This session will leverage the experience of working with 100 leading cloud adopters to implement cloud security strategies and explain common approaches learned across that customer base, including a discussion of cloud security program lifecycles, implementation, and some best practices and lessons learned.
The conversation shifts to the vendor market from cloud infrastructure security to the operating system and application stack. CSPM has given way to CNAPP, via the inclusion of CWPP and CIEM and what this means for customers.
Changes in cloud adoption lead to the natural extension into the API layer, exploring the most significant challenges to keep critical APIs secure. Top API attack vectors will be identified using real-world data breach examples and how to think about contextual defense against API breaches.
This session will cover how leading enterprises are approaching cloud security, and how cloud security is expanding beyond the infrastructure layer. Led by an experienced practitioner with firsthand cloud security experience, attendees will gain a deeper understanding of the impact of this change and how cloud security is merging with application security via API-centric approaches and microservice architecture. Key takeaways will be understanding why API security is where these two programs intersect, and how to think about merging them for better security.
Key takeaways will include:
- Understanding common approaches to modern cloud and API security strategies
- Approaches to managing large volumes of infrastructure and data around cloud security, and branching that into application layers
- Understanding the top risks and attack vectors for APIs