess the risk of an application based upon its codebase and interconnections with other applications - ... and many more ...