Concentrating on the Basics

CF: Are you seeing any new or emerging threats, or are the main threats still the basics, like phishing?

Orsi: We still have the basics to get to the end customer, the mutual customers with our partners. That is why the Level 1 MSSP program has been so successful and beating expectations. Level 1 managed security is actually a standard now. It’s a way to define 10 key areas in AWS that should be monitored 24/7 and exactly how to monitor them and what logs to look for. And a lot of that is the basics. Make sure that somebody is responding to a specific event type … here are the characteristics of an event type that should be considered high severity versus medium, versus low. So some of the basics still exist. There are, of course, reasons why we’re looking at containers. The adoption of containers and modern application design, thankfully, has been amazing. It’s been beyond expectation. I really love to see the builders out there use those. But yeah, I think getting into the runtime environment recently has been a great step forward for us and a lot of our our partners that I work with on the access point name (APN) — they’re there with us. They’re with us helping enrich those findings and really understand container escapes, container elevated permission access, to make sure that code is staying where it should be running and not trying to go outside to the orchestration layer. It’s been really important, I believe, and it’s just a product of adoption of containerization in general.