Fleming Shi

AWS re:Invent – Q&A with Fleming Shi, Barracuda SVP Advanced Technology

Print Friendly, PDF & Email

Fleming ShiThe Barracuda team has been busy preparing to make the trip to AWS re:Invent at the end of the month, and we hope you’re looking forward to it as much as we are. One of the big highlights of the event for us will be our breakout session: Moving 400 Engineers to AWS: Our Journey to Secure Adoption.

Fleming Shi, senior vice president of advanced technology engineering here at Barracuda, will be leading the session, along with Tim Jefferson, our vice president of public cloud. To find more about the session and his other recommendations at the event, we sat down with Fleming for a quick chat. Here’s what he shared with us.

Fleming Shi on helping builders build faster and more securely

What sessions would you recommend to customers and partners attending AWS re:Invent?

The sessions related to DevOps and how people build things are two areas that I think would benefit our potential customers or partners. The ones that will particularly interesting are the DevOps essentials, such as an Introductory Workshop on CI/CD Best Practices and Monitoring for Operational Outcomes and Application Insights

What sessions and events are you looking forward to attending at the show?

I would attend a few of those DevOps essentials sessions, and I think 307 set looks really interesting, especially the one on Serverless Application Debugging and Delivery Best Practices. I looking forward to the Compliance Automation Social. It’s an after-hours event we’re sponsoring, and I’ll get to meet some of our cloud-native vendors and partners and hear about the types of conversations they’re having with their customers about security and compliance and the ways we can help.

Register here to join us at AWS re:Invent 2018, November 26 – November 30

Where did the concept for session you’ll be leading come from?

At Barracuda, we want to make the journey to the cloud much more productive and efficient for DevOps teams. Part of the reason we’re doing our session is tell the story of builders for builders. As we were moving 400 engineers to AWS, we saw frictions between builders, engineers, and the DevOps persona versus the security professional persona. So, based on what we learned on our journey, we’re trying to help these two personas in other organizations work better together to build, deploy, and operate in the cloud.

'At @Barracuda, we want to make the journey to the cloud much more productive and efficient for #DevOps teams.' -Fleming Shi #reinvent #AWSClick To Tweet

What are the frictions you saw between builders and security professionals?

Builders want the infrastructure “now” and love to build fast, and with public cloud infrastructure like AWS, everything is readily available at your fingertips and the compute capacity is almost “unlimited.”  Builders want to build fast to achieve shorter time-to-market and higher performance with cloud infrastructure; however, when they move fast, it’s easy to make unintentional mistakes and violate security policies. One example would be someone spinning up an EC2 instance, and carelessly leaving ports open to the world due to distraction or lack of visibility.

Hacker bots scanning AWS elastic IP address blocks can stumble on these mistakenly open systems and the attack will begin. Often, the hacker will turn these machines into workers of their botnets. I’m sure some of you have seen abuse reports from AWS, which can lead to financial and reputational damage to organizations. This is not a good situation for anyone. 

In such a scenario, the builder who unintentionally violated a security policy can get disciplined and his or her access to the infrastructure can be taken away. It naturally slows the build motion for the builder, and engineering efforts grinds to a halt.  At this point, no one can blame the security professional for taking such a thorough approach to getting the infrastructure back online for the builders. This kind of  friction caused by careless mistakes is unhealthy for the relationship between builders and security professionals.

How can companies remove this type of friction?

Just looking at Barracuda Networks, I have a team of builders. I’ve found that modern cloud-generation builders love the word “continuous.” It’s all about agility with continuous integration and continuous delivery to production. However, we also need to pay attention to our security and compliance posture early.

Removing the friction between builders and security professionals requires a product that will watch over builders’ shoulders, helping them stay secure with little disruption. One analogy is to imagine a novice bowler who wants to have a good time. Introducing guard rails can help that person enjoy a “bumpy strike” without being embarrassed by gutter balls. It’s the same concept. Engineers are good at writing code and may not understand all the security controls in the cloud platforms they operate on, so watching over them and protecting them requires an expert system. And we have built it in Barracuda for our builders, and it’s time to share it with the world.

So, what did we build at Barracuda?  

First of all, we’ve developed a solution that we will be previewing during our session at re:Invent. This solution will constantly monitor infrastructure for the builders. When the solution detects a security violation, it will fix the problem automatically and programmatically. It uses a moderation step through a preferred communication channel to handle the remediation process. This helps the builders and the security professionals work together in harmony and turn friction into collaboration.

For #cloud generation builders, it's all about agility with continuous integration and continuous delivery to production. However, you also need to pay attention to security and compliance posture early.Click To Tweet

What is the key takeaway that you’re hoping people get out of your session?

After the session, attendees should see Barracuda’s leadership position in transforming our solution to serve our cloud customers. You will find how Barracuda builds our security solution with cloud-native integration and capabilities. Our position is beyond cloud-ready; we are going to protect our customers with the most efficient methods to secure your journey to cloud. Instead of building on platforms such as OS, the whole infrastructure is the platform Barracuda builds our solution on. Amazon, Microsoft, Google, and Oracle are rapidly improving their cloud platforms with more cost-effective, secure, and performant services. 

I like to note that the increased complexity will lead to lower visibility of severe security shortcomings. Given that our vision of security is about completeness, we believe our solution will benefit anyone who is looking to build fast and stay secure with security orchestrated in the control/management plane as well as the data plane. In short, the Barracuda solution we will be previewing at re:Invent will accelerate your journey to the cloud by securing your cloud workloads with continuous monitoring and automated remediation.

Visit us at AWS re:Invent 2018, November 26-November 30, Booth #2029, Venetian Sands Expo

Register here

Scroll to top
Tweet
Share
Share