Just as DevOps is more than just CI/CD tooling, DevSecOps is more than simply scanning code for vulnerabilities in your deployment pipeline. Creating a culture where every engineer is invested in reducing risk and values security can be challenging. In this panel session, we’ll chat with engineering leaders from security, development, and operations to learn how they’re fostering a culture of security in their organizations.

Stratus Red Team is a project that allows you to easily reproduce, understand, and detect common attack techniques in the cloud. As a self-contained tool, you can also use it to validate your threat detection logic. In this video, Christophe walks through the use of Stratus Red Team to reproduce a common AWS attack.

In this episode Jb and Izar are joined by David Haber, CEO of Lakera, who focuses on securing LLMs and their use. We explore topics like prompt injection and their impact on security, safety and trust, and we look at the Gandalf experiment ran by Lakera. We touch on the recently drafted OWASP Top 10 on LLM project, and have a great discussion on what LLMs are really doing and their potential as tools and targets.

Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events. This month, we put the Spotlight on Application Security Management’s protection capabilities..

In this video we continue our examination of Linux namespaces by looking at some details of how the PID namespace can be used to isolate a container’s view of processes running on the host, and how this feature can be used for troubleshooting container problems. To learn more read our blog on Datadog’s Security Labs site.

Vulnerability Management always starts from… a list of vulnerabilities. But where does this list come from? How do you know what software an organization is using? SBOM is a way to describe all this. It’s a data model, a format, used by a broad ecosystem helping manage vulnerabilities and more.

Vulnerability Prioritization: Looking at CVSSv4.

Account takeover happens when someone tries to steal a user account. Any service offering authentication can face it since an attacker just has to test pairs of users and passwords. Zack Allen joins us to share his experience protecting organizations that faced massive account take over, describes the criminal and financial motivation of attackers, their methods to hide, and how they move from a database leak to a compromised account. We show the tools that attackers most commonly use. Eventually, we discuss how to detect and protect your organization around account take over.

00:00 Intro: welcome Chris!

03:05 Trends in cloud security, reflected at fwd:cloudsec

05:00 fwd:cloudsec submissions - more practitioners needed!

10:40 Blurring the lines: what does that practically means?

19:30 Cloud service providers maturity: their security posture evolved

24:30 Public Cloud Security Breaches

30:01 Public Cloud Security Breaches demo

32:35 the Last Pass attack deep dive

38:00 Identify the crown jewels!

One of the technologies used by Linux containers to provide an isolated environment, is namespaces. They are used to provide a contained process with an isolated view of different Linux resources. In this video we look at some of the details of how Linux namespaces work and then take a more detailed look at the mount namespace which isolates a processes' view of its filesystem.