Here is a detailed summary of the video transcription in markdown format, broken down into sections:
Cyber Resilience: Best Practices for Readiness, Recovery, and Rebuild
Introduction
- Michael Fulo and Matthew Ericson from Confluera, an advanced APN partner, discuss best practices for cyber readiness, recovery, and rebuild.
- Cyber resilience is defined as the ability to anticipate, withstand, recover from, and adapt to adverse conditions and threats.
- The key focus areas are:
- Cyber resilience as a continuous process
- Adapting to changes as a critical component
Confluera's Approach to Cyber Resilience
- Confluera provides protection and security for cloud assets and applications, acting as a trusted data custodian.
- They offer encryption everywhere, post-quantum cryptography, hardened images, multi-factor authentication, and multi-person authorization.
- Cyber resilience is a continuous process that includes:
- Sensitive data scanning and classification
- Threat recommendations and cyber deception
- Clean room recovery for testing
- Recovery modalities (Cloud rewind, rebuild, and Clumio)
- Continuous adaptation to changes and new threats
Serving a Broad Spectrum of Customers
- Confluera protects customers across various services, industries, and deployment models (on-premises, public cloud, GovCloud, local zones, etc.).
- They cater to specific verticals, such as public sector, financial services, healthcare, and high-tech/composable applications.
- Confluera's deep integration with AWS services and organizations provides continuous discovery and protection.
Customer Success Story: Sony
- Sony, a media and entertainment company, approached Confluera with challenges around complexity, cost, and security concerns as they rapidly moved to the cloud.
- Confluera protected Sony's on-premises data, replicated it to the cloud, and provided a 4x lower RPO, significant cost reduction, and a single pane of glass for their entire estate.
Cyber Resilience for Gen AI Applications
- Confluera provides deep protection for the infrastructure, data, and training data used in Gen AI applications.
- They continuously evaluate and provide protection for emerging technologies, such as Amazon Bedrock and other AI models.
Mutable Virtual Air Gaps
- Snapshots, service-independent backups, and network air gaps are modern approaches to achieving the protection of traditional physical air gaps.
- AWS features like snapshot replication, cross-region copies, and immutability, combined with Confluera's solutions, provide these air gap protections.
- AWS' new service, AWS Air Gap Protect, simplifies the creation of secure, immutable, and isolated storage for clean backups.
Clean Room Recovery
- Testing recovery of production applications is a critical best practice often neglected by organizations.
- Clean room recovery provides a simple and safe way to periodically test recovery of applications into a secure, isolated environment.
- It automates the recovery process, including the restoration of resources and execution of runbooks, to reduce the mean time to recover.
- Clean room recovery supports not just EC2 instances but also containers, Lambda functions, and other dynamic resources.
Cloud Rewind for Modern Applications
- Traditional backup and recovery approaches struggle to handle the complexity of modern, distributed applications.
- Cloud Rewind (formerly Anodot) continuously discovers and protects the data and metadata of these applications, allowing for "recovery as code" using CloudFormation.
- This enables rapid recovery of the entire application, including all dependencies, to a new location or for testing purposes.
Event-Driven Continuous Backups with Clumio
- Traditional backup and recovery approaches face challenges at scale, including speed, cost, and regulatory requirements.
- Clumio (recently acquired by Confluera) provides an event-driven, cost-effective backup and recovery solution for S3 and DynamoDB.
- It leverages a serverless architecture to scale backup and recovery activities based on events, optimizing for cost and performance.
Key Takeaways
- Protect all data that cannot be easily recreated.
- Establish air gaps for application data and metadata.
- Test recovery frequently using tools like clean room recovery.
- Adopt a "rebuild on demand" approach with solutions like Cloud Rewind.
- Consider event-driven architectures and protection for scalable data protection.
Additional Resources
- Confluera's offerings available on the AWS Marketplace and their main website.