Cloud Native Security Podcast-logo

Cloud Native Security Podcast

Technology Podcasts >

This podcast will cover many topics relevant to the Cloud Native space, including ecosystem topics like Docker Security and Kubernetes security, RBAC, monitoring and alerting, and many, many more. We'll also partner with the Twistlock Labs team to chat through the latest and great cloud native security research. We'll also cover deep dives on Twistlock product releases, and a meta level on those to show developers how we built those features. Partners will come on the podcast as well to describe some of Twistlock's integration features and how to make the best use of multiple tools to keep your apps secure in the cloud.

This podcast will cover many topics relevant to the Cloud Native space, including ecosystem topics like Docker Security and Kubernetes security, RBAC, monitoring and alerting, and many, many more. We'll also partner with the Twistlock Labs team to chat through the latest and great cloud native security research. We'll also cover deep dives on Twistlock product releases, and a meta level on those to show developers how we built those features. Partners will come on the podcast as well to describe some of Twistlock's integration features and how to make the best use of multiple tools to keep your apps secure in the cloud.
More Information

Location:

United States

Description:

This podcast will cover many topics relevant to the Cloud Native space, including ecosystem topics like Docker Security and Kubernetes security, RBAC, monitoring and alerting, and many, many more. We'll also partner with the Twistlock Labs team to chat through the latest and great cloud native security research. We'll also cover deep dives on Twistlock product releases, and a meta level on those to show developers how we built those features. Partners will come on the podcast as well to describe some of Twistlock's integration features and how to make the best use of multiple tools to keep your apps secure in the cloud.

Language:

English

Contact:

4255050100


Episodes

EP 26 - Falco Vulnerability

5/23/2019
More
In this episode, Aviv dives into the vulnerability discovered in Sysdig Falco which allows someone to create a buffer overrun that completely bypasses all of Falco's normal functionality.

Duration:00:07:15

EP 25 - File Integrity Monitoring

5/14/2019
More
In this episode, Kevin demonstrates the new File Integrity Monitoring feature in Twistlock 19.03.

Duration:00:05:29

EP 24 - Operator Hub Integration

5/8/2019
More
In this episode, Jeremy talks through and demonstrates how we've slipstreamed Twistlock Console installation and deployment into the Operator Hub mechanisms.

Duration:00:26:55

EP 23 - How We Built It - ACI Virtual Nodes

5/7/2019
More
In this episode, Michael discusses how the Twistlock dev team built the ACI Virtual Node protection feature in Twistlock 19.03. We also discuss the differences in technology between Azure Container Instances and AWS Fargate.

Duration:00:15:37

EP 22 - Twistlock 19.03 - Native Helm Charts

5/2/2019
More
In this episode, Michael walks through the new Native Helm support in Twistlock 19.03, detailing the configuration steps necessary to enable Helm Chart support in Twistlock.

Duration:00:11:03

EP 21 - DockerHub Compromise

4/29/2019
More
In this episode, John Morello explains what we know about the DockerHub compromise, what potential impacts exist for DockerHub users, and what you can do to minimize impact to you and your apps. Twistlock customers are NOT affected.

Duration:00:09:11

EP 20 - How We Built It: Lambda Layers Protection

4/23/2019
More
In this episode, Michael dives into how we built the Lambda Layers security features to allow Twistlock to be embedded and to secure Lambda Layers.

Duration:00:16:26

EP 19 - How We Built It: Istio

4/16/2019
More
In this episode, Ilana from the Twistlock dev team discusses the process that she went through to create the Istio visibility, vulnerability management, and prevention features in Twistlock.

Duration:00:11:47

EP 18 - Twistlock 19.03 - Assigned Collections

4/9/2019
More
In this episode, Ashley discusses and demonstrates the advantages of using Assigned Collections to provide granular visibility and security to your cloud native environments. 0:51- Twistlock 2.4 - Projects 1:30- Twistlock 1.8 - Collections 2:24- Inside of Projects, team granular permissions 2:38- Demo time 11:03- Integrating granular control into DevOps lifecycle

Duration:00:16:42

EP 17 - Twistlock 19.03 - Host Forensics

4/4/2019
More
In this episode, Paul demonstrates more host protection features, specifically host forensics, that are built into Twistlock 19.03. Paul demonstrates how anomalous activity can be tracked, alerted, and prevented through Twistlock on any host.

Duration:00:18:22

EP 16 - How We Built It - Kubernetes Audit Rules

4/2/2019
More
In this episode, Omri details how Twistlock built the Kubernetes Audit rules features that integrate with Kubernetes AuditSink, as well as audits for GKE. 0:35- What are Kubernetes audits? 1:30- Kubernetes audit rules in Twistlock 3:28- How we built this feature 5:30- Integration with Kubernetes dynamic backend feature 6:10- demo time 12:58- GKE Audits

Duration:00:19:40

EP 15 - Disclosing a directory traversal vulnerability in Kubernetes copy – CVE-2019-1002101

3/28/2019
More
In this special episode, Ariel goes through the details of the latest Kubernetes CVE, CVE-2019-1002101, and explains how containers are vulnerable, what the vulnerability exposes, and how to get the latest kubectl update to mitigate the vulnerability. Link to Twistlock Labs detailed blog post: https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/ Link to Twistlock Labs post on...

Duration:00:21:04

EP 11 - Twistlock 19.03 - CNNF And Radar For Hosts

3/26/2019
More
In this episode, James demonstrates the new Twistlock 19.03 features around host visibility and protection, including cloud native network firewall and Radar for hosts.

Duration:00:06:44

EP 12 - Twistlock 19.03 - K8s AuditSink Integration

3/26/2019
More
In this episode, Jacob demonstrates the new Twistlock 19.03 features around integration with the Kubernetes AuditSink features.

Duration:00:10:35

EP 13 - Twistlock 19.03 - Custom Runtime Rules Language

3/26/2019
More
In this episode, Andreas demonstrates the new Twistlock 19.03 features around the new Custom Runtime Rules Language, which integrates with the Kubernetes AuditSink. Twistlock 19.03 also comes with over 40 custom rules that query the AuditSink logs to get you started quickly with actions around the events in your environment.

Duration:00:18:48

EP 14 - Twistlock 19.03 - RASP Defender

3/26/2019
More
In this episode, Neil demonstrates the new Twistlock 19.03 feature around RASP Defender, which allows the same level of visibility, automation, and protection in non-managed cloud native resources.

Duration:00:13:17

EP 10 - Why We Use Go

3/21/2019
More
In this episode, Liron Levin, Chief Architect of Twistlock, explains the history behind the decision to use Go to build Twistlock, the criteria that was used to assess all the possible languages, some key findings and advantages of using Go, and, of course, some story time. 1:52- Story time 2:13- The architecture 2:37- Language options 3:45- Before Twistlock, and experience with Python 4:22- Compiled languages + large teams + fast pace 5:07- What does Docker use? 5:48- Maybe I should...

Duration:00:34:15

EP 9 - Documentation As Code

3/19/2019
More
In this episode, Ian discusses how Twistlock is able to automate the creation and maintenance of the product documentation. He talks through the entire OSS-based system that is in place to manage documentation contributions, the tools used to build the docs, as well as a code deep dive through the search indexing and crawling to surface the docs to users. 6:27- Documentation website 9:34- Search mechanisms

Duration:00:19:57

EP 8 - Monitoring Best Practices

3/13/2019
More
In this episode, Michael talks through the history of monitoring software applications and the various approaches that were used in the past, some best practices and new ways of doing monitoring in the cloud native space. 1:00 - Pull vs push approach to monitoring 1:50 - The art of monitoring (book) - https://www.amazon.com/Art-Monitoring-James-Turnbull-ebook/dp/B01GU387MS/ref=sr_1_1?keywords=the+art+of+monitoring&qid=1552498890&s=gateway&sr=8-1 Monitoring with Prometheus (book) -...

Duration:00:23:52

EP 7 - Breaking out of Docker via RunC – Explaining CVE-2019-5736

2/26/2019
More
In this episode, Yuval from Twistlock Labs explains the details of the CVE discovered in RunC, two ways that it can be exploited, and what the fix looks like. Read this blog post for details and code links: https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/

Duration:00:26:26