Uploaded byMagentaCCoE
PPTX, PDF254 views

Pacbot, Cloud Security @T-Mobile

The document outlines a policy management solution for T-Mobile, addressing the challenges of compliance auditing due to the lack of a central source of truth for policy definitions and compliance statuses. The proposed solution, termed 'policy as code', automates compliance validation and reporting, streamlines remediation processes, and introduces features like continuous compliance assessment and self-service portals. The architecture supports multiple cloud environments and includes customizable dashboards and role-based access control.

Software
Related topics:
Cloud Security Insights

Embed presentation

Download to read offline
T-Mobile Technology Santhoshi Gorle T-Mobile Confidential Senior Software Engineer
22 T-MobileConfidential
3 Problem Statement  No central source of truth for policy definition, compliance status, open issues, granted exceptions (audit finding)  In current state audits are resource intensive, costly and best-case only insure compliance at a point in time (audit finding)  Policy defined solely as human-read text is ambiguous, open to interpretation and difficult to measure  Environments and policies change too often to manually check or remediate. Scale is too large to be effectively managed by a centralized team
4 Solution:Policy as Code  Policy and rules are described in code and NOT IN DOCUMENTS  Automated – compliance rules are automatically validated  Reporting – Compliance dashboard and traceable evidence  Remediation – Automatic or one-click Describe Discover Scan Log Notify Remedia te
5T-MobileConfidential
6T-MobileConfidential https://github.com/tmobile/pacbot PacBot OSS
7T-MobileConfidential FAQ’s
8Cloud Strategy & Development 8 T-Mobile Confidential Thank You
9 Data Collector / Shipper Rule Engine UI & MicroServicesElastic Search S3 Auto Fix End User RDS RedShift CloudWatch Rules CloudWatch Rules ALB VPC PacBot Architecture
10T-MobileConfidential  Continuous compliance assessment.  Detailed compliance reporting.  Auto-Fix for policy violations.  Omni Search - Ability to search all discovered resources.  Simplified policy violation tracking.  Self-Service portal.  Custom policies and custom auto-fix actions.  Dynamic asset grouping to view compliance.  Ability to create multiple compliance domains.  Exception management.  Email Digests.  Supports multiple AWS accounts.  Completely automated installer.  Customizable dashboards.  OAuth Support.  Azure AD integration for login.  Role-based access control.  Asset 360 degree PacBot Capabilities

More Related Content

PPT
Cfx12 11 cel
byal11429964
 
PPTX
Secure your environment with UiPath and CyberArk technologies - Session 1
byDianaGray10
 
PPTX
Becoming the Uncarrier: T-Mobile's Digital Journey
byApigee | Google Cloud
 
PPTX
Access Management with Aruba ClearPass
byAruba, a Hewlett Packard Enterprise company
 
PDF
Webinar Deck - Protect Your Users' Online Privacy
byEnsighten
 
PDF
ThingsCon: Trustable Tech Mark (27 Oct 2018, Mozfest Edition)
byPeter Bihr
 
PPTX
Can You Really Automate Yourself Secure
byCigital
 
DOCX
DIRECTIONS PLEASE PAY SPECIAL ATTENTION TO BULLETED ITEMS EXP.docx
bylynettearnold46882
 
Cfx12 11 cel
byal11429964
 
Secure your environment with UiPath and CyberArk technologies - Session 1
byDianaGray10
 
Becoming the Uncarrier: T-Mobile's Digital Journey
byApigee | Google Cloud
 
Access Management with Aruba ClearPass
byAruba, a Hewlett Packard Enterprise company
 
Webinar Deck - Protect Your Users' Online Privacy
byEnsighten
 
ThingsCon: Trustable Tech Mark (27 Oct 2018, Mozfest Edition)
byPeter Bihr
 
Can You Really Automate Yourself Secure
byCigital
 
DIRECTIONS PLEASE PAY SPECIAL ATTENTION TO BULLETED ITEMS EXP.docx
bylynettearnold46882
 

Recently uploaded

PDF
Mitr Sarthi: A Smart ERP for Modern Manufacturers
byGamavis Software Solutions
 
PDF
Job Interview for Global Federal Government MD Panel Presentation
byafnupe09
 
PPTX
Choosing Your Web3 Architecture: L1 vs L2 vs Appchain
bystorygamemarketing
 
PDF
DSD-INT 2025 MODFLOW 6 Developments - Langevin
byDeltares
 
PPTX
Why Airline Platforms Fail at Change and How Etihad Fixed It
byIT IDOL Technologies
 
PPTX
Image to Text converts images into editable text - AI Image to Text
byAI Image to Text
 
PDF
DSD-INT 2025 The National Hydrological Model of Denmark and its enhancements ...
byDeltares
 
PDF
DSD-INT 2025 Modelling cold water infiltration with the Groundwater Energy (G...
byDeltares
 
PPTX
Publix Data Scraping for Grocery Prices & Store Analysis.pptx
byMobile App Scraping
 
PDF
DSD-INT 2025 Multi-scale modeling to simulate Land Subsidence in the Central ...
byDeltares
 
PDF
Common CRM Implementation Mistakes & How to Avoid Them.pdf
byCRMLeaf
 
PDF
Oracle AI Database 26ai _ AI-Native Database for Enterprises.pdf
byAstuteBusiness
 
PDF
AI Concepts - MCP Neurons
byPhilip Schwarz
 
PDF
What Web Teams Need to Know About Building API-Powered Websites
byAlex Halsey
 
PDF
The Hidden Cost of “Quick” Web App Development
byiProgrammer Solutions Private Limited
 
PPT
Data Structure & Algorithm Lec- HeapSort.ppt
bypanhra1
 
PDF
IT Asset Lifecycle Management Solution | Infraon
byEverestIMS Technologies Pvt. Ltd
 
PDF
HTML 5 CSS 3 DEVELOPMENT TECHNOLOGY.pdf
bydavidjohansen1597
 
PPTX
A practical and beginner-friendly guide to understanding data structures in J...
bynaingseihahs
 
PPTX
Testing Strategies for Agile Teams in 2026
byMatt Calder
 
Mitr Sarthi: A Smart ERP for Modern Manufacturers
byGamavis Software Solutions
 
Job Interview for Global Federal Government MD Panel Presentation
byafnupe09
 
Choosing Your Web3 Architecture: L1 vs L2 vs Appchain
bystorygamemarketing
 
DSD-INT 2025 MODFLOW 6 Developments - Langevin
byDeltares
 
Why Airline Platforms Fail at Change and How Etihad Fixed It
byIT IDOL Technologies
 
Image to Text converts images into editable text - AI Image to Text
byAI Image to Text
 
DSD-INT 2025 The National Hydrological Model of Denmark and its enhancements ...
byDeltares
 
DSD-INT 2025 Modelling cold water infiltration with the Groundwater Energy (G...
byDeltares
 
Publix Data Scraping for Grocery Prices & Store Analysis.pptx
byMobile App Scraping
 
DSD-INT 2025 Multi-scale modeling to simulate Land Subsidence in the Central ...
byDeltares
 
Common CRM Implementation Mistakes & How to Avoid Them.pdf
byCRMLeaf
 
Oracle AI Database 26ai _ AI-Native Database for Enterprises.pdf
byAstuteBusiness
 
AI Concepts - MCP Neurons
byPhilip Schwarz
 
What Web Teams Need to Know About Building API-Powered Websites
byAlex Halsey
 
The Hidden Cost of “Quick” Web App Development
byiProgrammer Solutions Private Limited
 
Data Structure & Algorithm Lec- HeapSort.ppt
bypanhra1
 
IT Asset Lifecycle Management Solution | Infraon
byEverestIMS Technologies Pvt. Ltd
 
HTML 5 CSS 3 DEVELOPMENT TECHNOLOGY.pdf
bydavidjohansen1597
 
A practical and beginner-friendly guide to understanding data structures in J...
bynaingseihahs
 
Testing Strategies for Agile Teams in 2026
byMatt Calder
 

Featured

PDF
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
PDF
Everything You Need To Know About ChatGPT
byExpeed Software
 
PDF
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
PDF
Getting into the tech field. what next
byTessa Mero
 
PDF
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
PDF
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
PDF
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
PDF
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
PDF
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
PDF
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
PDF
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
PDF
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
PDF
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
PPTX
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
PDF
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
PDF
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 
PDF
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 
PDF
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
PDF
Skeleton Culture Code
bySkeleton Technologies
 
PDF
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
Everything You Need To Know About ChatGPT
byExpeed Software
 
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
Getting into the tech field. what next
byTessa Mero
 
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
Skeleton Culture Code
bySkeleton Technologies
 
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 

Pacbot, Cloud Security @T-Mobile

  • 1.
    T-Mobile Technology Santhoshi Gorle T-MobileConfidential Senior Software Engineer
  • 2.
  • 3.
    3 Problem Statement  Nocentral source of truth for policy definition, compliance status, open issues, granted exceptions (audit finding)  In current state audits are resource intensive, costly and best-case only insure compliance at a point in time (audit finding)  Policy defined solely as human-read text is ambiguous, open to interpretation and difficult to measure  Environments and policies change too often to manually check or remediate. Scale is too large to be effectively managed by a centralized team
  • 4.
    4 Solution:Policy as Code Policy and rules are described in code and NOT IN DOCUMENTS  Automated – compliance rules are automatically validated  Reporting – Compliance dashboard and traceable evidence  Remediation – Automatic or one-click Describe Discover Scan Log Notify Remedia te
  • 5.
  • 6.
  • 7.
  • 8.
    8Cloud Strategy &Development 8 T-Mobile Confidential Thank You
  • 9.
    9 Data Collector /Shipper Rule Engine UI & MicroServicesElastic Search S3 Auto Fix End User RDS RedShift CloudWatch Rules CloudWatch Rules ALB VPC PacBot Architecture
  • 10.
    10T-MobileConfidential  Continuous complianceassessment.  Detailed compliance reporting.  Auto-Fix for policy violations.  Omni Search - Ability to search all discovered resources.  Simplified policy violation tracking.  Self-Service portal.  Custom policies and custom auto-fix actions.  Dynamic asset grouping to view compliance.  Ability to create multiple compliance domains.  Exception management.  Email Digests.  Supports multiple AWS accounts.  Completely automated installer.  Customizable dashboards.  OAuth Support.  Azure AD integration for login.  Role-based access control.  Asset 360 degree PacBot Capabilities

Editor's Notes