Where are you using WebAssembly?
Wasm promises to let developers build once and run anywhere. Are you using it yet?
At work, for production apps
At work, but not for production apps
I don’t use WebAssembly but expect to when the technology matures
I have no plans to use WebAssembly
No plans and I get mad whenever I see the buzzword
Cloud Native Ecosystem / Security

Cloud Native Security Is No Joke with Seth Meyers

NBC Late Night's Seth Meyers and Palo Alto Network's Founder and CTO Nir Zuk talk what cloud native means for organizations.
Feb 15th, 2021 3:00pm by and
Featued image for: Cloud Native Security Is No Joke with Seth Meyers

This edition of The New Stack Makers podcast features speakers during Palo Alto Networks’ Cloud Native Security Virtual Event. It kicks off with none other than Seth Meyers, a U.S. Emmy Award-winning comedian of “Late Night with Seth Meyers” and “Saturday Night Live” (SNL), fame and his interview with Palo Alto Networks founder and Chief Technology Officer Nir Zuk.

Meyers began the session by declaring that “much like Nir Zuk, I am a cybersecurity luminary.” He also said he didn’t want to “brag too much” about his accomplishments, but said using your mother’s maiden name to recover passwords was his idea.

Meyers then asked Zuk what cloud native means for organizations, as well as its impact on security management.

For Zuk, it is necessary to first understand that cloud native environments and platforms are first designed for the cloud.

“When we move from on-premise architectures to the cloud, things have to change. If we just do what’s called ‘lift and shift,’ meaning taking whatever you have on-premise and moving it to the cloud, it doesn’t work — it doesn’t, of course, take any advantage of anything in the cloud, it costs a lot of money and so on,” said Zuk. “So, in order to get all the benefits of the cloud, you have to be cloud native. And that applies both to the applications that are being moved and the security that these apply to.”

How Seth Meyers and Guests Learn Cloud Native Security Is No Joke

While there are many obvious reasons to apply the principles of network security to cloud native environments, organizations also often quickly realize that cloud security is different from traditional data center security. How security is deployed and integrated with automated CI/CD pipeline and other DevOps processes are all challenges that must be addressed in order for “network security itself to be cloud native,” said Zuk.

Cloud providers also share responsibility for data protection. “I think that, initially, there was some confusion about who’s responsible for security in the cloud: for example, is my cloud provider… responsible for my security, or am I responsible for my security?” said Zuk. “I think it’s now very clear that it’s a shared responsibility where the cloud provider is responsible for the security of the infrastructure and the application owner is responsible for securing everything beyond the infrastructure, including the operating system, the application, the network and so on.”

Another consideration is “where do you put network security?” said Zuk. “You want to use the language of the cloud versus the language of traditional data centers,” said Zuk. “You don’t want to use IP addresses and port numbers and so on — you want to use workloads and in applications and other terms that you use in the cloud versus traditional data centers.”

Meanwhile, despite the occurrence of many well-publicized security breaches, including, of course, the SolarWinds security attack, there are reasons to remain optimistic about cloud native security practices.

“We’re seeing more and more customers doing the right things, which is taking the same functions that they had in traditional data centers, and finding cloud native ways to do them in cloud security, said Zuk.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Pragma.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.