►
From YouTube: Defend Planning Breakdown - Runtime App Security & App Infrastructure Security Group - Feb 18 2020
Description
Defend engineers working with PM to breakdown upcoming issues into components, clarify requirements, and identify work boundaries.
A
A
Is
the
research
and
solution
validation
complete
and
what
are
some
possible
ways
that
this
could
logically
broke
be
broken
down
into
smaller
component
features
going
forward
so,
like
I,
said,
not
grooming,
just
making
sure
you
understand
the
requirements
and
just
kind
of
seen,
work
boundaries
and
where
we
can
break
it
down
more.
So
that
being
said,
Sam
has
added
a
number
of
issues
to
the
agenda
for
today
and
I
am
the
wrong
one.
Sorry.
A
B
It
is
well
noted
that
there
are
ways
to
do
that
right
now,
but
some
major
part
of
this
issue
is
providing
it
in
a
very
user
friendly
way
in
ticket
lab
UI,
so
that
they
don't
have
to
go
guessing
or
digging
through
documentation
to
find
out
which
environment
or
environmental.
But
everybody
need
to
pass
it
ultimately
we're
trying
to
get
this
to
a
point
where
we
can
default
it
on
and
if
it's
causing
problems
we
want
it
to
be
intuitive,
how
to
turn
it
off.
So
with
that
being
said,
let
me
pull
up
these
mock.
B
So
this
is
what
Andy
put
together.
We've
got
initially
on
the
operations.
Kubernetes
page
we'll
have
a
new
section
here
for
mod
security,
so
I
believed
right
now
it's
humbled
up
into
ingress,
pulling
that
out,
and
you
know
giving
its
own
space
in
the
UI
where
you
can
install
it
uninstall
it
enable
it
or
that
they
work
globally
and
switch
it
between
logging
and
blocking
most
globally.
B
B
And
then
all
spare
the
details
of
all
of
these
marks,
but
the
idea
is
that
in
the
operations
environments
page,
you
would
now
have
a
protection
button
that
would
produce
this
pop-out
drawer.
That
lets
you
either
use
the
global
settings
or
change
it
on
a
per
environment
basis,
and
you
can
also
turn
it
on
or
off
for
that
specific
environment.
So
when
you
change
the
global
setting,
any
things
that's
enabled
and
set
to
global
it's
going
to
follow
that
that
global
setting
and
it'll
be
pushed
out
to
it.
C
A
A
D
A
To
be
clear,
you're
talking
about
breaking
down
issues
based
on
deliverable
functionality,
not
based
on
how
we
code
it
write
it
down
into
smaller
features,
which
is
something
that
I
would
look
to
Sam
to
decide.
If
that's
what
he
wants
to
do,
I,
don't
think
that's
something.
Engineering
should
be
breaking
down
we're
just
here
to
just
suggest
it
to
you
Sam.
So
you
know,
I
think
you
and
I
talked
about
this.
One
previously
does
Jonathan's
suggestion,
make
sense,
yeah,
yeah,.
A
E
B
The
rationale
there
is
just
that
you
can
have
ingress
installed,
but
not
mod
security,
and
so,
even
though
there
is
a
dependent
like
mod
security
has
a
dependency
of
ingress
like.
If
you
look
at
some
of
these
other
ones,
you
have
ways
to
configure
settings
for
them.
It
really
is
at
least
my
understanding.
That's
two
different
technologies
at
the
end
of
the
day,
and
so
we
from
a
UX
perspective.
We
just
wanted
to
split
that
out,
so
that
any
configuration
we
wanted
to
deal
with
modsecurity
kind
of
had
its
own
place
to
live.
B
E
Well
well,
currently
does
and
I
would
actually
I
guess.
I
would
I
would
say.
Mon
skier
is
more
of
an
extension
on
top
of
ingress
I'm,
trying
to
I'm
thinking
about
how
other
how
we
do
this
with
other
applications
here,
and
it
really
would
be
at
least
it
currently
in
terms
of
the
implementation,
is
more
of
a
series
of
settings
on
the
ingress
itself.
I,
don't
necessarily
I'm,
not
necessarily
saying
that
the
current
stage
is
the
way
that
we
want
it
to
be.
E
E
Each
one
of
these
applications
is
backed
by
like
a
separate
database
record
and
tied
to
like
a
helm
deployment.
So
we
either
would
have
to
change
the
way
that
our
much
theory
is
deployed
significantly
or
add
a
lot
of
kind
of
front-end
liaison
to
make.
It
seem
like
two
separate
applications
that
can
just
go
in
the
issue
itself,
but
just
something
worth
raising
here.
I.
F
Know,
Lucas
I
think
we
can
prepare
a
fallback
if
it
gets
to
be
a
blocker.
This
is
definitely
like
an
ideal
experience.
We
want
to
drive
to
especially
seeing
some
of
the
new
designs
for
the
managed
apps
experience,
but
with
that
said,
we
can
always
do
some
magic
and
make
this
more
of
like
a
plus
one.
What
we
have
today,
as
opposed
to
like
a
plus
10.
E
B
To
the
point
of
how
we
break
this
down
right,
it's
an
initial
step,
you
know
maybe
the
last
and
we
did
just
what
this
out
from
ingress.
You
know.
Maybe
we
do
everything
else
first
and
then
it's
splitting
the
south
from
ingress
is
going
to
be
a
heavy
dense
lift
if
we
can
size
that
independently
and
separately,
then
that
helps
me
to
put
that
over
the
priority
on
it.
B
B
B
All
right
so
with
that
one
we'll
move
on
to
cluster
Network
policy
statistics,
which
is
the
next
item
in
our
backlog,
we're
done
nearly
done.
I
guess
I
should
say
with
statistics
for
the
Web
Application
Firewall,
which
looks
like
that.
Really.
What
we're
looking
at
is
just
extending
that
functionality
putting
another
section
on
the
same
page
that
is
specific
for
container
network
policy.
The
goal
of
this
graph
is
well.
B
Let
me
start
by
stating
some
things
that
we're
not
trying
to
accomplish
with
this
graph
we're
not
trying
to
show
the
performance
of
cilium
we're
not
trying
to
show
you
know
there
are
a
lot
of
different
stats
that
we
could
show
we're
not
trying
to
show
all
of
the
stats
that
are
available
to
us.
What
we
are
trying
to
show
here
is
just
this.
The
same,
very
basic
thing
with
laughs
is,
you
know,
is
it
on
and
is
it
working
and
how
much
is
it
blocking?
B
So
you
know
just
being
able
to
see
here's
the
total
volume
that
cilium
process
shows
me
hey
it's
on.
It's
working,
that's
passing
traffic
and
here's
how
much
got
dropped
so
you
know
I
know
how
much
it's
actually
doing.
For
me,
that
was
the
initial
concept.
I
saw
some
other
comments
on
this
issue
are
throwing
a
new
comment
upon
it.
I
don't
know
if
it
makes
sense
to
start
with
that
or
if
there
are
other
questions
more
burning.
Let
me
see
if
I
can
find
this.
Oh
here's.
Your
comment.
G
G
In
this
case,
my
comment
is
kind
invalid,
and
so
the
situation
was
always
facing
yesterday
is
that
we
have
two
graphs
one
for
drops
in
one
for
florals
and
we
have
stats
in
percentage
of
drops
from
total
amount
of
packets,
so
how
I
was
doing
prototyping
and
notice
that
this
ratio
is
usually
a
wall
because
Sileo
manages
ingress
and
a
inbound
and
outbound
traffic
across
the
cluster
and
drops
are
usually
policy.
Local,
in
this
case,
I
noticed
that
the
ratio
was
for
the
wall
and
graphs
looked
really
like
scale.
G
Suppose
grass
were
a
bit
bad,
but
if
you
go
to
the
environment,
they
have
a
drop-down
at
the
top
I
think
it
will
be
looking
a
bit
better.
So
I
was
a
bit
wrong.
So
just
forgot.
My
last
comment,
but
I
had
some
questions
for
India
in
terms
of
UI,
because
our
clarin
threat
management
page
is
Kerala
sculptor
involved
in
a
lot
of
messages
contain
like
mention
about
specifically,
so
we
might
need
to
just
restructure
those
messages
and
call-outs
and
pop-ups
to
be
more
generic.
G
I
was
actually
10
to
a
minute
ago
was
not
sure
how
to
get
stats.
The
environment
but
apparently
say
Lone
Star's,
given
its
name
space
village
I
me
just
metric
as
the
tag,
so
we
you'll
be
able
to
do
that
yeah.
So
there
was
a
bit
of
confusion
in
my
own
and
I
already
did
some
work
around
that
and
I.
Think
overall,
the
city
looks
good.
It's
definitely
actionable.
I
have
a
bit
of
fronting
gone
already,
and
maybe
we'll
have
a
frustration
this
week.
G
E
G
Side,
sorry,
to
clarify
the
parameters:
integration
into
cross
application
is
not
full
of
work
working
right
now
and
specifically
for
this
one.
It's
not
going
to
be
usable,
so
I
contributed
and
parameters
metrics
to
the
repository,
but
it's
because
I
was
asked
to
do
that.
Not
that,
because
it's
finished
there
is
an
issue
specifically
with
UI
Rama
ptosis
install
can't
be
installed
for
the
quest
applications,
work
working,
but
it's
not
visible
by
our
UI
and
all
the
parameters.
Related
features
are
not
activating,
and
this
means
that
client
is
not
available
to
you.
E
F
E
E
Page,
they
can
say
whether
prometheus
is
installed
or
not
with
the
UI,
but
we
have
another
dependency
which
is
Prometheus
installed
and
whether
psyllium
is
installed,
and
so
we
can't
I,
don't
know
if
we
can
tell
if
selenium
is
installed.
Currently,
if
it's
installed
through
a
cluster
management
project,.
G
Yeah
I
can
understand
what
you're
asking,
but
is
it
really
an
assurance?
No
because
fronting
works,
real
internet
now,
I
think
Mark
did
that
essentially
on
the
page
water
to
try
to
fetch
that
and
if
that's
not
there,
we
show
and
them
to
stay.
That
says
that
you
probably
set
up
something
wrong:
go
check
documentation
so
that
the
logic
we
have
for
life
right
now
and
I'm
replicating
is
for
psyllium
just
slightly
different
copy
and
different
link.
I'm.
E
G
Is
actually
roughly
what
management
team
does?
The
first
step
is
yeah.
As
you
mentioned,
you
don't
like
the
check
for
the
actual
application,
but
once
you
hear
plication
doesn't
mean
you're.
Gonna
have
stats
in
it.
So
the
next
thing
you're
gonna,
see
in
UI
after
installing
parameters,
is
that
you
don't
have
stats
like
similar
roughly
similar
what
he
has
right
now.
B
So
to
summarize,
if
I
understood
you
right,
he
said
basically,
if
we
don't
have
any
status,
I
mean
from
psyllium
we're
just
going
to
show
that
it
the
empty
state,
regardless
of
whether
or
not
they've
actually
installed
psyllium.
It's
harder
to
check
that
facts,
but
we
can
just
say:
oh,
we
haven't
seen
any
staff
yet.
So
it's
not
better
that
correct!
B
G
I
think
this
logic
is
decent
on
the
base.
What
Hooper
says?
First
of
all,
we
can't
check
if,
like
there
is
no
a
go
check
right
now
to
see
if
psyllium
is
installed
and
not
because
they
using
cost
implications,
cost
implications
are
not
going
to
graded
back
into
the
monolith
and,
second
part.
They
also
need
the
parameters
and
also
I
would
say
doing
a
better
chance
than
we
have
right.
Now
is
a
really
complicated
process.
Again
it
might
be
missing
parameters,
it
might
be
missing.
Psyllium,
it
might
be
annotation
on
the
serum
is
not
activated.
G
B
B
A
G
A
B
So
I
don't
know
that
I
we
have
time
to
really
dive
into
these
ones
about
the
logs
and
those
are
further
out
so
I'm
fine
to
pass
on
those.
Instead,
if
we've
got
five
more
minutes,
I
just
want
to
maybe
just
have
a
discussion
outside
of
these
and
media
issues
related
to
what
we're
just
talking
about
how
we
know
if
Wow
or
sorry
psyllium
is
on
or
not
so
just
like.
We've
got
this
issue
around
being
able
to
turn
rap
on
and
off
and
switch
it
between
logging
and
blocking
we're.
B
Gonna
want
to
be
able
to
do
the
same
thing
with
psyllium.
Now,
I,
don't
have
an
issue
on
that
yet,
but
that
something
to
start
thinking
about.
How
can
we
expose
that
in
UI
and
I?
Don't
know
I
feel
like
for
last
five
minutes
that
might
be
productive.
Just
to
start
the
discussion
around
that
at
an
early
state.
G
Yes,
and
no
all
right
now,
yes,
but
again,
it's
just
based
on
the
fact
that
we
are
using
its
what
essentially
will
be
key
to
have
managed
apps
version
2,
it's
a
work
in
progress
by
extraction
team.
Most
of
the
UI
features
another
they
have
focused
in
on
feature
parity
between
quest
applications
and
get
workmanship's.
I.