Post banner
Cloud SecurityThreat Stack 2 Min Read

Boston Cloud Security & Incident Management Workshop Recap

Last night we got together with our good friends from PagerDuty to host an event at District Hall in the Seaport area of Boston. It was a fun evening, offering product-related presentations, a wide-ranging panel discussion, and an opportunity to socialize with friends, colleagues, and other like-minded folks.

Before we go further, you may ask why we’re teaming up with PagerDuty. PagerDuty and Threat Stack have a tight product integration that enables you to manage all types of alerts in one place, making sure you have an end-to-end security solution that alerts you when the unexpected occurs. A great combination!

Opening Presentations

Rachel Obstler, PagerDuty’s VP of Product, kicked off the evening, giving an overview of PagerDuty’s existing capabilities along with a description of some new functionality — the Operations Command Console. The Command Console provides an overall view of your environment so you can see alerts in context and not in isolation.

Pete Cheslock, Senior Director, Operations and Support at Threat Stack, provided insights into Threat Stack’s Cloud Security Maturity Model. We’ll be covering the Maturity Model in detail in upcoming blog posts, but essentially, it focuses on Auditing your environment to establish a security baseline and set up fundamental cloud security best practices, Continuous Monitoring to detect vulnerabilities and intrusions, and Investigating and Analyzing security events to determine root cause.

Panel Discussion

Next up was a panel that featured Pete Cheslock, Nick Laferriere, DevOps Engineer from TAMR, and Brian Castagna, Senior Director of Information Security at Acquia.

  • Pete took a first-things-first approach, concentrating on the need to ensure good hygiene in your environment by making sure that servers are patched and AWS security groups aren’t wide open, for example.
  • Nick pointed out something we need to hear again and again: DevOps involves a lot more than just relying on tools to do the job. To create a DevOps culture that really delivers results, you need to build in a lot of other dimensions including communication between teams, security checks in your CI pipeline, and code analysis for continuous improvement. Again, the environment is dynamic, the work is never done, and you need to actively keep evolving, improving, and optimizing your operations.
  • Brian started out in public accounting as an IT auditor, and over time, decided to change his focus from pointing out compliance problems to fixing them. That brought about his transition into information security. 

    One of his main observations is that DevSecOps makes some security practitioners nervous with its speed and multiple, simultaneous inputs for different disciplines. But he’s quick to point out that you can have it all — speed, agility, innovation, and security — provided your teams work together, communicate, and share common objectives.

Final Words . . .

All in all — a great evening, and we’re looking forward to the next event.