The Cyber5 Podcast

EP11: The Cyber5 – Square’s Alan Orlikoski

Episode 11 | June 18, 2020

Episode 11 | June 18, 2020

Episode 11 of the podcast covers challenges and baselining of container and cloud security with Alan Orlikoski Detection and Response Engineering Team Lead at Square.

Outline:

  • (0:54) Introduction
  • (01:29) Question 1: What are the right and left bounds when deciding to use a container environment as part of the infrastructure and how much of that is security minded?
  • (03:03) Question 2: How do you approach a baseline level of security for your containerized environments? Is it mainly configuration or do you consider other aspects for hardening of your containerized environments?
  • (06:30) Question 3: From your experience, which of the environments, if any, are more security forward than any other and why? Kubernetes? Docker?
  • (12:06) Question 4: Does the way you defend and track threats against container environments differ from the non-containerized environments? Is a containerized environment inherently easy to secure or more work?
  • (12:54) Question 5: How have containerized environments changed the penetration testing, threat hunting, and incident response process? Are there different skillsets needed? Could you provide examples?
  • (19:41) Bonus: In the security world, what keeps you up at night?
  • (21:50) Closing