The Shifting Sands of Security and Compliance in the Cloud
10-23, 18:25–18:30 (US/Eastern), Main Room

Cloud Custodian is an open source cloud security, governance, and management tool with powerful integrations with AWS cloud services that allows for quick response times to address a wide array of compliance, governance, and security issues. As public cloud adoption increases across industries, the need to be able to properly secure and govern cloud resources is more important than ever. This session will show how to react quickly to changing security and compliance standards in reaction to security bulletins published by public cloud providers in a serverless and event based process.

Cloud Custodian and its wide array of tools are used industry wide and provide great value in allowing users to create user defined policies that are powerful, extensible, and incredibly customizable. These policies can react in an event based manner allowing for low overhead and a peace of mind. This session will walk through how to take a security bulletin provided by a public cloud provider and translate it into policy, showing the complete end to end lifecycle of how to react quickly and efficiently.
Cloud Custodian supports all three major public clouds, AWS, Azure, and GCP, with alpha support for Kubernetes, allowing users to take advantage of a common vocabulary, tools, and workflow when addressing cloud governance needs across a wide array of use cases.

Sonny Shi is a Staff Engineer at Stacklet, working on the open source Cloud Native Sandbox Project Cloud Custodian and the Stacklet Platform.