Moving applications to the cloud promises agility, innovation and better time to market. On the other hand, securing cloud native applications is a multidimensional challenge involving different teams, workflows and different infrastructure application layers. You may be disrupted by new acronyms such as: CWPP, CSPM, KSPM, … In this talk, we will explain those acronyms and dive into the foundation of cloud native security by discovering the different attack vectors and areas to protect. Then, we will expose common patterns, workflows and best practices to implement a continuous security practice to keep innovating without sacrificing security. Throughout the talk, we will detail the different teams/personas involved during the lifecycle of a cloud native application and the workflow to implement so they can work in tandem to deliver the best class security platform. This talk will be focusing on patterns and best practices with few tools mentioned.