Be the first to like this
Cloud security, sounds like a myth does it not? Many organizations still cling to the belief that cloud services can not be used in a secure infrastructure in this session I'll cover emerging and available technologies which can help abate some of these concerns.
- What's a side channel attack?
- What's a co-residency attack?
- Available amazon AWS compliance documentation and how it is relevant to secure infrastructure
- Available amazon AWS services such as KSM and how they may be used to secure your deployments, VPC and netowrk isolation, IAM.
- What's openstack bandit and why should I care?
- What options do I have in my openstack deployment to secure my infrastructure and how are they relevant to my needs?
Federated cloud infrastructure
- What is it?
- Why you need one
- Ensuring secure "chain of custody" through to deployment
Docker / LXC
- What is container virtualization and how does it differ to regular virtualization?
- How does this affect my attack surface?
- Should I have this in production ?
- How can security be part of your CI process?
- Why your logs are your most important data source
- Handling thousands, millions or more lines per second
- Using the right components
Building the castle
- Thoughts in putting this all together to produce infrastructure hardened from developer though to production.