►
From YouTube: Defend Planning Breakdown - Runtime Application Security & Application Infrastructure Security Group
Description
Defend engineers working with PM to breakdown upcoming issues into components, clarify requirements, and identify work boundaries.
A
Hi
everybody
we
are
here
for
our
second
planning
breakdown
meeting
to
talk
about
upcoming
issues
and
application
and
container
security.
Social
guests
are
always
guests-
are
Sam
white,
I'm
gonna.
Let
him
drive
most
of
this,
because
I
believe
this
should
be
a
conversation
between
the
developers
who
are
building
these
features
and
the
PM.
Who
is
writing
the
words
down
and
the
issues.
So,
let's
get
started
Sam
you
wanted
to
follow
up
from
the
last
share
to
look
at
the
same
thing,
all.
B
C
D
So
there
is
a
mark
that
I
am
working
right
now,
it's
almost
there
that
it's
going
to
do
this
for
forestry,
enable
and
disable
mod
security
for
nginx.
So
basically
the
user
is
going
to
click,
enable
or
disable
and
is
going
to
click.
Save
Changes,
this
Save
Changes
just
going
to
appear
if
the
applications
installed.
If
it's
not
solved
enough,
is
going
to
show
up
over
there.
So
that's
that
I'm
not
I,
didn't
develop
the
whole
mechanism.
I,
basically
just
burned
a
lot,
the
nginx
mode
security
stuff
into
their
existing
fee.
D
D
C
C
We
need
to
do
some
serious
testing
here,
because,
depending
on
how
we're
disabling
on
the
ingress
side,
we
may
have
something
like
a
mod
security
rules
directive
in
the
ingress
resource
for
the
auto
deployed
app
that
may
freak
out,
because
it
doesn't
know
what
that
is
anymore
because
we
disabled
it
at
the
controller
level
but
yeah
anyway.
You
can
funnel
any
issue
that
yeah.
D
A
B
E
A
B
A
B
A
Reason
to
like
throw
those
away,
but
the
cause
is
that
this
is
an
epoch
now
and
we
have
two
issues
associated
with
it
for
front-end
back-end
work
going
forward.
I'd
like
this
to
be
more
engineering
driven
because
I
think
that
you
guys
don't
have
a
better
idea
of
how
to
populate
these
sort
of
subtasks
or
issues.
But
where
would
we
expect
to
find
the
designs
when
they're
ready,
Andy
here
Sam?
So.
B
The
issue
that
yeah,
that
or
I
will,
although
we're
changing
so
that
the
issues
are
represent,
the
engineering
breakdown
andand,
epic,
is
more
of
like
thee
is
what
the
issue
was
before.
So
the
epic
is
an
issue.
It's
just
we're
using
epics
because
they're
a
container,
they
can
hold
other
issues,
whereas
issues
can't
be
broken
down
anymore.
For
engineering.
E
Should
we
also
break
down
so
there's
the
recording
of
the
logs
and
then
there's
the
retrieving
of
the
logs
on
the
backend
side
and
then
there's
the
front-end
side
of
displaying
those
logs?
Should
we
have
like
three
separate?
Should
we
break
it
up
in
three
ways?
Rather,
you
know
front
end
and
then
back
end
record
back
in
retrieve.
E
The
logs,
the
other,
is
retrieve
the
logs
yeah
push
put
verses,
get
I
guess
do
we
need
it
is.
Does
it
make
sense
I'm
not
asking
because
I
think
it
should
I'm
asking
them,
is
I'm
curious?
Does
it
make
sense
to
break
up
the
to
issue
the
to
the
restoring
the
the
recording
of
the
logs
and
then
retrieving
the
logs
as
two
separate
back-end
issues?
If
not
that's
fine,
but
it
logically,
they
feel
like
different
things,
but
maybe
the
way
we're
implementing
it.
A
C
E
Have
we
decided
yet
for
sure
if
we're
going
to
support
getting
the
logs
directly
from
kubernetes
or
going
to
them
for
elasticsearch,
but
we're
gonna
have
both
as
an
option?
There's
only
one
gonna
be
an
option.
What's
the
different
engineering
work
depending
on
you
know
whether
we
have
both
options
and
if
we
have
just
one,
you
know,
etc,
etc.
So
I
guess
have
we
I
guess
less
about
the
issues
more
about?
Have
we
decided
are
we
gonna?
Are
we
going
to
support
both
and
we
decided
we're
gonna
support
both
go
there
I.
D
F
Might
not
know
everything,
but
whatever
check
their
walk,
related
service,
it
actually
can
do
transparently
connections
to
keep
in
his
classes
and
elasticsearch.
Our
six,
which
takes
priority
over
the
people,
talks
I
think
it's
again
handles
transparently.
So
what
Hooper's
said
the
head?
We
don't
really
need
to
worry
about
the
backend.
It's
completely
true,
it's
already
implemented
by
mine
into
a
management
team,
oh
cool,
so
you
believe
that
to
be
the
case,
yeah,
probably
my
understanding
of
what
I
remember
saying
in
the
cod
in
github
with
org
that.
E
F
Would
say
going
wears
cabinets
walks
short
term
is
about
the
idea,
at
least
it's
achievable
because
I'm
pretty
sure,
at
least
in
a
saloon
site.
Installation
of
elasticsearch
into
the
glass
applications
is
a
bit
problematic
at
the
moment
and
once
I
tracked
a
bit
so
I
I
feel
like
Cuban
artists
and
keeps
detail.
Walks
has
a
bad
idea
for
now,
for
cilium
only
or
for
silly
man
with
valve
has
not
been
installed.
There's
a
quest
application
right
now
and
salam
has
hard
requirement
on
quest
applications.
C
Not
not
yet,
but
but
again,
I
think
it
goes
back
said,
as
you
said,
I,
don't
think
that
this
I
think
this
is
an
implementation
detail
that
we
don't
need
to
worry
about
there,
because
I
think
it
is
simple
internally
by
either
falling
back
to
less
search
or
yeah.
F
E
A
This
might
be
a
good
transition
to
talk
about
the
grameen
of
these
two
issues.
Obviously,
what's
sitting
here,
isn't
the
great
implementation
plan
and
going
into
twelve
nine?
We
want
to
make
sure
that
we've
done
the
appropriate
level
of
grooming
so
that
anyone
can
follow
what
we're
doing
and
other
people
can
contribute
Arthur.
Would
you
be
willing
to
take
on
so
my
guess.
My
first
question
is
Sam.
These
are
all
in
the
wrong
workflow
state.
Are
these
ready
to
actually
start
being
groomed
by
the
team,
or
is
there
so
design
going
on
here.
B
A
F
B
F
Call
last
week
about
brainstorming,
sister
and
conclusion
of
it
was
I
pretty
sure
that
we
will
be
waiting
for
some
work
on
the
management
team.
So
I
was
curious.
If
that
happened
on
that
and
I'm
pretty
sure
conclusion
was
that
web
walk
led
them,
at
least
from
my
understanding
that
I
can
try
to
find
the
conduct
that
we
brought
during
the
call.
F
But
my
understanding
was
that
there
is
some
stuff,
my
students
I'm
doing,
and
they
are
factoring
walk
functionality
to
allow
us
access
wearisome
spaces,
because
right
now
getting
the
works
is
slightly
problematic,
because
our
dashboard
can
only
get
walks
out
of
the
application,
cabinets
namespace
and
our
applications
are
actually
sitting
in
a
different
name
space.
So
there
was
a
brainstorming
call
about
that.
I
think
there
is
something
in
the
chat
I'm
shaking
yeah.
It's
the
last
link.
F
F
I
think
there
was
someone
I
think
it
was
Sam
had
to
go
and
check
with
their
project
manager
to
see
how
management
team
is
going
in
if
they
are
able
to
deliver
what
they
are
waiting
for
in
12.8,
because
I
think
it
like.
The
implementation
like
met,
request,
we're
waiting
for
is
marked
for
12.8,
so
there
is
a
chance
that
they
might
be
able
to
schedule
this
for
12.9.
A
We
do
it
one
more
victim.
Look
I,
don't
want
to
move
too
quickly,
but
these
are
some
things
that
can
happen
asynchronously
it
sounds
like
Sam.
You've
got
some
action
items.
Would
you
be
comfortable
and
updated
at
least
the
back
end
issue,
with
the
notes
from
that
discussion
and
linking
to
the
dependency
there
yeah.
A
H
B
It
might
be
a
little
premature,
I
mean
so
my
latest
going
back
to
that
comment.
My
understanding
was
that
I'll
hang
on
I'm,
trying
to
figure
out
so
I
got
the
sense
that
it
was
going
to
be
done
in
twelve
eight,
although
I'm
still
not
sure
that
I
have
a
100%
confidence
in
that.
In
that
case,
the
backend
work
would
be
unblocked
and
we'd
be
pretty
well
ready.
The
front-end
work
yeah,
we
are
still
waiting.
We
wouldn't
need
designs
on
that.
First.
E
E
F
A
F
E
And
then,
when
we
do,
the
search
correct
from
wrong
is
so
definitely
a
namespace
issue
needs
to
be
resolved
by
the
monitor
challenge,
but
by
the
monitoring
team.
Then
we
need
to
verify
that
in
theory,
there's
already
search
capability
in
monitor,
laughs
logs
will
plug
in
a
tag
or
something
similar.
So
we
can
search
for.
We
can
say
search
for
laugh
logs.
Perhaps
we
can
just
link
over
to
the
monitoring
pages
for
search
and
pre-populate
the
laugh
tag
or
whatever
it
ends
up
being
so
we
can
search
for
the
laugh
logs
and
similar.
E
E
D
F
I'm
a
bit
cautious
about
this
one,
because
we
have
a
bit
more
acquire
incentive
of
name,
space
being
specifically
a
sidecar
container,
so
it's
essentially
container
that
is
deployed
under
the
same
name
of
the
pod.
We
need
to
engage
with
management
team
to
make
sure
that
they
support
all
use.
Cases
has
been
it
in
this
case
and
yeah.
That's
from
my
perspective
is
not
happening
right
now,
they're
doing
filtering,
but
I'm,
not
sure
if
you
will
get
access
to
sidecar.
E
So
that
is
so:
okay
go
ahead,
Wayne,
so
in
theory
we
may
not,
at
least
in
the
short
of
we
may
not
need
a
separate
design
for
retrieving
these
logs.
We
can.
We
can
use
what
monrad
already
has-
and
maybe
we
do
more
than
that
later,
but
perhaps
that
would
be
good
enough
for
for
the
minimal,
viable
change
and
met
might
be,
might
be
good
enough
for
us
for
that
being
at
minimal
maturity
from
a
maturity
perspective
or
maybe
not
we'll
see.
B
A
B
So
this
one
is
perhaps
a
little
bit
more
fleshed
out
than
the
last
one.
You
know
we
just
got
done
doing
laughs.
Statistics
really
I
view
this,
as
essentially
solving
through
the
same
problem,
which
is
I.
Hope
me
understand
whether
or
not
it's
turned
on
or
off
and
how
much
it's
doing.
You
know
right
now.
The
West
--it
is
expansive
lis
minimal.
It
just
shows
you
know,
here's
that
your
total
traffic
and
here's
how
much
traffic
was
I
want
to
say,
blocked.
I
think
we
decided
on
an
almost
right
in
the
end.
H
I'm
I'm
blocked
until
the
conversation
kind
of
resolves
in
one
of
those
issues
where
we
just
need
to
know
what
data
we
want
to
show
psyllium
throws.
Psyllium
doesn't
have
like
one
pure
indicator
unless
I'm
wrong
or
mistaken,
like
the
wofe
dose.
So
if
we
just
decide
on
what
metrics
to
show
I
can
kind
of
pieces
parts
them
into
design,
I
saw
some
of
the
some
of
the
discussion.
E
On
it
and
yeah
I
think
you
know,
we
started
with
blocked
traffic,
which
I
think
is
a
good
place
to
start
I
think
we
may
want
to
show
nan.
Well,
we
don't
know
non-block
yet
because
the
auto
mode
is
not
there.
So
so,
if
we
just
start
with
them
with
block
traffic
and
those
statistics
on
that
that
that
I
saw
somewhere
in
one
of
the
issues,
I
think
that's
a
great
start,
but.
C
B
To
keep
it
simple,
you
know
we
can
always
add
filters
and
later
to
say:
okay
I
want
to
see
just
egress
traffic
or
want
to
see
just
ingress
traffic,
but
maybe
for
now
we
can
just
show
both.
You
know
the
so,
rather
than
splitting
it
out
we're
just
showing
a
total
mess.
Traffic
metric
very
somewhat,
you
know,
like
wow
I,
don't
think,
there's
very
much.
If
anything
you
can
filter
on
on
the
new
app
statistics
page,
you
know,
I
would
aim
to
have
this
as
closely
as
possible
mirror
what
we
have
through
a
statistics.
B
F
Yeah
fact
she's
really
flexible
is
what
I
can
do
and
in
one
of
their
like
I,
think
I
commented
yesterday.
There
was
a
link
to
the
group
that
is
related
to
drops
and
for
us
I
think
that
particular
group
of
stats
that
we
can
get
out
of
Surrealism
most
interesting
to
us
right
now
and
again
it's
a
parameter.
So
we
can
mix
and
match
those
like.
We
can't
even
show
on
the
same
graph
like
let's
say
difference
between
amount
of
network
packets
being
forwarded,
first
drop,
I.
Think
it's
really
interesting.
F
H
F
Situation
we're
in
is:
we
have
a
great
support
for
parameters
on
the
bacon.
Again,
thanks
to
the
management
team
and
silliman.
The
same
time
has
a
great
support
for
parameters
itself,
and
if
cinema
will
be
installed,
is
the
same
question
is
parameters
parameters
we
automatically
will
start
collecting
stats
out
of
psyllium
all
stats
that
you
see
on
the
page
and
you
can't
really
disable
some
of
them.
But
when
you
show
in
the
stats
out
of
parameters,
you
are
free
to
choose
everything
you
want.
F
So
it's
more
about
what
we
want
to
show
us
and
what
we
want
to
collect
everything
that
we
collected
somatically.
So
can
we
show
traffic
logged
worst
blocked?
Yes,
there
is
like
again
in
the
link
I
sent
in
the
comment.
If
Lindsey,
can
you
click
on
like
Michael
it?
No,
that
was
yesterday
but
Robin.
It's
Anders
this
group
right,
because
this
group
is
highlighted
Duvall
in
my
Canon
anyway,
I
will
send
you.
A
F
So
this
particular
piece:
it
drops
those
four
words.
Those
stats
already
will
be
collected
by
us
and-
and
those
are
really
interesting
and
I-
think
those
are
reference
to
what
you're
asking
about
you
see
in
left.
It
says,
drop
count,
it's
back
it
and
then
you
can
get
a
direction
and
the
reason
this
additional
made.
You.
F
B
A
A
Feel
like
this
was
really
productive.
Like
I
said:
I'll,
be
posting
this
up
to
YouTube
and
I'll
share
it
in
the
defender
emulator
today,
and
we
like
I,
mentioned
in
that
agenda.
I,
have
set
up
this
meeting
to
be
weekly
for
the
time
being.
You
know
over
time,
we'll
find
a
way
to
make
this
more
asynchronous
and
have
less
meeting
schedule
on
your
calendars
and
then
next
week
we've
moved
this
due
to
the
u.s.
holiday
so
Sam
and
my
separable
for
you
and
we
all
right
over
now.