2023 Architecting a Cloud Security Guardrails Model Solutions Forum

  • Friday, 23 Jun 2023 10:30AM EDT (23 Jun 2023 14:30 UTC)
  • Speaker: Dave Shackleford

Security teams need to build consistent, reusable design patterns for cloud security controls that can be automated and maintained readily over time. Within cloud infrastructure, many controls can be provisioned and enabled ahead of time and operate autonomously in any deployment scenario. Commonly termed “guardrails,” these controls ensure that security capabilities are always enabled and operate within the context of deployments without any required interaction from security operations or cloud engineering teams.

While there are many cloud-native services and controls available from cloud service providers, the marketplace for cloud-centric security solutions has grown and matured significantly in the past several years, and both can play important roles in guardrail design.

During this forum, we’ll break down the most common guardrails to consider within a cloud security architecture design and discuss best practices to enable and automate these over time.

Register for this free virtual event to receive first access to the Architecting a Cloud Security Guardrails Model report, written by Dave Shackleford.

Join in on the action! Connect with fellow attendees and our event chairs in the SANS Solutions Forum Interactive Slack Workspace. Sign in once and you'll be all set for the rest our of 2023 Solutions Forums. We'll see you there!


Thank You to Our Sponsor


Agenda | June 23, 2023 | 10:30AM - 11:45AM EDT

Timeline (EDT)Session Details
10:30AMWelcome & Opening Remarks
Dave Shackleford, Event Chair, SANS Institute
11:00AMBalancing Speed and Security: Shift Left with Runtime Insights

Cloud-native app complexity poses challenges for organizations, with security teams tasked with protecting across containerized workloads, cloud services, and identities. Cloud security programs take either a shift-left or shield-right approach. Shift-left focuses on secure design and pre-release testing, while shield-right emphasizes runtime security mechanisms to detect and respond to events. Both are essential for cybersecurity maturity. Shift-left activities serve as guardrails and can be "designed-in" through policy-as-code, balancing speed and security in DevOps. In this session, we will show you how to identify environmental drifts, prioritize weaknesses, and minimize friction for dev teams with runtime insights. Learn why preventative controls are essential, how runtime context improves vulnerability and posture management, and how to implement policy-as-code approaches for stronger security controls.

Nigel Douglas, Sr. Technical Marketing Manager, Sysdig

Pawan Shankar, Sr. Product Marketing Manager, Sysdig

11:30AMClosing Remarks
Dave Shackleford, Event Chair, SANS Institute