Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Konten disediakan oleh Mirantis Inc.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Mirantis Inc. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Mirip dengan Radio Cloud Native by Mirantis
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
We help founders make something people want.
…
continue reading
Welcome to Catalyst, the Launch by NTT DATA Podcast. Catalyst is an ongoing discussion for digital leaders dissatisfied with the status quo and optimistic about what’s possible through smart technology and great people. In this studio we believe in shipping software over slideware, that fast will follow smooth, and aiming to create digital experiences that move millions is a worthy pursuit.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Offline dengan aplikasi Player FM !
))
Achieving DISA STIG Certification for MKE: Challenges, Successes & Best Practices for Compliant Public Sector Solutions
Manage episode 459429946 series 3342345
Konten disediakan oleh Mirantis Inc.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Mirantis Inc. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
In this month's episode, John Jainschigg, Director of Open Source Initiatives at Mirantis hosts Kathleen Moyer, Director of Service Delivery at Corsec Security, and William Konitzer, Senior Solution Architect at Mirantis, to explore the recently achieved DISA STIG certification for Mirantis Kubernetes Engine (MKE). Together, they dive into the intricate certification process that enables public sector and enterprise users to deploy secure, compliant applications using MKE.
Listeners will gain insights into the collaborative effort between Mirantis and Corsec Security, where Kathleen shares her 25 years of expertise in security certifications, detailing how Corsec facilitated the process with government agencies like DISA and the DoD. William provides a behind-the-scenes look at the technical challenges and solutions that ensured MKE met stringent Department of Defense (DoD) security standards without compromising usability or performance. Furthermore, he highlights some of the team's learnings in the context of how it changed the thought process of Mirantis' engineering teams when it came to security.
Achieved in early 2024, this milestone positions MKE as a powerful tool for public sector organizations and industries with specific security and compliance needs. Whether you’re navigating public sector compliance requirements or interested in secure cloud native solutions, this episode offers practical advice and unique perspectives on implementing and managing a STIG-compliant Kubernetes platform.
A full list of this episode's topics include:
- Corsec Security's role in the MKE DISA STIG process
- Common challenges Orgs face in STIG process
- How Corsec handles security testing to ensure compliance
- SITG vs FEDRAMP - in terms of requirements
- How Corsec handles product updates re: the STIG
- Advice for companies getting started with STIG certification
- Role of documentation in STIG process
- Challenges in MKE STIG process
- Why Mirantis did a STIG for MKE
- Specific security features of MKE that affected DISA STIG approval
- Mirantis and Corsec collaboration
- MKE for the Public Sector
- Timelines for achieving STIG certification
- Mitigating evolving vulnerabilities
- How the SITG process for MKE impacted Mirantis engineering
If you want to listen to more episodes of Radio Cloud Native, please visit https://www.mirantis.com/radiocloudnative/ to download, or find them wherever you prefer to consume your podcasts.
If you are interested in contributing to Radio Cloud Native, please reach out to our podcast team: podcasts@mirantis.com
Chapter
1. Intro (00:00:00)
2. What was Corsec Security's role in the MKE DISA STIG process? (00:01:03)
3. What are common challenges Orgs face in STIG process? (00:02:23)
4. How does Corsec help with security testing to ensure compliance? (00:07:37)
5. What makes SITG requirements unique vs FEDRAMP? (00:09:14)
6. How does Corsec handle product updates re: the STIG? (00:12:43)
7. What advice would you give to companies started out with STIG? (00:13:50)
8. Role of documentation in STIG process (00:16:46)
9. Challenges in MKE STIG process (00:20:27)
10. Why did Mirantis do a STIG for MKE? (00:23:09)
11. Specific security features of MKE that affected DISA STIG approval (00:24:46)
12. How did Mirantis and Corsec collaborate to achieve STIG certification? (00:26:31)
13. How can MKE be used in the Public Sector? (00:27:20)
14. What are typical timelines for achieving STIG certification? (00:30:19)
15. How to mitigate evolving vulnerabilities (00:31:14)
16. How has the SITG process for MKE impacted Mirantis engineering? (00:32:21)
17. Outro (00:34:33)
60 episode
Bagikan
Manage episode 459429946 series 3342345
Konten disediakan oleh Mirantis Inc.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Mirantis Inc. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
In this month's episode, John Jainschigg, Director of Open Source Initiatives at Mirantis hosts Kathleen Moyer, Director of Service Delivery at Corsec Security, and William Konitzer, Senior Solution Architect at Mirantis, to explore the recently achieved DISA STIG certification for Mirantis Kubernetes Engine (MKE). Together, they dive into the intricate certification process that enables public sector and enterprise users to deploy secure, compliant applications using MKE.
Listeners will gain insights into the collaborative effort between Mirantis and Corsec Security, where Kathleen shares her 25 years of expertise in security certifications, detailing how Corsec facilitated the process with government agencies like DISA and the DoD. William provides a behind-the-scenes look at the technical challenges and solutions that ensured MKE met stringent Department of Defense (DoD) security standards without compromising usability or performance. Furthermore, he highlights some of the team's learnings in the context of how it changed the thought process of Mirantis' engineering teams when it came to security.
Achieved in early 2024, this milestone positions MKE as a powerful tool for public sector organizations and industries with specific security and compliance needs. Whether you’re navigating public sector compliance requirements or interested in secure cloud native solutions, this episode offers practical advice and unique perspectives on implementing and managing a STIG-compliant Kubernetes platform.
A full list of this episode's topics include:
- Corsec Security's role in the MKE DISA STIG process
- Common challenges Orgs face in STIG process
- How Corsec handles security testing to ensure compliance
- SITG vs FEDRAMP - in terms of requirements
- How Corsec handles product updates re: the STIG
- Advice for companies getting started with STIG certification
- Role of documentation in STIG process
- Challenges in MKE STIG process
- Why Mirantis did a STIG for MKE
- Specific security features of MKE that affected DISA STIG approval
- Mirantis and Corsec collaboration
- MKE for the Public Sector
- Timelines for achieving STIG certification
- Mitigating evolving vulnerabilities
- How the SITG process for MKE impacted Mirantis engineering
If you want to listen to more episodes of Radio Cloud Native, please visit https://www.mirantis.com/radiocloudnative/ to download, or find them wherever you prefer to consume your podcasts.
If you are interested in contributing to Radio Cloud Native, please reach out to our podcast team: podcasts@mirantis.com
Chapter
1. Intro (00:00:00)
2. What was Corsec Security's role in the MKE DISA STIG process? (00:01:03)
3. What are common challenges Orgs face in STIG process? (00:02:23)
4. How does Corsec help with security testing to ensure compliance? (00:07:37)
5. What makes SITG requirements unique vs FEDRAMP? (00:09:14)
6. How does Corsec handle product updates re: the STIG? (00:12:43)
7. What advice would you give to companies started out with STIG? (00:13:50)
8. Role of documentation in STIG process (00:16:46)
9. Challenges in MKE STIG process (00:20:27)
10. Why did Mirantis do a STIG for MKE? (00:23:09)
11. Specific security features of MKE that affected DISA STIG approval (00:24:46)
12. How did Mirantis and Corsec collaborate to achieve STIG certification? (00:26:31)
13. How can MKE be used in the Public Sector? (00:27:20)
14. What are typical timelines for achieving STIG certification? (00:30:19)
15. How to mitigate evolving vulnerabilities (00:31:14)
16. How has the SITG process for MKE impacted Mirantis engineering? (00:32:21)
17. Outro (00:34:33)
60 episode
Semua episode
×
Selamat datang di Player FM!
Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.
Mirip dengan Radio Cloud Native by Mirantis
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
We help founders make something people want.
…
continue reading
Welcome to Catalyst, the Launch by NTT DATA Podcast. Catalyst is an ongoing discussion for digital leaders dissatisfied with the status quo and optimistic about what’s possible through smart technology and great people. In this studio we believe in shipping software over slideware, that fast will follow smooth, and aiming to create digital experiences that move millions is a worthy pursuit.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Offline dengan aplikasi Player FM !
