Head of Cloud-Native Security | System Architect
+10 years of experience in IT security, expert in SELinux
Analyse & consult
The challenge. Project Governance. The environment. Solution choice.
The need of container security
Containerization is the practice of deploying and managing applications and all the dependencies within an isolated environments.
Strategies, practices, & tools to safeguard the containerized applications and the underlying environment from potential cybersecurity threats and vulnerabilities. Plus, continuous monitoring.
Resulting in a solid supply chain security architecture across all layers. E.g.
Infrastructure layer
O.S
Runtime/Platform layer
Network layer
Storage
Application layer
On private and public cloud environments.
0
Trillion
In 2022, year-over-year inquires on CNAPP(Cloud Native Application Protection Platforms) increased 70%.
*Gartner March 2023
Containerization is the practice of deploying and managing applications and all the dependencies within an isolated environments.
Strategies, practices, & tools to safeguard the containerized applications and the underlying environment from potential cybersecurity threats and vulnerabilities. Plus, continuous monitoring.
Resulting in a solid supply chain security architecture across all layers. E.g.
Infrastructure layer
O.S
Runtime/Platform layer
Network layer
Storage
Application layer
On private and public cloud environments.
0
Trillion
0%
Trillion
In 2022, year-over-year inquires on CNAPP(Cloud Native Application Protection Platforms) increased 70%.
*Gartner March 2023
A raised concern
Container environment are rapidly moving to production
In 2021, less than 40% of global organization ran containerized applications in production. 90% by 2027
The attack surface is increasing
Attackers are targeting the misconfiguration of cloud infrastructure (network, storage, identities and permissions), APIs and the software supply chain itself. Gartner 2023
Knowledge & Awareness
K8s abstracts container networking, trading off the network security.
Tools
Traditional tools do not work with containerized environment. New tools and practices emerge every day.
A raised concern
The need of container security
Container environment are rapidly moving to production
In 2021, less than 40% of global organization ran containerized applications in production.
90% by 2027
The attack surface is increasing
Attackers are targeting the misconfiguration of cloud infrastructure (network, storage, identities and permissions), APIs and the software supply chain itself. Gartner 2023
Knowledge & Awareness
K8s abstracts container networking, trading off the network security.
Tools
Traditional tools do not work with containerized environment. New tools and practices emerge every day.
Cloud Native vs Traditional
Cost of dynamic approach
Cloud Native vs Traditional
Cost of dynamic approach
Sorint’s Tailored Journey
The make it model
Collaborate
All together through specialized technology-related sirlces, and client’s internal team.
Implement
Carrying out the crafted plan. Post and pre-project documentation.
Testing & support
Testing (validating & verification) activities. Continuous flexible support around the clock.
Manage & maintain
Through NGMS sircle, Sorint offers managing and maintaining solutions, for post-project activities.
Striving for nothing short of a perfect solution and a well-defined roadmap
Sorint’s Tailored Journey
The make it model
Analyse & consult
The challenge. Project Governance. The environment. Solution choice.
Collaborate
All together through specialized technology-related sirlces, and client’s internal team.
Implement
Carrying out the crafted plan. Post and pre-project documentation.
Testing & support
Testing (validating & verification) activities. Continuous flexible support around the clock.
Manage & maintain
Through NGMS sircle, Sorint offers managing and maintaining solutions, for post-project activities.
Striving for nothing short of a perfect solution and a well-defined roadmap
Sorint’s Tailored Journey
Instantiated from
Every journey is a unique challenge, but our know-how:
Executed countless projects in the field to prominent entities in Europe, US, and Africa.
For various industries
Customer retention rate
Dedicated sircles specialized in given fields and technologies
Highest certification in various fields and “Training Partner” to some vendors
Expert PM with technical background ensuring project’s objectives are met
Sorint’s Tailored Journey
Instantiated from
Every journey is a unique challenge, but our know-how:
Executed countless projects in the field to prominent entities in Europe, US, and Africa.
For various industries
Customer retention rate
Dedicated sircles specialized in given fields and technologies
Highest certification in various fields and “Training Partner” to some vendors
Expert PM with technical background ensuring project’s objectives are met
Experts involved
Maurizio Pagani
Manuel Salvi
Security Consultant | Software Architect
+10 years of experience in both application and infrastructure design
Cesare Pizzi
Reverse Engineer | Incident Responder | Opensource Developer and Contributor
CTF player, trainer, regular speaker at DEFCON, Insomni’hack, Nullcon
Prestigious certificates
Sircle (departments) involved
Cloud-Native Security
SecOps
Network & Security
NGMS
Shift Security Left(SSL)
DevOps Engineering
Closer Look
Areas and fields of focus
Project-based
- Analysis, architect, consultant, and implement.
- Tailored proposals. Based on project and client’s needs.
Consultancy
- Where our security experts advise and hand-on workshops, training, knowledge, solutions, assess the security posture and much more.
Staff Augmentation
- Offer experts in given fields or technologies.
Closer Look
Areas and field of focus
Project-based
- Analysis, architect, consultant, and implement.
- Tailored proposals. Based on project and client’s needs.
Consultancy
- Where our security experts advise and hand-on workshops, training, knowledge, solutions, assess the security posture and much more.
Staff Augmentation
- Offer experts in given fields or technologies.
Success stories
Delivered by: SORINTians
A Global known Transportation and Aviation Entity
Introducing a New Tool and Integration
1) Challenge
Client faced several challenges with the current endpoint
container security solution. Both on functionality and administrational levels.
- Pre-defined infrastructure.
- Running two OS. Linux and Windows.
2) Goind forward
Analysing and understanding the infrastructure
3) Accepting the challenge – Solution and Implementation
For its centralized administration console and it’s powerful integration with vSphere virtualization systems. It was decided to integrate the infrastructure with Carbon Black Workload Protection.
The solution’s has various pros. E.g.
- Solid compatibility integration with vSphere.
- Enables security operators to handle potential threats and security notification from a centralized console.
Result & delivery (UTD)
- Installed and integrated the new solution.
- Secured and centralized the monitoring of 500 systems with Carbon Black.
- Carried out test through injecting both OS with malware. All successfully identified.
- Alignment workshop with client’s team.
- Single product with no extensions was a major success to client’s needs.
Success stories
Delivered by: SORINTians
A Global known Transportation and Aviation Entity
Introducing a New Tool and Integration
1) Challenge
Client faced several challenges with the current endpoint
container security solution. Both on functionality and administrational levels.
- Pre-defined infrastructure.
- Running two OS. Linux and Windows.
2) Goind forward
Analysing and understanding the infrastructure
3) Accepting the challenge – Solution and Implementation
For its centralized administration console and it’s powerful integration with vSphere virtualization systems. It was decided to integrate the infrastructure with Carbon Black Workload Protection.
The solution’s has various pros. E.g.
- Solid compatibility integration with vSphere.
- Enables security operators to handle potential threats and security notification from a centralized console.
Result & delivery (UTD)
- Installed and integrated the new solution.
- Secured and centralized the monitoring of 500 systems with Carbon Black.
- Carried out test through injecting both OS with malware. All successfully identified.
- Alignment workshop with client’s team.
- Single product with no extensions was a major success to client’s needs.
Related Solutions and Tools by SORINTians
Core IT Services
Remotely manages IT infrastructures ensuring the correct functionality, support for vendor and Open Source products. Reducing response times to new problems. Speed, flexibility, method and technical preparation are part of our DNA.
Digital Technology Services
Advanced set of practices, tools, and technologies that power automation throughout the development, testing, and deployment phases.
