EP140 System Hardening at Google Scale: New Challenges, New Solutions
Cloud Security Podcast by Google · Anton A Chuvakin
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
-
Andrew Hoying, Senior Security Engineering Manager @ Google
Topics:
-
What is different about system hardening today vs 20 years ago?
-
Also, what is special about hardening systems at Google massive scale?
-
Can I just apply CIS templates and be done with it?
-
Part of hardening has to be following up with developers after they have un-hardened things – how do we operationalize that at scale without getting too much in the way of productivity?
-
A part of hardening has got to be responding to new regulation and compliance regimes, how do you incorporate new controls and stay responsive to the changing world around us?
-
Are there cases where we have taken lessons from hardening at scale and converted those into product improvements?
-
What metrics do you track to keep your teams moving, and what metrics do your leads look at to understand how you're doing? [Spoiler: the answer here is VERY fun!]
Resources: