In their keynote at O'Reilly Security New York in 2017, Matt Stine introduces the concept of cloud native security, emphasizing its role in enhancing application security through fast and scalable cloud platforms. Matt defines "cloud native" not as a location but as a method, particularly in the context of practices like DevOps and continuous delivery, which prioritize speed, scalability, and security.

Matt discusses the traditional, reactive security measures in enterprises which he finds ineffective against persistent threats like malware, advanced persistent threats (APTs), and leaked credentials. They explain that the reluctance to apply software patches due to fear of system disruption leaves systems vulnerable to malware. For combating APTs, Matt advocates for a proactive approach of continuously updating and repaving systems to eliminate malware footholds and reduce the dwell time of attackers.

For credential leaks, they recommend frequent rotation of all credentials to minimize the impact of potential breaches. Matt argues that slowing down system updates and changes increases vulnerability; conversely, accelerating the pace of system repairs, repavings, and credential rotations can significantly enhance security. They conclude by urging enterprises to adopt these faster, more aggressive security measures to mitigate common threats effectively.