Session

Patching considered harmful

The single most important thing to many cybersecurity groups is getting systems onto a patching schedule. However, one of the mantras of DevOps is "Cattle not pets" (and more recently, "Chicken not pets"). If a pet gets sick, you take it to the vet and get it "patched" up, but when a chicken is sick, the chicken farmer just disposes of it because there are already many more to take its place. Today, cloud-native applications are built to run on ephemeral infrastructure that is more like a flock of chickens than a pack of house pets but the mindset of cybersecurity professionals hasn't caught up. They still have a device-centric view of the world. They still talk in terms of IP addresses and hosts rather than in terms that are more suited to cloud-native. What's needed is an app-centric view of the world but how do you achieve that?

This talk is a discussion of a set of misconceptions, like the ongoing importance of patching, and how to adapt your cybersecurity to better align with cloud-native computing paradigms.

Larry Maccherone

DevSecOps Transformation

Raleigh, North Carolina, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top