 Thank you and welcome everyone. I want to start off by thank you for joining this session and I want to thank the Linux Foundation for inviting us to talk about some of the latest research that Palo Alto Networks has done on not just the expansion of cloud adoption but also how it's impacted cloud security during the COVID-19 pandemic. I am Jason, I work with the product marketing team at Palo Alto Networks. Focus primarily on cloud-native security and here with me I have Nathaniel. Nathaniel, you want to introduce yourself? Certainly, thank you. Hi, I'm Nathaniel. I'm a principal researcher with Unit 42 within Palo Alto Networks. The picture is no longer meeting anymore. The beard's gone, sorry everybody. But I just want to say thank you for being part of the Linux Foundation. Linux is an amazing operating system. I've been near and dear to my heart for several, several years. So happy to be here. Awesome, so today's agenda is we're going to cover some cloud adoption trends and then also highlight how those cloud adoption trends have impacted the cloud security posture, especially during the COVID-19 pandemic. Once we identify those two key things we're going to talk about what has worked for some organizations, what did not work, especially for those organizations who rapidly expanded their cloud adoption. We're going to close out with some key takeaways and recommendations when it comes to your cloud data journey. But before getting started with some of the content let's actually cover what kind of research are we even talking about? There's actually two research pieces that Palo Alto Networks has done. The first I will cover which is our state of cloud data security. The 2022 edition as part of Prisma Cloud's annual survey covers the dates of June 2020 to June 2021, those 12 months span. And we covered just some practices and technologies that companies use to manage cloud data security. When we do this research we survey 3,000 professionals that could be cloud architects, DevOps leads, people on the InfoSec team and they span across globally. And we're not really focused in on any particular vertical. We've taken research from companies of all sizes and verticals. I'm going to hand it off to Nathaniel to talk about some of the research that he's actually worked very closely with. Yeah, cool. Within Unit 42 we do a cloud threat report and we do this bi-annually. So we'll do one in the first half of the year. So this is a report that we're going to be covering specifically in this webinar is specifically the first half of 2021. And what we specifically looked at in here is we looked at real data from real environments. And we looked at their impact specifically pre-COVID and then post in this aspect the Delta variant wave of COVID-19. And we wanted to look at the correlations between cloud growth and then security trends that may or may not be correlative with that growth and that impact. It was a great report. We'll give you links at the end of this webinar for both of these reports. Yeah, awesome stuff. But anyway, thanks for reminding me at the end of this webinar we'll actually provide you with QR codes as well as links so you can get access to these reports. But before we're doing that let's actually dive in and talk about some of the highlights of these reports beginning with cloud adoption trends during the pandemic. One of the things that we noticed in Palo Alto Networks was that based on the research over that 12 month period like cloud is actually shifting to become the dominant compute model. Why is that? Well, for starters there's 3,000 experts that we surveyed on average in 2020 they were hosting less than half of their workloads in the cloud. And they actually shifted to the majority of workloads running in cloud arise up to 59% of their workloads. Now that doesn't necessarily mean that every organization we talk to is hosting majority of the workloads in the cloud. So we also took that into consideration and found that of the companies we talked to 69% of those experts said that they're hosting a majority of their workloads in the cloud which is before it was less than a third of those organizations were hosting more than half of the workloads in the cloud. But globally speaking we found that there was a 25% increase in cloud workload adoption year over year. So we're seeing that a lot of organizations have found a lot of strategic benefit out of the cloud. And in fact, they're taking on new approaches to their cloud native application development and as well as new types of workload architectures. You know, in the data center we rely on bare metal and virtual machines. Sometimes we talk about containers in a private data center but as we span into the cloud you can see that organizations are taking on new types of compute architectures. So they still have some VMs, containers are rapidly expanding. They're also adopting containers as a service as well as paths and serverless functions. One of the most interesting points that we found was that there was a massive increase in the adoption of paths and serverless functions meaning that this probably helped organizations build and deploy applications faster. And we found this. And one of the reasons you see that expansion of containers of service and passwords and serverless functions is because majority of the drivers to the cloud was because they want to modernize applications. They want to expand them into microservices, independent services, probably adopt DevOps as part of their cloud strategy. They also want to maintain competitiveness in the market and a little over half of the organizations that they just simply want to reduce that infrastructure overhead. Now there are some other reasons that you'll see sort of faded here such as maintaining compliance and some were just already born in the cloud. So with that said, Nathaniel, I think you have some information to share on these cloud adoption trends and how they really correlate to security outcomes. Yeah, most certainly. So as we were just kind of touching base there with what are the types of services that we see being adopted within the cloud. And this next slide here, we're going to see that we looked within the report itself within our cloud threat report as we looked at two basic models. We wanted to see how much money was being spent in cloud and then we wanted to do that correlative capabilities with how many security incidents we are finding within cloud workloads as we're moving. So there's a couple of lines here. The blue line is going to be our security incidents that we found within cloud environments. And the green line is going to be the cloud growth rate or how much money has been spent in cloud industry. And this is all per synergy data resources that we grab at the time. Our data started back around Octoberish timeframe of 2019 and then went through again the Octoberish timeframe of 2020. So this is the synergy data that we found from this. So around the December timeframe, obviously, COVID was announced, WHO said that there was a mysterious new coronavirus that was out there. And then within January, February, March, skids hit, right? Everybody stopped working. People were like, are we going to get this major pandemic? We know what's going to happen. We saw this reflect within cloud spending. So the green line on the bottom, it was above 30%, we were about 34% in that range. And then we dropped just below 30% to about 29% right around in that first quarter of 2020. Correlatedly, we saw that the number of security incidences or number of workloads that were being created with misconfigured cloud infrastructure also had a dramatic drop as well. People were not deploying in cloud environments. Then we started seeing an uptake because people were starting to realize we need to get this economy going again. We got to get people back to work. How are we going to do that? We need to put them online because of number of reasons it can't be in offices in close quarters anymore. So everything kind of went online. Then we saw cloud spending still going down but now security incidents started rising or systems that were created with security misconfigurations. It dropped down to about 43% and now it dropped above about 51% that very next quarter. So a pretty significant increase. And then it was kind of on a steady increase. And then eventually people like, we need to support cloud and then we started bringing up the cloud. So it kind of a very interesting correlative capability that we were looking at there. If we go to the next slide, we wanted to look at the types of industries specifically that we saw the biggest majority of growth in cloud workloads. Across the global average, there's about a 25% increase pre-COVID to post Delta variant. And there's five industries that we saw the most growth in at least the top five here. Should it be surprising that manufacturing in this case chemical manufacturing and government saw the highest amount of cloud workload development or growth about 83% probably closely with pharma. Obviously pharmaceuticals being very important during a pandemic. Also wholesale and insurance also rising. Interesting correlative numbers or at least as statistics in that particular aspect. Wholesale being like who's going to actually, you don't go buy things. Then we wanted to look at, okay. So now these organizations, all these industries are going to the cloud. What is inside of those cloud workloads themselves? What we found was kind of surprising was that 64% of the data that we were able to see within all of the industries, all of the organizations that we have a visibility into, we found that 64% of those organizations maintain some sort of sensitive information. We break that sensitive information down into two pieces. We found that 69% of that data was primarily PII data. So your person name, birthdays, social security numbers, things of that nature. We also found that of that 64%, 34% of that data was intellectual property, like actual source code information, infrastructure as code templates. Information that would be sensitive to the actual running fundamental operation, productivity of organizations that they're operating. So there's not just no, nothing in there. I mean, it's significant types of information that were in there. So doing the security correlation to it, we know that there's sensitive information up there. What were those industries that had the highest rate of security incidences or security misconfigurations within their new cloud workloads that they were creating? And again, this is pre COVID and then post Delta variant that we took this information. We found that retail industry had the largest amount of security misconfigurations within their cloud workloads and that grew by 402%. And again, we think about retail coming online, new systems coming up, have to scale dynamically and rapidly to make these new systems meet demand. And in that creation of those new systems, they just put one instance of a misconfiguration and it just spread like wildfire through the rest of that population of that say infrastructure as code release. We also saw the direct, if we're gonna go back to the slide, we also saw that direct correlation with manufacturing government and pharma and life sciences. If we recall in the previous slide, they had roughly 83 and 81% growth in cloud workloads during that time. They also had a 230% increase in the number of security incidences and then 205% in government. Interesting, if you go all the way down to the bottom, look at wholesale, which is kind of a big contrast between retail and wholesale, even though they're kind of almost in the same family, wholesale grew by roughly 73% in total cloud workloads, but they only saw a total of 17% increase in the number of security misconfigurations during that time. And we kind of make a surmise within our report as to why that may be. Wholesale is not foreign to cloud infrastructure or cloud workloads. They're already there, they've already been present, they've already doing all their infrastructure. So the ability to scale dramatically and maintain security on top of that didn't seem to be such a big issue or something like government or manufacturing may not have had that cloud workload not lead your security bandwidth to begin with. So some interesting insights come into that. All right, thanks, Mike. So also within the Cloud Threat Report, we wanted to take a look at who is targeting or attacking specific cloud infrastructure and cloud environments. One of the biggest offenders of cloud incident compromise is due to cryptocurrency, crypto mining, namely Monero or Ethereum mining. Big craze, and why is that? So we took a look into the correlative relationship between market price, which is the yellow line here, this is a Bitcoin market price, and then the number of instances or configurations we saw within cloud environments connecting to mining pools in that environment. So interesting insight. If you're interested in that, please go check out the report. This side specifically is very interesting to look at because we see a couple of spikes here. On the far left here in 2018, we see both Google searches, which is the blue line, and then the market price, which is the yellow line, and they both peak really, really high. This is that fear of missing out trend that you may hear of within market trends or Wall Street's not unsusceptible to this sort of motivation. Google trends go up, interest goes up, price goes up, and then it drops down pretty significantly. Then you see the market price going up as the Google searches kind of stayed the same when the WHO declared the pandemic drop again in that price. So a very interesting chart, something that we were looking at as to what would be the targeting factor of a lot of cloud organizations. And this is kind of a neat slide that kind of puts that all together. It's pretty cool stuff. Awesome. So next we're going to cover what worked and what did not work for some of those organizations who expanded their cloud investments. I actually just want to take a pause, really quick reminder one. If you see anything that captured your interest, do not hesitate to go ahead and put it in the chat or in the Q and A, and we'll definitely address that during the Q and A session. So moving back into the content here, we'll cover what worked and what didn't work. So we took three different categories and sort of took the organization and put them into these buckets. Starting on the far left side, we call modern adopters. These were organizations who had sort of a steady cloud expansion, not a very high priority for the cloud. They were like semi invested in the cloud. In the middle, we have rapid expanders. These were organizations who saw a lot of strategic and tactical value in the cloud and therefore just really bolster their way through into the cloud and rapidly expanded and adopted and probably took on some new unique approaches. And then finally we have established users. We see these as, they're already kind of like in the cloud, they're heavily invested. Sometimes they're just already born in the cloud, but while it caused a higher priority, they probably didn't really expand too much because they're already in there. When we talk about the expansion and what worked, what didn't work, we're gonna focus on one of these three buckets. And if you wanted to guess, it's the middle one. We're gonna talk about rapid expanders and what worked and what did not work for them. And when we talk about this research, there's actually kind of two sort of things that we saw with these adopters. In the rapid expander, we found some were quite successful, meaning they expanded their workloads and they wanna take on more in the future. Whereas there were some others who tried to rapidly expand and it didn't work out so well. They actually found it kind of challenging. Sometimes they saw it as a loss for them and said we're actually going to not add more workloads or decrease our workload count in the cloud. The division of that is 74% of the rapid expanders were considered successful. And then the remainder 26% were the ones who found it kind of challenging to expand. And the ones who found it challenging declared that over the next two years on average, they're probably gonna either decrease or maintain their cloud adoption by 26%. And then the rapid expanders said, no, we want to keep pushing more. This is really working out for us. So it's a pretty fair split, but what in the heck happened? Well, sorry, it's us moving forward. There's actually about four or five reasons maybe why this happened. And we kind of broke that information down on this report. One is that they had different types of strategies the way they approached the cloud. They some maintained a lot of different tools, including security tools when expanding the cloud. The challengers or the ones who found it challenging, it turned out they had six or more different vendors and tools that they were using to manage their cloud and cloud security. Whereas if you look at the right side, you'll see that a lot of teams found the, they said, we want to simplify things. We want to consolidate our tools and vendors that we run in the cloud. So majority on the right side actually ran between one to like five vendors or fewer in the cloud. A pretty interesting take there. Another thing we found was the focus on automating processes and tasks. If you look at the rapid expanding challenging adoption side on the left side of those two bars, you'll notice that about 88% in total had low to moderate automation, not very invested in automating tasks in the cloud. Whereas the very successful rapid adopters, so they were going to actually go all in or invest heavily into automation. It was sort of an inflection between these two. And I could just look at Nathaniel and just tell that he has, he has picked up on a pattern. There's something he wants to say about it. Nathaniel, why don't you go and tell us about these two trends here? Yeah, most certainly. So if we go back and we look at what makes security successful in environments, it is simplicity for first and foremost. If we can make something simple and easily understandable and automated in the same time, we will increase the security capability of that organization. If we get rid of all the number of vendors and we kind of go to that single pane like last sort of look, it is easier to manage. It's easier to maintain and it's an easier to maintain oversight over that infrastructure that you have developed. And if you're able to take and harness the power of cloud, which is fast and dynamic, if we can automate that and not just simply automate it, but highly automate it, then we will dramatically increase our security. So this quote was very interesting. Something that we've been looking at within my team specifically is that if we don't have automation, the sudden increases in cloud workloads, that dynamic scalability, that horizontal push to meet demand, will lead to dramatic increases in security incidents. And why is that specifically is because of that infrastructure as code template, those serverless configurations, if those things are insecure to begin with and they have to radically or dramatically expand in order to meet demand, that one vulnerability or that one misconfiguration will be populated thousands of times along the lifespan in order to meet that demand. So it makes just security completely overwhelming for organizations. Within our report, specifically, we looked at what are the top security misconfigurations that we see within environments. And this is actually pretty interesting. It's actually, there's two misconfigurations in here and one got to watch out scary moment. So on the left here, the number one security misconfiguration that we found within cloud environments is that they failed to encrypt SQL databases. May sound simple, just in word terminology, but we have to think about what is inside of those SQL databases. If we think back to those previous slides that we saw, 64% of organizations had some sort of sensitive information inside of their cloud workloads. And of that 69%, 64%, 69% was PII and 34% was intellectual property that's stored inside of databases. So if they're unencrypted and attacker is able to get into that cloud environment and it's not encrypted, it's just kind of like, here's the key is just go take whatever you can find inside of it. So encrypting SQL databases is very, very important for us. And it's a really easy lift. Cloud service providers, whatever one you're using or if you're using multiple cloud service providers give you encryption for free. Might as well just take advantage of that. The middle column here is kind of the scary gotcha is that when we saw the correlative capability of cloud workloads growing, attackers also saw that. And we saw 185% increase in the number of malicious port scans directed towards cloud environments during that same period of time pre-COVID to post delta variant. So attackers are seeing this and is like, oh, something's gotta be open. Something has to be misconfigured. So they're looking for it. And then they're also looking for those unencrypted files. Things like this, the last point, 149% of organizations saw an increase in unencrypted database snapshots. These are the things that haven't turned on yet that may be ready to turn on to meet demand. And if they're not encrypted at rest or if they're not snapshot again, they're just vulnerable for attackers to take those. Awesome, yeah, thanks for those insights, Nathaniel. So just a few more reasons that there were some, or what a few more differences we found between those different types of rapid expanders was the amount of effort they put into reducing team friction. We found that the less successful half of them actually had a lot of friction. And when we say friction, what do we mean specifically? Well, as we've highlighted earlier in the slides, cloud adoption has expanded. And one of the reasons for that expansion is application modernization. Become a highly developer focused, incorporating DevOps into cloud infrastructure and cloud workload deployments. Those teams want to move really fast. Now on the flip side, the security team says we want to make sure this is really secure. And when the two teams work in the cloud together, if security is not automated and aligned to the way that developers and DevOps teams work, it creates a lot of friction. So those who paid attention and actually focused on reducing that friction between security and Dev and DevOps, they actually found a lot of success. In fact, we see 67% of them reported low friction within their organization as successful cloud expansions. This goes hand in hand with the previous point. Part of lowering the friction is incorporating DevSecOps principles. Shifting security left, what does that mean? Well, we're talking about shifting security left in the software development life cycle. As your application developers code up their applications and configurations, they build it and deploy it with CI CD processes, CI CD pipelines, and then you run it or run it and move it to production. That creates the circle of the application life cycle or the software development life cycle. Most of time, security actually typically runs at runtime. We say, okay, it's in production, let's secure it. But by shifting it further left in that software development life cycle, saying anytime we build applications or we start to deploy, let's actually integrate into CI CD pipelines and run cybersecurity checks there. Now, bringing it back to the research, now the organizations who had low DevSecOps, which we found that 49% of the challenging adopters really found that nearly majority of them had low DevSecOps principles incorporated into their security. Whereas actually the flip side majority said, no, we're going all in on DevSecOps. They had very high sophisticated DevSecOps practices across their application development life cycle. That's one thing that led to success during the cloud adoption. And finally, the organizations who were most successful built, had a strategy and they had a lot of reasons to move to the cloud. If you look on the far right side, you can see that they were very confident in that our strategy is to modernize our cloud applications, maintain competitiveness, be part of a wider digital transformation. Whereas on the left side of this graphic here, we're seeing that they kind of shied away from reasons. Yes, there was here and there some application modernization, reduce infrastructure overhead, but they kind of shied away a little bit and just kind of said, we're gonna move to the cloud just because we're supposed to do that. So taking have a strategy and purpose behind moving to the cloud is one way to ensure success. So just to kind of recap on all these things. Rapidly expand to the cloud. Top four things to think about is simplify, consolidate your tool sets and vendor sets, incorporate automation, everything you can do including security by incorporating DevSecOps and shifting left. And of course having a strategy behind your cloud migration or your expansion. These are ways you can focus and ensure more successful efforts in your cloud expansion. So what can we learn from these findings here? So some key takeaways like the highlight is that in our state of cloud data security research organizations we spoke to, we found out that those who had DevSecOps incorporated into their cloud data security said that they were seven times more likely to have a strong or very strong security posture. And then there were also nine times more likely to have low levels of security friction. Remember reducing that friction between security and DevOps. Another kind of interesting takeaway is sort of the correlation between like a very strong security posture as well as low friction. If you have sort of low levels of, sorry, if you have like low levels of security friction or low levels of automation, we see that there is less likely to have low security friction or also less likely to have a strong security posture. But as we shift more to the right side of the screen as we progress to the right, you notice as we increase the level of automation within the cloud, not just cloud tools and deployment, but also cloud security automation, we found out that they were able to, very likely to increase both their security posture as well as lower that security friction. So something kind of interesting there to take away. We also found that as security postures became stronger, that could be an effort of stronger automation, it actually came out with better business outcomes. We see a surge in increased productivity as well as satisfaction across organizations who are end users of the cloud. So just to sort of wrap up here, what we just highlighted last few slides that if you increase your security, your automation and reduce friction, it can actually lead to better business outcomes, more satisfied application development at DevOps teams. Nathaniel, what kind of takeaways do you have from this research? Yeah, definitely a lot of really good takeaways that came from this doing the integration, getting your DevOps in sync with your security teams is critical. We find that too within the digital transformation strategy. If you are looking at your security posture for your cloud environment, and if you don't have a specific strategy on how you want to create that cloud platform from the very beginning with a security component in mind, then it's gonna be very, very difficult to maintain that security posture. So make sure that you have a strategy that how are you going to transform from an on-prem environment into that cloud environment? How are you going to bring your dev environment team and your security environment team together to create that cloud platform? You can make that strategy more cohesive. It's gonna have a lot more success. You're also gonna automate more. So this is the point number two. If you can create that automation, highly automate your DevOps and you can highly automate your security into that DevOps, you create that DevSecOps principle, very key to creating a successful cloud environment. And as I mentioned earlier, that simplification. How can we simplify the usage of cloud by making it more integrated, more automated, making those relationships of DevOps and security teams together? How can we simplify that relationship to make the tool sets more efficient? They're all key aspects. I wanted to go over like the five pillars or basic levels that we have or that we think creates a cloud security excellent framework. So starting with that base foundation, what we're looking for is we want to ensure that we gain visibility into our cloud environment itself. See what's out there. Make sure we know and document that information. Once we have that, we can create and set up guardrails. We can say, what should happen? What should not happen? What users could access this? What users shouldn't access this? Set up those guardrails to make sure that you can see and are notified and alerted when something is running amiss. We want to set up some sort of standard. I want to adopt a standard. There are a number of standards that you can follow. One that we typically try to push pretty heavily. It's open source standard. It's from the center of internet security. They have a lot of cloud benchmarks. Be that whatever cloud platform you're using, AWS, GCP or Google or Azure and others as well, IBM, Oracle, et cetera. Make sure that you're adopting a standard that makes sense for you. We also want to ensure that your security engineers, the people who are managing and operating the security tools that are monitoring your cloud environment, they know how to code. They don't know how to code. Ensure that you're training them how to code because of this highly automated capability and push that cloud is making in our environments. Being able to have your security team code effectively is a surefire win that you'll be able to do something very, very successful. And that pinnacle, the piece on the top, is if we can satisfy that visibility, set those guardrails, have those standards that we're upholding ourselves to. And we have engineers who are capable of operating in a highly automated, highly dynamic sort of fashion. We can ensure that that all influences the dev ops, the creation process of our clouds to make sure that our cloud is as secure as it can be from as early as it can be, that shift left mentality. They all work together to create that excellence in security. So kind of with that, we're going to move into the Q&A portion. Yeah, there's one question that came through already that I want to touch base on right away because we touched it earlier and it's near and dear to my heart, so I'm going to hit it first. Did you observe a COVID impact on cryptocurrency in any recognizable way? We did. So if we direct yourselves to the blog itself, which will give you the links to that, should we hand up those links just next slide? Cool, use a QR code, just use your phone or go to these particular links. And you'll see on the right column there, which is their cloud front report, if you go to page 11 and page 12 within that, we do have some interesting trends when it comes to market prices of specifically Monero, which we consider kind of a criminal coin, because it's just used so heavily within the crypto mining operations. It's not that it's a bad coin or poorly secured or anything like that, it's used pretty by criminals more often. We do find specific trends within how the pandemic impacted mining operations. Surprisingly enough, the biggest trend that we saw was that attackers took the holidays off. They actually didn't do a whole lot during December 24th through January 3rd of 2020 to January 3rd, 2021. We did find that when there were events, specifically in Brazil, when Brazil had their first Delta variant push, there was a major decrease in the number of crypto mining operations. And then it started ramping up, ramping up quite a bit. So when Johnson and Johnson first got approved for their FDA submission was actually for their vaccine, it was actually the peak of crypto mining operations during that time. And then when schools were allowed to reopen, it's interesting we saw another flat portion of this. We're not exactly sure if it's just actors, bored because they're not at school or not at work. So they just ramp up their mining operations or what? But when things were allowed to start reopening again, sort of at the end of February, everything, a lot of the mining operations kind of tapered off in an interesting way, kind of a cool correlation there. All right, let's see here. A couple of security questions. What security steps can be taken to ensure my internal cloud infrastructure is not publicly exposed? And what should we do first? Great question. So with this, we talked about Jason talked about pretty specifically that shift left principle. And that shifting left is typically used with things like infrastructure as code templates, whether you're using Kubernetes or Terraform or something of that nature. And you're using code to create your cloud infrastructure. And using, getting your infrastructure as code templates scanned within a check off, which is Palo Alto's bridge cruise tool. It's called check off. It's open source. You can scan all of your environments, all of your infrastructure as code templates, ensure that you don't have anything publicly exposed that way. You can build that directly into your CICP pipeline, be that through Jenkins or Circle or what have you. And be able to stop those exposures before they go out. That's probably the best thing that I would say to do. Yeah, something I see that kind of goes hand in hand with that question is how can I apply DevSecOps or secure the software development lifecycle in an arm? I can take on that. So actually, you know, they all just touched on something pretty important, which is the infrastructure as code security. You know, by shifting left, you know, the infrastructure workloads are all being not always, but a lot of times being deployed via codified infrastructure and policies. That's that's what really enables that automation that developer DevOp seems really figured out. And, you know, you kind of incorporate security into that. You know, that they all mentioned the check off tool that can be offered through Bridge Crew. You know, other key components or other security controls you may want to think about is identifying vulnerabilities as early as possible in the software development lifecycle. Fact is, aside from code, looking at container images, VM images and even serverless functions before they're running, you should really have ways to look through the container image, container repositories, look for vulnerabilities on those images. If there's vulnerabilities that are critical or, you know, high or critical vulnerabilities, you know, you become alerted on those things or even have actionable controls that can prevent those images from being deployed inside your cloud and be able to, like for instance, if you detect, say, a log for J, a log for shell vulnerability inside of, you know, one of your container images or VM images, you know, integrate that into your CICD tools to check and prevent those from being deployed. And, you know, by the time things hit runtime or deployed in production, you would have less vulnerabilities running in there. I think other ways you can incorporate this, sometimes we talk about network security or segmentation. Segmentation is one of the best practices by enforcing least privilege access between workloads, cloud infrastructure. You know, a lot of traditionally, we wait until things are running to start writing policy, saying Dev cannot talk to prod. Instead of doing that, you can also shift that left and incorporate as part of your CICD pipeline. So go ahead and write your intended network security policy and so that when applications are deployed, they come when, you know, network segmentation policies are already embedded. Those are just a couple of ways I think of that you can incorporate DevSecOps into your security practices. Here's another question. What advice do you have to facilitate the integration of a security team with an already existing DevOps team? Having worked both in a security operation center and I work closely with DevOps, the biggest thing is to simply establish communication. Make sure that that communication pathway is in there. If we can communicate with each other as teams, then we get a common goal associated with what it is we're trying to do. Again, going back to that digital transformation strategy, if we want to create the strategy of what security should look like and creating secure infrastructure to begin with, we really want to make sure that the security team is not stepping on the toes of your DevOps team. DevOps engineers typically like to move fast and create new systems dynamically. Very quickly, they like to push the boundaries of what their technology can provide and they want to exploit that, which is great. Security teams should not get in the way of that push to get new infrastructure out quickly and efficiently. What we need to do is find a smarter way, more automated way to make that security more tangible, more working with the DevOps teams together. So having your security team, even if it's just the manager or like a lead security engineer, work with your DevOps team specifically and say, what are the CI CD tools that you're using? Are you using Jenkins? Are you using Alasio or how are you running these particular pieces? Can we integrate a security check into the beginning? Once that code is first produced, let's just do a quick scan on it. If it hits, great. If it's fine and everything is fine and it keeps moving on, if there is an issue that is found, let's quickly resolve that. Number of tools like Bridge Crew will be able to automatically correct those tools or those issues or those findings as they come through. There's a lot of new, really insightful, awesome DevOps security engineering capabilities that are coming out that you just need to just plug it into the system and make sure the two teams can work together and have insight and visibility into what each other are doing and for why specifically. I would add on to that. I'd say, review what kind of tools you have in place so they enable you to integrate with DevOps tools like Jenkins, Alasio, and so on. If you don't and maybe you need new ones, get the DevOps teams involved in the decision-making process. Let them influence your security adoption decisions. I've seen in any cases of time where they're not involved at all and things just kind of fall apart because DevOps was informed. They learned that the things really did not fit into the way that they work with building and deploying cloud infrastructure. Yeah, nobody likes to get told no and security teams very easily. They can put that no hammer down really fast and that's a surefire way to just stop conversation and that's not what we're looking for. We want harmony, right? We want team cohesiveness. DevOps and security should work together. DevSecOps should be, well, they may not be the best term but still it's a really good term to use. So, cool. I think that's it, isn't it? Yeah, I think so. Okay, cool. So we'll wrap up. So, check out the two reports that we highlighted on today. QR codes are there as well as links in the chat. I want to thank you all for joining this webinar session again and also the folks at Lenox Foundation greatly appreciate you having a song, inviting us on to come on and talk about some of the research with regards to COVID-19 pandemic and how it impacted cloud expansions and cloud security. So, thanks again. Thank you so much, have a good one. Awesome, thank you so much Jason and Daniel for your time today and thanks everyone for joining us. Just a quick reminder that this recording will be up on the Lenox Foundation's YouTube page later today. We hope you'll join us for future webinars. Thank you so much.