SlideShare a Scribd company logo

Pacbot, Cloud Security @T-Mobile

Download as PPTX, PDF
M
MagentaCCoE

Policy as Code Bot (PacBot) is a platform for continuous compliance monitoring, compliance reporting and security automation for the cloud. In PacBot, security and compliance policies are implemented as code. All resources discovered by PacBot are evaluated against these policies to gauge policy conformance.

Software
1 of 10
T-Mobile Technology Santhoshi Gorle T-Mobile Confidential Senior Software Engineer
22 T-MobileConfidential
3 Problem Statement  No central source of truth for policy definition, compliance status, open issues, granted exceptions (audit finding)  In current state audits are resource intensive, costly and best-case only insure compliance at a point in time (audit finding)  Policy defined solely as human-read text is ambiguous, open to interpretation and difficult to measure  Environments and policies change too often to manually check or remediate. Scale is too large to be effectively managed by a centralized team
4 Solution:Policy as Code  Policy and rules are described in code and NOT IN DOCUMENTS  Automated – compliance rules are automatically validated  Reporting – Compliance dashboard and traceable evidence  Remediation – Automatic or one-click Describe Discover Scan Log Notify Remedia te
5T-MobileConfidential
6T-MobileConfidential https://github.com/tmobile/pacbot PacBot OSS
7T-MobileConfidential FAQ’s
8Cloud Strategy & Development 8 T-Mobile Confidential Thank You
9 Data Collector / Shipper Rule Engine UI & MicroServicesElastic Search S3 Auto Fix End User RDS RedShift CloudWatch Rules CloudWatch Rules ALB VPC PacBot Architecture
10T-MobileConfidential  Continuous compliance assessment.  Detailed compliance reporting.  Auto-Fix for policy violations.  Omni Search - Ability to search all discovered resources.  Simplified policy violation tracking.  Self-Service portal.  Custom policies and custom auto-fix actions.  Dynamic asset grouping to view compliance.  Ability to create multiple compliance domains.  Exception management.  Email Digests.  Supports multiple AWS accounts.  Completely automated installer.  Customizable dashboards.  OAuth Support.  Azure AD integration for login.  Role-based access control.  Asset 360 degree PacBot Capabilities

Recommended

40 plantillas en excel para el area comercial y marketing
40 plantillas en excel para el area comercial y marketing40 plantillas en excel para el area comercial y marketing
40 plantillas en excel para el area comercial y marketingLuis Muñiz González
 
Analisis de decisiones integrales
Analisis de decisiones integralesAnalisis de decisiones integrales
Analisis de decisiones integralesAJPA58
 
Qué falló en world com
Qué falló en world comQué falló en world com
Qué falló en world comFerunando López Huanaquiri
 
Nacional financiera
Nacional financieraNacional financiera
Nacional financieraBlankha Niebes
 
Importancia y aplicación de los estados financieros basicos diapositivas
Importancia y aplicación de los estados financieros basicos diapositivasImportancia y aplicación de los estados financieros basicos diapositivas
Importancia y aplicación de los estados financieros basicos diapositivasdioniciodgm
 
Bcp definitivo
Bcp definitivoBcp definitivo
Bcp definitivoLuis López Quiñones
 
Objetivos y Ratios. BBVA
Objetivos y Ratios. BBVAObjetivos y Ratios. BBVA
Objetivos y Ratios. BBVARogelio Donaire Martín
 
Cuestionario Auditoría y consultoría administrativa
Cuestionario Auditoría y consultoría administrativa Cuestionario Auditoría y consultoría administrativa
Cuestionario Auditoría y consultoría administrativa Felipe de jesus Miche Hernandez
 

Recommended

40 plantillas en excel para el area comercial y marketing
40 plantillas en excel para el area comercial y marketing40 plantillas en excel para el area comercial y marketing
40 plantillas en excel para el area comercial y marketingLuis Muñiz González
 
Analisis de decisiones integrales
Analisis de decisiones integralesAnalisis de decisiones integrales
Analisis de decisiones integralesAJPA58
 
Qué falló en world com
Qué falló en world comQué falló en world com
Qué falló en world comFerunando López Huanaquiri
 
Nacional financiera
Nacional financieraNacional financiera
Nacional financieraBlankha Niebes
 
Importancia y aplicación de los estados financieros basicos diapositivas
Importancia y aplicación de los estados financieros basicos diapositivasImportancia y aplicación de los estados financieros basicos diapositivas
Importancia y aplicación de los estados financieros basicos diapositivasdioniciodgm
 
Bcp definitivo
Bcp definitivoBcp definitivo
Bcp definitivoLuis López Quiñones
 
Objetivos y Ratios. BBVA
Objetivos y Ratios. BBVAObjetivos y Ratios. BBVA
Objetivos y Ratios. BBVARogelio Donaire Martín
 
Cuestionario Auditoría y consultoría administrativa
Cuestionario Auditoría y consultoría administrativa Cuestionario Auditoría y consultoría administrativa
Cuestionario Auditoría y consultoría administrativa Felipe de jesus Miche Hernandez
 
Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014GBX Summits
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureNetwrix Corporation
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, STo meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, STakishaPeck109
 
Mon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow SystemsMon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow SystemsRed Moon Solutions
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
IT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT ReformsIT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT ReformsJohn Weiler
 
ERP and related technology
ERP and related technology ERP and related technology
ERP and related technology Usman Tariq
 
Hicx briefing (nov16)
Hicx briefing (nov16)Hicx briefing (nov16)
Hicx briefing (nov16)Grant Watling
 
Data Ware House Testing
Data Ware House TestingData Ware House Testing
Data Ware House Testingmanojpmat
 
eGovernance Whitepaper
eGovernance WhitepapereGovernance Whitepaper
eGovernance WhitepaperEdgevalue
 
Chapter 03-business caseforxbrl
Chapter 03-business caseforxbrlChapter 03-business caseforxbrl
Chapter 03-business caseforxbrljps619
 
10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business Case10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business CasePerficient, Inc.
 
Troux Presentation Austin Texas
Troux Presentation Austin TexasTroux Presentation Austin Texas
Troux Presentation Austin TexasJoeFaghani
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeBrenda Majewski
 
From Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial ServicesFrom Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial ServicesRob Rensman
 
T CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterT CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
Clextra e governance
Clextra e governanceClextra e governance
Clextra e governanceEdgevalue
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 

More Related Content

Similar to Pacbot, Cloud Security @T-Mobile

Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014GBX Summits
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureNetwrix Corporation
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, STo meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, STakishaPeck109
 
Mon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow SystemsMon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow SystemsRed Moon Solutions
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
IT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT ReformsIT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT ReformsJohn Weiler
 
ERP and related technology
ERP and related technology ERP and related technology
ERP and related technology Usman Tariq
 
Hicx briefing (nov16)
Hicx briefing (nov16)Hicx briefing (nov16)
Hicx briefing (nov16)Grant Watling
 
Data Ware House Testing
Data Ware House TestingData Ware House Testing
Data Ware House Testingmanojpmat
 
eGovernance Whitepaper
eGovernance WhitepapereGovernance Whitepaper
eGovernance WhitepaperEdgevalue
 
Chapter 03-business caseforxbrl
Chapter 03-business caseforxbrlChapter 03-business caseforxbrl
Chapter 03-business caseforxbrljps619
 
10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business Case10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business CasePerficient, Inc.
 
Troux Presentation Austin Texas
Troux Presentation Austin TexasTroux Presentation Austin Texas
Troux Presentation Austin TexasJoeFaghani
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeBrenda Majewski
 
From Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial ServicesFrom Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial ServicesRob Rensman
 
T CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterT CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
Clextra e governance
Clextra e governanceClextra e governance
Clextra e governanceEdgevalue
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 

Similar to Pacbot, Cloud Security @T-Mobile (20)

Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT Infrastructure
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit Center
 
To meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, STo meet the requirements for lab 10 you were to perform Part 1, S
To meet the requirements for lab 10 you were to perform Part 1, S
 
Mon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow SystemsMon Am 1130 Document Management And Workflow Systems
Mon Am 1130 Document Management And Workflow Systems
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Management
 
IT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT ReformsIT-AAC Roadmap for Sustainable Defense IT Reforms
IT-AAC Roadmap for Sustainable Defense IT Reforms
 
ERP and related technology
ERP and related technology ERP and related technology
ERP and related technology
 
Hicx briefing (nov16)
Hicx briefing (nov16)Hicx briefing (nov16)
Hicx briefing (nov16)
 
Data Ware House Testing
Data Ware House TestingData Ware House Testing
Data Ware House Testing
 
eGovernance Whitepaper
eGovernance WhitepapereGovernance Whitepaper
eGovernance Whitepaper
 
Chapter 03-business caseforxbrl
Chapter 03-business caseforxbrlChapter 03-business caseforxbrl
Chapter 03-business caseforxbrl
 
10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business Case10 Things to Consider When Building a CTMS Business Case
10 Things to Consider When Building a CTMS Business Case
 
Troux Presentation Austin Texas
Troux Presentation Austin TexasTroux Presentation Austin Texas
Troux Presentation Austin Texas
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best Practice
 
From Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial ServicesFrom Surveillance to Service Excellence - Big Data in Financial Services
From Surveillance to Service Excellence - Big Data in Financial Services
 
T CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit CenterT CompliIT Compliance: Shifting from Cost Center to Profit Center
T CompliIT Compliance: Shifting from Cost Center to Profit Center
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
Clextra e governance
Clextra e governanceClextra e governance
Clextra e governance
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don Jones
 

Recently uploaded

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 

Recently uploaded (20)

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

Pacbot, Cloud Security @T-Mobile

  • 1. T-Mobile Technology Santhoshi Gorle T-Mobile Confidential Senior Software Engineer
  • 3. 3 Problem Statement  No central source of truth for policy definition, compliance status, open issues, granted exceptions (audit finding)  In current state audits are resource intensive, costly and best-case only insure compliance at a point in time (audit finding)  Policy defined solely as human-read text is ambiguous, open to interpretation and difficult to measure  Environments and policies change too often to manually check or remediate. Scale is too large to be effectively managed by a centralized team
  • 4. 4 Solution:Policy as Code  Policy and rules are described in code and NOT IN DOCUMENTS  Automated – compliance rules are automatically validated  Reporting – Compliance dashboard and traceable evidence  Remediation – Automatic or one-click Describe Discover Scan Log Notify Remedia te
  • 8. 8Cloud Strategy & Development 8 T-Mobile Confidential Thank You
  • 9. 9 Data Collector / Shipper Rule Engine UI & MicroServicesElastic Search S3 Auto Fix End User RDS RedShift CloudWatch Rules CloudWatch Rules ALB VPC PacBot Architecture
  • 10. 10T-MobileConfidential  Continuous compliance assessment.  Detailed compliance reporting.  Auto-Fix for policy violations.  Omni Search - Ability to search all discovered resources.  Simplified policy violation tracking.  Self-Service portal.  Custom policies and custom auto-fix actions.  Dynamic asset grouping to view compliance.  Ability to create multiple compliance domains.  Exception management.  Email Digests.  Supports multiple AWS accounts.  Completely automated installer.  Customizable dashboards.  OAuth Support.  Azure AD integration for login.  Role-based access control.  Asset 360 degree PacBot Capabilities

Editor's Notes

  1. Animation Image
  2. Animation Image