Securing Cloud Applications and Their Credentials

Explore cloud application security and credential management in this 40-minute conference talk from Strange Loop. Dive into the challenges of securing containerized cloud-based infrastructure as Srdjan Grubor, an R&D software engineer at CyberArk, shares insights on common container security problems and strategies to enhance application security at both container and scheduler levels. Learn about the impact of implementation misconfigurations on attack surfaces, discover next-generation security tools, and gain perspective on long-term security initiatives in cloud environments. Understand the balance between development velocity and security measures, and explore techniques for managing credentials and securing containers effectively. Benefit from Grubor's expertise in Docker, Linux systems, and cloud-based security as he guides you through the complexities of modern app security and the importance of not relying solely on developers for security implementation.

Introduction
Why should we care
Containerization
Security
There is no perfect system
What do you want vs what do you need
Layers
Containers
Additional security features
Container security
Common problems
Modern apps
Exfiltration potential
Dont trust developers
Developers vs security
Credentials
Securing containers
Managing credentials
Secret Lists
Conclusion