Contact Sales

Steve Van Lare Discusses Cloud Security at Cybersecurity and Cloud Congress


Full Transcript

I'm Steve Van Lare. I'm the Vice President of Engineering at Anjuna. Today, we're going to talk about how to make the cloud the safest place for your business. As we all know, cloud security is broken. We're here at a security conference, we understand that in the cloud, most everybody has copied their security premises and their security protocols from the data center. And the data center assumed a physical perimeter, they were your servers, it was your applications, it was your data center. And that security perimeter ultimately, is what's broken.

When we move to the cloud, and we move to the cloud, that legacy perimeter has disappeared, it is no longer your servers, it's no longer your network, it's no longer your people, I'm in a lot of cases, it's no longer your applications, as you're using various service applications, to do what you need to do. So having a legacy perimeter in place in terms of firewalls, and some of the other protections that we put in place on premise don't necessarily apply when we change the architecture. And we move to the cloud.

So what we're going to talk to today is how to make sure the cloud is the safest place to run your applications and how to make it even safer than on prem. So what you really need to do is we need to move the perimeter from the machines to being around the data so that the perimeter you draw goes around your data and your applications and your people. And you can separate the rest of what's happening in the cloud out from the security that you're trying to manage in what you're doing. So the answer to this is the confidential cloud, and it is the zero trust solution that we've been looking for.


For a long time, all of the cloud vendors have been investing heavily over the last years to create services. To help you run your applications more securely. Confidential cloud brings this all together, it enables you to establish control of your data and your applications so that the policy infrastructure is managed at the application and data use data level instead of being managed at the machine level. It allows you to protect your data, whether your data is in use, your data is at rest or your data is in transit, you get to protect it in all of those modes.

The confidential cloud is a set of constructs that enable you to use the same infrastructure and the same capabilities in every cloud that you go to no matter which cloud it is. And the really good news in all this is every single cloud vendor has been adding hardware to their infrastructure to create the confidential cloud back in May of 2020, Microsoft rolled out the Azure confidential computing infrastructure, and that infrastructure allows you to create a confidential cloud up in Azure, Google rolled their solution out confidential VMs, back in July of 2020. And Amazon added their hardware capability nitro enclaves in October of 2020. So today, all of the clouds provide you the capability to get hardware security, running your applications in the cloud.

So creating your cloud-centric platform, the biggest challenge is every single cloud vendor has built a different set of tools and a different set of hardware to manage your infrastructure.


And this is really where Anjuna comes in. Anjuna enables you to run your applications unmodified, take care of your data in a consistent way, no matter whether you're running in a single cloud, whether you're running in multiple clouds, we provide a common interface that makes all of those run seamlessly. So since this is a technical audience, let's dive into this in some more specifics, what are the tools that the Enclave or the clouds have been bringing together for us to take advantage of So over the past number of years, they've been adding capabilities to make the cloud more secure. As I said, they've brought in monitoring tools, they've brought in storage encryption, they've brought in key management tools, they've brought in hosted Kubernetes. They've brought in network security. And all of these tools are available for you to use the keystone to all of this, the thing that really binds it all together and makes it the confidential cloud is a technology called enclaves. enclaves enable you to take advantage of hardware constructs in the most recent CPUs, starting in about 2015.

And these CPUs enable you to have hardware grade security that's independent of the operating systems and the applications that are running on top of the hardware. And so all together as the clouds have provided these services, these services enable you to create the confidential cloud and protect your applications will protect your data, whether it's in use, whether it's in transit, or whether it's in storage. So what Anjuna does is provides a consistent interface. So our software platform enables you to run your applications unmodified, in any of these clouds, and allows you to take advantage of all of these capabilities that the cloud vendors have been working so hard to bring to bear to the marketplace. So this is really what in Anjuna? Does, we make this simple, we make this set of different tools, easy to take advantage of, and move your policies from thinking about your on prem policies of how do you secure your machines to thinking about your cloud policies of how do you protect your applications? And how do you protect your data.


So let's dive into this a good bit deeper, I'm going to run a demo. And in this particular demo, I'm going to take a look at securing the thing where you have your most valuable assets in your database. So we're going to take an existing application, we're going to run Redis. And I'm going to show you Redis, how it runs outside the confidential cloud and what sort of threats exist, and then I'm going to put it inside the confidential cloud. And you're going to see that you can't get to its memory, you can't get to its data, and how you can actually secure this and how you can actually create some simple policies to make this easy to do.

Now, this is just one application, there are a whole bunch of applications that you can run just by lift and shifting inside the confidential cloud. Whether you're running Python applications, whether you're doing ml work, whether you're running off the shelf applications, whether you've created your own applications, whether you're running NGO applications, Anjuna makes this really simple for you to be able to use whether you're using it in a containerized environment, or whether you're just running processes on the machine.

So let me jump into the demo. And I'm going to show you how this actually works, and what the confidential cloud really is in practice. So here we are on the Anjuna dashboard. And I'm going to launch a terminal. And this is just a connection to a terminal that's running in this particular case is running up in Azure. And I'm running a simple application, let me start Redis. And to run Redis, all I'm going to do is run it from the command line. Now that I'm running Redis, I can do all the things I would normally want to do with Redis. In this particular case, I'm going to put some data into Redis. So I'm going to put Elon Musk name in there, I'm going to put a social security number in there, I'm going to put his address just a bunch of PII that normally you would want to protect. So now that data is loaded in Redis. And the next thing I'm going to look at is I'm going to scrape the memory of the machine. And normally, you can't do this with a SGX protected application. But I'm just going to simplify it by running an application that says if somebody could get past that hurdle, let's run the memory. And Let's scrape the memory and see what's there.


So if I go ahead and scrape the memory, and I do a GREP on it. Redis is a very fast in memory database, which means in the memory, I've got muscles secured a number, I've got his name, I've got his address, it's all very easy to grab and get our hands on. If I stopped Redis. And look at the SEC, the text file that it saves, I can see that all of the same information is also available easily inside the text file that Redis dumps out. So now it's protected inside Anjuna. And all I'm going to do differently is I'm going to launch Anjuna is going to create a secure environment for running Redis. And then we're going to run Redis inside that environment. And so Redis launches looks just the same. I can put some data inside of Redis, just like we did this time. However, when I dumped the data memory, and I see what's there, I see that none of the strings are available. And that's because all of the memory is now encrypted. And so I'm protecting the database while it's in use.

And again, this is with no modifications to the application itself, if I stop the database, and so now I've saved the file, and I look at the output of the file, it's protected by the Anjuna file system. And if I look at the whole file, it's essentially just encrypted information. So all the same information is there, but it's now protected. So we've protected very seamlessly, the data at rest was protected very seamlessly the data in use. And this is a very simple example of how using the confidential cloud using an Anjuna.

To make it simple, I can take an application unmodified, and use that application as I would normally use it but get protections in the cloud that I can't normally get. So when Anjuna creates the perimeter around your applications and creates the perimeter around your data, it enables you to establish control of your data wherever your data happens to go. So whether your data is in motion and you're protecting the network communication, whether your data is moving to a file, whether your data is moving to another machine in the cloud, you can define your perimeter around the application and its data and the use of that data. So that's the number one thing that you're protecting you're protecting your application, not the machine Anjuna makes this very simple. The applications when you run them, you're running them without modification, you're running them as is not having to change the hardware to run it and or not change the software to run it on the hardware. And then we provide a common interface, no matter what Cloud you're working with, it's all going to be essentially the same you're going to use Anjuna to create the secure environment, and then you're going to load your application into that secure environment. So with the confidential cloud, we eliminate entire classes of threats and make it much, much harder on attackers. So the first thing that's really important to think about is the application is now isolated, the application is running in an environment that is separated by the hardware from the rest of the machine.

So if an attacker can breach the operating system, that doesn't mean they've also breached your applications in your data running on the machine, this is a huge difference in the way machines and security is normally thought about. And this protects against a whole series of threads, because you're assuming that the operating system is already compromised. And yet you're protecting the application and you're protecting the data. If somebody gets access to a shell, if somebody gets access to root, and wants to do a privilege escalation, this is again protected because the protection isn't applying to the machine, it's not applying to the operating system that protection is down to the application. And its data specifically, one of the really unique elements of the confidential cloud is there's a hardware root of trust, the CPUs are providing some entropy that you can use to create secrets, and you can use to get your secret chain started.


So no longer do you need to put a token encrypted in a file that has a key embedded in your application somewhere, you can use the hardware root of trust to bootstrap your first security step in the process of whatever your security protocol is. And this is a big change to a lot of applications in terms of how you think about securing the application developers are normally thinking about the functionality. And then after the fact the CISOs and the security organizations need to think about the security of the implementation. And this gives us a way to decouple the keys from the application as well and separate what it is and where the trust needs to be established. Because it's being started down in the hardware. And it bypasses the operating system. No key is ever left perception persistent on the machine, which prevents a whole class of attacks from even existing.


This also protects you from insider threats. So just because someone has access to machine doesn't mean they have access to the data. And so whether it's the cloud service providers, insiders that are working on the machines, or whether it's your insiders that are needing to have access to the machines to do some work, you don't have to grant access to the application. So this is just the start. But ultimately, there are whole classes of threats that we get to protect against. So let's take a look at what people are doing with this. One of our customers is a very large bank, and they want a hybrid cloud solution, where as they migrate to the cloud, the first thing they want to protect is their keys. And they really didn't want to go down the road of the cost and complexity and limitations of an HSM. So they have their key management system running in the confidential cloud. And that key management system is enabling them to manage keys consistently on prem, in the cloud, across whichever cloud they use. So far lower cost far higher security, and not having the complexity of an HSM. So this is one of our large use cases that we're working through with a big bank at the moment. Another one is we're working with a government and this government is partnered with Amazon.

And the problem is they had thousands of applications that they wanted to migrate from on prem to the cloud. And to take advantage of a lot of the hardware, you usually have to modify the applications into a trusted and untrusted component. And so using Anjuna, allowing you to lift and shift your applications on modified. We're partnered with Amazon on this one, and making it very simple for the government to migrate their applications without changing them. So they can move faster. They can get to the cloud quicker, and they can have security based on the applications not security based on the machines. The next use case I want to talk about is a multiparty healthcare use case medical data is highly regulated. And as part of that regulation is what you can do with sharing the data to run different jobs and different and accompany. So if somebody's got some ml work or some AI jobs that they want to commingle some data, this is a problem from a medical perspective. So we're working with a consortia.


And what we've done is set up an environment where the data is encrypted, the algorithms are encrypted, and then they run in a trusted environment that none of the parties has access to. So only in that trusted environment can the data be run and the results output from the system. And so what this means is they can get better results, because they have more data to run the AI on, you can get better outcomes from a medical perspective, and you have zero data exposure, all while running this in the cloud. So having the ability to have multiple parties share information in a way that really isn't possible without the confidential compute constructs really made for some new use cases and some new abilities to really help people and do something unique here. So ultimately, what we're doing with the confidential cloud is making sure that the cloud is more secure than what you can do on prem.


And we do that by taking the attack surface and ultimately shrinking the attack surface down to something vastly smaller. And so the attack surface, there's always an attack surface, you're running software, you're running code in the cloud, but by making it much, much, much smaller, the amount of risk and exposure goes down and makes it far simpler to secure the applications and secure what we want to do. Thank you for listening to the presentation. If you want to learn more come see us in June. We have a virtual booth you can come check out our website. We've got another panel that we're doing so encourage you to take a look at that and help us the confidential cloud and using Anjuna to make sure that the cloud is the safest place to run your business application.

Additional Blog Articles

What Is Confidential Computing and Why Is It Important for Enterprises

Confidential Clouds. The Next Step in Cloud Computing

Data Security and Privacy Protection in Public Clouds