BeyondProd- The Origin of Cloud-Native Security at Google - Brandon Baker - USENIX Enigma - 2020

Explore the evolution of cloud-native security at Google in this 24-minute conference talk from USENIX Enigma 2020. Delve into the concept of BeyondProd, which proposes a security architecture for cloud-native environments that assumes no trust between services. Learn about the shift from monolithic applications to distributed microservices and its implications for security. Discover the principles behind BeyondProd, including isolation of multi-tenant workloads, verifiable application deployment enforcement, automated vulnerability management, and robust access controls for critical data. Gain insights into Google's innovative systems developed to meet these new security requirements. Understand the differences between traditional and cloud-native security approaches, and explore how organizations can adapt these principles to secure their own infrastructure. Walk away with a comprehensive understanding of cloud-native security thinking and the tools needed to protect modern distributed systems effectively.

Intro
The Problem Space
Requests
Binary Authorization
Trust
Benefits
Security