Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Sh*t my cloud evangelist         says... ...Just not to my CSO
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
Defining theproblem set
IT’S A TRAP!
Developer Priorities*            VS           Security Priorities                *Mark Curphey - The Great Security Divide...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
@SMCES...   VS   ...SECURITY
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                        VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ...
What’s Missing?
What’s Missing? ✤   Instrumentation that is inclusive of security
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
Nasty bits
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
Application Security: Meh
API Security Sucks Harder  ✤   Most Security Drones can’t spell XML  ✤   ...they rarely use SOAP  ✤   ...they don’t get RE...
Fool! You Fell Victim To One Ofthe Classic Blunders!
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Sh*T My Cloud Evangelist Fails to say...        CE              NS                      OR                             ED ...
The 7 Dirty Words              ...Of Cloud Security
The 7 Dirty Words  1. Scalability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability  3. Fungibility                   ...Of Cloud Security
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance                     ...Of Cloud S...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost                     .....
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability   ...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability  7...
Scalability
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Security@Scale
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Cloud: The Revengeof VPN and PKI
Cloud: The Revengeof VPN and PKIHINT: CLOUD SECURITY IS MORETHAN OVERLAY ENCRYPTION &MULTI-FACTOR AUTHENTICATIONMECHANISMS
He P’s On Everything...                Everything’s Connected
Do Not Poke the bear       If You Think A Noogie Is Bad, Try the Wedgie!
Portability
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability✤   Dude, Where’s My IOS ACL    5-Tuple!?        Working with VMware vShield REST API in perl. Richard Park, So...
Portability✤   ...or this:                  AWS Security : A Practitioner’s Perspective. Jason Chan, Netflix
Fungibility
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
The Problem IsAlways Hamsters
The Hamster Sine Wave of Pain...*                                                               The Security Hamster Sine ...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
Compliance
Compliance ✤ Security != Compliance and “security” doesn’t matter
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Mapping the Model to the Metal
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Defining theproblem set
Upcoming SlideShare
Loading in …5
×
12,351 views

Published on

Defining theproblem set

Published in: Technology, Business
  • Dating for everyone is here: ❶❶❶ http://bit.ly/2F90ZZC ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Dating direct: ❤❤❤ http://bit.ly/2F90ZZC ❤❤❤
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • The presentation and download are in Apple's Keynote format
    For the poor beknighted fools (like me) who don't have access to Keynote on a Mac, i suggest using http://www.zamzar.com to convert the download to PPT, PDF or other format.format

    BTW, I have no personal or financial connection with the site, just recommending a useful tool :)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • But I do, I do say this
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

×