Developers just aren’t evil enough! When it was much harder to ship new services and applications this wasn’t much of a problem, armies of cynical operators and security folks looked after applications in production (well, at least in theory). But the move towards cloud native architectures changes the game, it’s easier than ever to ship and scale applications, and now developers are helping run them in production too.
This talk will try and instil the kind of critical thinking required to design and build secure modern systems, with a focus on how containers, schedulers, serverless and other new approaches create new (and old) classes of things to worry about. We’ll touch on:
* Why an attacker compromising your laptop might be the easiest way of hacking your production systems
* How the inevitable movement of time means software which was secure today might not be tomorrow
* The clash between VM-centric identify and access management models and container clusters
* A basic introduction to threat modelling
* Why introducing friction into a process might the right approach to service design
This will be a tale of things you may not have considered, of abstractions that leak and more generally an excuse to think evil thoughts.