The presentation discusses the importance of threat model driven design in cybersecurity and DevOps, highlighting the vulnerabilities of snapshot attacks and the need for zero knowledge models in key management.
- Academic papers often discuss snapshot attacks, but there are other vulnerabilities to consider in threat model driven design
- VMware live motion and Google's cross cloud live migration use memory snapshots, which can be a problem for encrypted databases
- Web application security is crucial in protecting against insider threats and compromised keys
- Client-side encryption with homomorphic encryption is a promising solution for zero knowledge models in key management
- Hardware security modules and field level keys must be carefully guarded to minimize exposure
- Real-time anomaly detection and key segregation are important defenses against breaches
The speaker recounts walking into large fortune 50 companies where key management and identity policy were not properly implemented, emphasizing the need for better understanding of operator visibility and exposure paths.