Security Program Development for the Hipster CompanyPriyanka Aash
Cloud services have evolved and can now replace nearly every facet of traditional infrastructure. This movement has enabled rapid scale while introducing a considerable element of risk. This session will discuss a framework for getting started building a security program in an organization that is built purely on cloud services, covering the contradictions and opportunities of that business model.
(Source: RSA USA 2016-San Francisco)
Take It to the Cloud: The Evolution of Security ArchitecturePriyanka Aash
As companies evolve their IT stack, traditional security approaches/architectures need to be reconsidered. This session will review some of the new risks introduced by SaaS/IaaS adoption and show how to mitigate these risks using new approaches to security architecture. Presenters will also review the transition of security architecture itself to the cloud.
(Source: RSA USA 2016-San Francisco)
Aspirin as a Service: Using the Cloud to Cure Security HeadachesPriyanka Aash
Moving critical workloads into the cloud can be unnerving for security professionals. In reality, though, the cloud offers a whole new set of opportunities for the security team to do things even better than in their on-premises environment. Two seasoned cloud experts will explore the latest real-world, practical tools and techniques for becoming demonstrably more secure as you move to the cloud.
(Source: RSA USA 2016-San Francisco)
With the advent of virtualization and software-defined networking (SDN), the nature and design of today’s networks are changing rapidly. Network security models need to adapt to the virtual data center, and there are a plethora of new technologies that can help security and operations teams design scalable network security architectures that work in highly virtualized environments.
(Source: RSA USA 2016-San Francisco)
Is your SOC overwhelmed with alerts and threats? Cyber-adversaries are wielding tools and machine power, while organizations are still trying to scale their cybersecurity with OpEx and poorly planned CapEx spending. In this session, you will learn from a SOC expert about mistakes that have been made in the past, what we can do about it right now and what is in store as we move towards SOC 2030.
(Source: RSA Conference USA 2018)
Vodafone is one of the world’s largest telecommunications companies, enabling connectivity by providing mobile, fixed and IoT networks to customers around the world. Vodafone is redefining the boundary of the SOC and sees the balance between prevention, detection and response for both Vodafone’s organization and customers as vital. This session will describe the journey from reactive SOC to proactive cyber-defense.
(Source: RSA Conference USA 2018)
We’ve got more assets in the cloud than ever. Unfortunately, we also have less visibility and control in these environments, as well. Implementing detection and response controls that leverage cloud provider tools and controls, as well as automation strategies and processes, is critical for effective incident detection and response in hybrid cloud environments. This session will get you started!
(Source: RSA Conference USA 2018)
Want to detect threats in your organization? Stop reading every feed and curate your threat intel and content so they actually work for your security architecture. By managing meaningful threat intelligence so the external intel maps to internal threat models and curating your content sensibly, you can create a high-functioning SOC that both detects and defends against cyberattacks.
(Source: RSA Conference USA 2018)
Security Program Development for the Hipster CompanyPriyanka Aash
Cloud services have evolved and can now replace nearly every facet of traditional infrastructure. This movement has enabled rapid scale while introducing a considerable element of risk. This session will discuss a framework for getting started building a security program in an organization that is built purely on cloud services, covering the contradictions and opportunities of that business model.
(Source: RSA USA 2016-San Francisco)
Take It to the Cloud: The Evolution of Security ArchitecturePriyanka Aash
As companies evolve their IT stack, traditional security approaches/architectures need to be reconsidered. This session will review some of the new risks introduced by SaaS/IaaS adoption and show how to mitigate these risks using new approaches to security architecture. Presenters will also review the transition of security architecture itself to the cloud.
(Source: RSA USA 2016-San Francisco)
Aspirin as a Service: Using the Cloud to Cure Security HeadachesPriyanka Aash
Moving critical workloads into the cloud can be unnerving for security professionals. In reality, though, the cloud offers a whole new set of opportunities for the security team to do things even better than in their on-premises environment. Two seasoned cloud experts will explore the latest real-world, practical tools and techniques for becoming demonstrably more secure as you move to the cloud.
(Source: RSA USA 2016-San Francisco)
With the advent of virtualization and software-defined networking (SDN), the nature and design of today’s networks are changing rapidly. Network security models need to adapt to the virtual data center, and there are a plethora of new technologies that can help security and operations teams design scalable network security architectures that work in highly virtualized environments.
(Source: RSA USA 2016-San Francisco)
Is your SOC overwhelmed with alerts and threats? Cyber-adversaries are wielding tools and machine power, while organizations are still trying to scale their cybersecurity with OpEx and poorly planned CapEx spending. In this session, you will learn from a SOC expert about mistakes that have been made in the past, what we can do about it right now and what is in store as we move towards SOC 2030.
(Source: RSA Conference USA 2018)
Vodafone is one of the world’s largest telecommunications companies, enabling connectivity by providing mobile, fixed and IoT networks to customers around the world. Vodafone is redefining the boundary of the SOC and sees the balance between prevention, detection and response for both Vodafone’s organization and customers as vital. This session will describe the journey from reactive SOC to proactive cyber-defense.
(Source: RSA Conference USA 2018)
We’ve got more assets in the cloud than ever. Unfortunately, we also have less visibility and control in these environments, as well. Implementing detection and response controls that leverage cloud provider tools and controls, as well as automation strategies and processes, is critical for effective incident detection and response in hybrid cloud environments. This session will get you started!
(Source: RSA Conference USA 2018)
Want to detect threats in your organization? Stop reading every feed and curate your threat intel and content so they actually work for your security architecture. By managing meaningful threat intelligence so the external intel maps to internal threat models and curating your content sensibly, you can create a high-functioning SOC that both detects and defends against cyberattacks.
(Source: RSA Conference USA 2018)
Dave Hogue provided one of the first in-depth perspectives from a “Day in the Life” of NSA’s Cybersecurity Threat Operations Center (NCTOC)—the mission, threat landscape, and offer best principles for CISOs and other network defenders. Mr. Hogue equipped the audience with actionable insights that they can implement into their daily operations.
(Source: RSA Conference USA 2018)
Applying Auto-Data Classification Techniques for Large Data SetsPriyanka Aash
In the current data security landscape, large volumes of data are being created across the enterprise. Manual techniques to inventory and classify data makes it a tedious and expensive activity. To create a time and cost effective implementation of security and access controls, it becomes key to automate the data classification process.
(Source: RSA USA 2016-San Francisco)
Crypto 101: Encryption, Codebreaking, SSL and BitcoinPriyanka Aash
Cryptography is the underpinning of digital security. Get introduced to the building blocks of crypto, how they’re applied to secure web connections and bitcoin, and how cryptosystems are attacked in the wild.
(Source: RSA USA 2016-San Francisco)
Security is overdue for actionable forecasts. Like predicting the weather, similar models should work for vulnerabilities. With some open source data and a clever machine learning model, Kenna Securities can predict which vulnerabilities attackers are likely to write exploits for. Their model has 90 percent accuracy, one the day a vulnerability is released. The speaker will issue some forecasts live.
(Source: RSA Conference USA 2018)
PayPal delivers secure payment solutions across the world. Managing the security of customer data is expected across the financial services industry. This talk will focus on real-world strategies that PayPal has employed within our data environment, all while supporting multiple “As a Service,” “World-wide Scale,” “NoSQL” and “Cloud” technologies within a 10+-year-old company.
(Source: RSA USA 2016-San Francisco)
DON'T Use Two-Factor Authentication...Unless You Need It!Priyanka Aash
Conventional wisdom tells us to use two-factor authentication—and it does help to improve security. But the best way to reduce user-friction is to never require a person to authenticate. This talk will provide a modern solution to reconcile these two divergent imperatives by leveraging standard profiles of OAuth2 for “trust elevation.” Its not just the front door that needs protection!
(Source: RSA USA 2016-San Francisco)
Identity-Based Security and Privacy for the Internet of ThingsPriyanka Aash
The Internet of Things presents both a challenge and opportunity for identity management - a challenge because existing mechanisms for authentication & authorization must be extended and adapted for the particular constraints of devices (both legacy and new) and an opportunity because the devices that users more and more carry with them offer new abilities to enable a more seamless authentication experience for those users. Both of these aspects demand a consistent, cohesive and interoperable identity layer across IoT verticals, platforms, and protocols. Critically, we need an identity layer that acknowledges the full continuum of risk (and so appropriate security measures) that the IoT presents. Good security means knowing who entities (both device & user) are and what they should or should not be allowed to do. Good privacy requires that users will be able to control how their devices collect, store and share data. This talk will examine how existing & new tools (like OAuth, UMA, FIDO, and DLTs) may help meet these fundamental requirements for securing the IoT.
(Source: RSA Conference USA 2018)
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskPriyanka Aash
Time is of the essence when protecting your organization from complex cyberthreats. The clock doesn’t start when you have been breached—it’s always ticking. The board must articulate risk tolerances, management must set the strategy and IT must execute. The NIST CSF provides a common language for internal and external stakeholders, and helps the organization to stop translating and start defending.
Learning Objectives:
1: Learn how the NIST CSF can be used for more than just IT security.
2: Learn to use the CSF as a common language with the board, employees and customers.
3: Learn to adapt the CSF to the changing threat environment.
(Source: RSA Conference USA 2018)
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
Targeted attacks on critical infrastructure continue to increase in number and severity. We’ll present the latest data on these attacks: What is their goal? What are the attacker strategies? How are attacks supported by the darknet? We’ll discuss banking threats discovered at the “Big Board” at the RSA Anti-Fraud Control Center and Smart Grid threat detection in the EU SPARKS project.
(Source: RSA USA 2016-San Francisco)
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
Which are the most dangerous new attack techniques for 2016/2017? How do they work? How can you stop them? What's coming next and how can you prepare? This fast-paced session provides answers from the three people best positioned know: the head of the Internet Storm Center, the top hacker exploits expert/teacher in the U.S., and the top expert on cyberattacks on industrial control systems.
(Source: RSA USA 2016-San Francisco)
Cloud Breach – Preparation and ResponsePriyanka Aash
Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work! It won’t scale! This session will discuss response scenarios for cloud-enabled and cloud-dependent enterprises, a model for preparing for cloud response, and will show examples of cloud breach investigations.
(Source: RSA USA 2016-San Francisco)
The Good, the Bad and the Ugly of the Ultrasonic Communications EcosystemPriyanka Aash
While near-ultrasonic communications are gradually established as an alternative to Bluetooth and WiFi, the technology remains largely unregulated. This talk will go through the security challenges that the ecosystem faced from its inception, demonstrate its shortcomings and propose mitigations. The insights shared will inform potential adopters and those seeking to prevent security incidents.
Learning Objectives:
1: Learn about near-ultrasonic communication technology and the surrounding ecosystem.
2: Explore security shortcomings, privacy issues and mitigations.
3: Discover past and future security incidents, coupled with relevant insights.
(Source: RSA Conference USA 2018)
Arshan Dabirsiaghi, Contrast Security
Matt Austin, Contrast Security
Nothing in the security industry has moved the needle like Data Execution Prevention and it's sister protections like ASLR.
The availability of secure APIs, the training of developers around the world, and the efforts of security practitioners all produced practically nothing compared to the practical gains produced by DEP, ASLR and other "automatic" protections provided by the tool chain and OS itself.
Where is the equivalent in the Application Layer? Can we use these same techniques and approaches to stop SQL Injection and Deserialization attacks? Can we give developers a "secure stack by default" for any application?
In this talk we'll show you the promising results of our research into this space using binary instrumentation, including the release of free tools that developers can use to protect their applications today from several bug classes, instantly, and without any code changes.
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
Software-defined networking has come onto the scene and changed the way we think about moving packets throughout a network. But it has also morphed into multiple definitions and approaches, driven by both vendors and enterprise customers. But how does security fit into this picture? This talk will discuss the convergence of SDN and security and will try to make sense of them both.
Learning Objectives:
1: Understand all types of SDN.
2: Understand SDN and security.
3: Understand how a secure SDN makes a network safer.
(Source: RSA Conference USA 2018)
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
The increasing mobility of professional users has brought an end to the traditional corporate security perimeter. Google has reinvented its security perimeter around devices through its groundbreaking "BeyondCorp" initiative. In this talk, two Google security leaders will share how this transformation took place, where it's headed and how you can apply this approach to your organization.
(Source: RSA Conference USA 2017)
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DevicePriyanka Aash
Imagine being dependent on a wireless infusion pump to receive the correct dosage of life-supporting medication. Now imagine the implications, were that pump to be maliciously hacked. In this session learn more about how to successfully secure these medical devices, based on work being conducted at the National Cybersecurity Center of Excellence (NCCoE) with premier health care organizations.
(Source: RSA USA 2016-San Francisco)
Dave Hogue provided one of the first in-depth perspectives from a “Day in the Life” of NSA’s Cybersecurity Threat Operations Center (NCTOC)—the mission, threat landscape, and offer best principles for CISOs and other network defenders. Mr. Hogue equipped the audience with actionable insights that they can implement into their daily operations.
(Source: RSA Conference USA 2018)
Applying Auto-Data Classification Techniques for Large Data SetsPriyanka Aash
In the current data security landscape, large volumes of data are being created across the enterprise. Manual techniques to inventory and classify data makes it a tedious and expensive activity. To create a time and cost effective implementation of security and access controls, it becomes key to automate the data classification process.
(Source: RSA USA 2016-San Francisco)
Crypto 101: Encryption, Codebreaking, SSL and BitcoinPriyanka Aash
Cryptography is the underpinning of digital security. Get introduced to the building blocks of crypto, how they’re applied to secure web connections and bitcoin, and how cryptosystems are attacked in the wild.
(Source: RSA USA 2016-San Francisco)
Security is overdue for actionable forecasts. Like predicting the weather, similar models should work for vulnerabilities. With some open source data and a clever machine learning model, Kenna Securities can predict which vulnerabilities attackers are likely to write exploits for. Their model has 90 percent accuracy, one the day a vulnerability is released. The speaker will issue some forecasts live.
(Source: RSA Conference USA 2018)
PayPal delivers secure payment solutions across the world. Managing the security of customer data is expected across the financial services industry. This talk will focus on real-world strategies that PayPal has employed within our data environment, all while supporting multiple “As a Service,” “World-wide Scale,” “NoSQL” and “Cloud” technologies within a 10+-year-old company.
(Source: RSA USA 2016-San Francisco)
DON'T Use Two-Factor Authentication...Unless You Need It!Priyanka Aash
Conventional wisdom tells us to use two-factor authentication—and it does help to improve security. But the best way to reduce user-friction is to never require a person to authenticate. This talk will provide a modern solution to reconcile these two divergent imperatives by leveraging standard profiles of OAuth2 for “trust elevation.” Its not just the front door that needs protection!
(Source: RSA USA 2016-San Francisco)
Identity-Based Security and Privacy for the Internet of ThingsPriyanka Aash
The Internet of Things presents both a challenge and opportunity for identity management - a challenge because existing mechanisms for authentication & authorization must be extended and adapted for the particular constraints of devices (both legacy and new) and an opportunity because the devices that users more and more carry with them offer new abilities to enable a more seamless authentication experience for those users. Both of these aspects demand a consistent, cohesive and interoperable identity layer across IoT verticals, platforms, and protocols. Critically, we need an identity layer that acknowledges the full continuum of risk (and so appropriate security measures) that the IoT presents. Good security means knowing who entities (both device & user) are and what they should or should not be allowed to do. Good privacy requires that users will be able to control how their devices collect, store and share data. This talk will examine how existing & new tools (like OAuth, UMA, FIDO, and DLTs) may help meet these fundamental requirements for securing the IoT.
(Source: RSA Conference USA 2018)
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskPriyanka Aash
Time is of the essence when protecting your organization from complex cyberthreats. The clock doesn’t start when you have been breached—it’s always ticking. The board must articulate risk tolerances, management must set the strategy and IT must execute. The NIST CSF provides a common language for internal and external stakeholders, and helps the organization to stop translating and start defending.
Learning Objectives:
1: Learn how the NIST CSF can be used for more than just IT security.
2: Learn to use the CSF as a common language with the board, employees and customers.
3: Learn to adapt the CSF to the changing threat environment.
(Source: RSA Conference USA 2018)
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
Targeted attacks on critical infrastructure continue to increase in number and severity. We’ll present the latest data on these attacks: What is their goal? What are the attacker strategies? How are attacks supported by the darknet? We’ll discuss banking threats discovered at the “Big Board” at the RSA Anti-Fraud Control Center and Smart Grid threat detection in the EU SPARKS project.
(Source: RSA USA 2016-San Francisco)
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
Which are the most dangerous new attack techniques for 2016/2017? How do they work? How can you stop them? What's coming next and how can you prepare? This fast-paced session provides answers from the three people best positioned know: the head of the Internet Storm Center, the top hacker exploits expert/teacher in the U.S., and the top expert on cyberattacks on industrial control systems.
(Source: RSA USA 2016-San Francisco)
Cloud Breach – Preparation and ResponsePriyanka Aash
Your next breach or insider attack will most likely have you digging for evidence in the cloud. Are you prepared? The old styles of imaging disks and tapping networks won't work! It won’t scale! This session will discuss response scenarios for cloud-enabled and cloud-dependent enterprises, a model for preparing for cloud response, and will show examples of cloud breach investigations.
(Source: RSA USA 2016-San Francisco)
The Good, the Bad and the Ugly of the Ultrasonic Communications EcosystemPriyanka Aash
While near-ultrasonic communications are gradually established as an alternative to Bluetooth and WiFi, the technology remains largely unregulated. This talk will go through the security challenges that the ecosystem faced from its inception, demonstrate its shortcomings and propose mitigations. The insights shared will inform potential adopters and those seeking to prevent security incidents.
Learning Objectives:
1: Learn about near-ultrasonic communication technology and the surrounding ecosystem.
2: Explore security shortcomings, privacy issues and mitigations.
3: Discover past and future security incidents, coupled with relevant insights.
(Source: RSA Conference USA 2018)
Arshan Dabirsiaghi, Contrast Security
Matt Austin, Contrast Security
Nothing in the security industry has moved the needle like Data Execution Prevention and it's sister protections like ASLR.
The availability of secure APIs, the training of developers around the world, and the efforts of security practitioners all produced practically nothing compared to the practical gains produced by DEP, ASLR and other "automatic" protections provided by the tool chain and OS itself.
Where is the equivalent in the Application Layer? Can we use these same techniques and approaches to stop SQL Injection and Deserialization attacks? Can we give developers a "secure stack by default" for any application?
In this talk we'll show you the promising results of our research into this space using binary instrumentation, including the release of free tools that developers can use to protect their applications today from several bug classes, instantly, and without any code changes.
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
Software-defined networking has come onto the scene and changed the way we think about moving packets throughout a network. But it has also morphed into multiple definitions and approaches, driven by both vendors and enterprise customers. But how does security fit into this picture? This talk will discuss the convergence of SDN and security and will try to make sense of them both.
Learning Objectives:
1: Understand all types of SDN.
2: Understand SDN and security.
3: Understand how a secure SDN makes a network safer.
(Source: RSA Conference USA 2018)
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
The increasing mobility of professional users has brought an end to the traditional corporate security perimeter. Google has reinvented its security perimeter around devices through its groundbreaking "BeyondCorp" initiative. In this talk, two Google security leaders will share how this transformation took place, where it's headed and how you can apply this approach to your organization.
(Source: RSA Conference USA 2017)
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical DevicePriyanka Aash
Imagine being dependent on a wireless infusion pump to receive the correct dosage of life-supporting medication. Now imagine the implications, were that pump to be maliciously hacked. In this session learn more about how to successfully secure these medical devices, based on work being conducted at the National Cybersecurity Center of Excellence (NCCoE) with premier health care organizations.
(Source: RSA USA 2016-San Francisco)
In the movie, RoboCop is given three primary directives: "Serve the public trust, Protect the innocent, and Uphold the law". We built our own RoboCop in order to bring law and order to our CI/CD pipeline. DevOps practices are all about enabling fast and frequent delivery of new software. In order to keep pace in a DevOps culture, application security must be reliably integrated into the CI/CD pipeline.
Dom & Tom NYC Healthcare Cloud Meetup Case Study (5/4)Dominic Tancredi
On May 4, Dom & Tom cofounder Dominic Tancredi spoke to the NYC Healthcare Cloud Meetup group about DevSecOps. Here, he outlines a case study from Dignity Health Group and discusses DevSecOps at D&T.
Continuous Compliance is achievable, provided you leverage the cloud infrastructure APIs and applying Continuous Monitoring to your deployed resources. Here's how Evident.io is doing cloud security right.
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
Security Blind Spots
We need to automatically detect and report on security blind spots, including Sensitive Data that was not found in our initial Discovery and failures of deployed security control systems. Without formal and automated processes to detect and alert to new data discovery findings and critical security control failures as soon as possible, the window of time grows that allows attackers to identify a way to compromise the systems and steal sensitive data. This can also impact our real compliance posture.
Talk about application security in an agile world. How can security be integrated into agile and how can DevSecOps be leveraged to achieve security at scale at speed.
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
Myths & Realities of Data Security & Compliance - ISACA Atlanta - Ulf Mattsson Jul 22 2016.
Data breaches are on the rise. The constant threat of cyber attacks combined with the high cost and a shortage of skilled security engineers has put many companies at risk. There is a shift in cybersecurity investment and IT risk and security leaders must move from trying to prevent every threat and acknowledge that perfect protection is not achievable. PCI DSS 3.2 is out with an important update on data discovery and requirements to detect security control failures.
In this session, cybersecurity expert Ulf Mattsson will highlight current trends in the security landscape based on major industry report findings, and discuss how we should re-think our security approach.
Surrogate dependencies (in node js) v1.0Dinis Cruz
Present idea of Surrogate dependencies which:
- tests the API and replays responses
- use integration tests to ‘lock’ the api used
- save responses in JSON format
- sllow client to run offline
Enabling security at speed and scale requires building security as code which is often provided by software defined networks. The cloud offers software defined networks and some challenges to enabling safe workloads.
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
Forget the geeky analysis of cloud security; risk is driven by people involved and the approach to adoption. In this RSA Conference 2015 presentation, David Etue, VP of Corporate Strategy, Gemalto, reviews the complex issues around data ownership and control in the cloud. When so many people have access to your data, how do you keep it safe? Unshare it!
Much has been said about DevOps and SecDevOps for security automation and integration. However, to many in the security community, this is still a buzzword. There are many practical applications of automation in cloud security controls, however, across all security-related disciplines. This talk will delve into concrete examples of security automation in the cloud, with metrics examples, as well.
(Source : RSA Conference USA 2017)
Corpsec: “What Happened to Corpses A and B?”Priyanka Aash
Living BeyondCorp comes with its own challenges. This talk will dive into how Duo gets our hands around difficult problems regarding the security and management of cloud services and endpoints internally. This session will cover technical details of our security orchestration and automation approach, cloud service monitoring, and chatops-driven endpoint application whitelisting strategies.
(Source: RSA Conference USA 2018)
Pragmatic Security Automation for CloudPriyanka Aash
Everything in cloud computing is automated and API-enabled, giving security teams a big opportunity to build and embed security into infrastructures. From continuous guardrails to automated "afterburners" to speed up complex processes, this advanced session leverages the latest software-defined security techniques and shows how to integrate automation. Be prepared for demos, design patterns and a little code.
(Source: RSA Conference USA 2018)
Serverless Security: Are you ready for the Future?James Wickett
Talk from RSA 2017 on Serverless Security and the 4 areas of growth for security in the world of serverless. In this talk, there is also the first release of lambhack, an open source, vulnerable lambda-based serverless stack demoing arbitrary code execution in lambda.
Hardening the cloud : Assuring agile security in high-growth environmentsPriyanka Aash
Modern businesses recognize one of the greatest challenges they face on a day-to-day basis is meeting the demand for security at speed without jeopardizing protection; this is especially true in high-growth environments. This session will deliver IT and security professionals actionable, real-world insights aimed to improve AWS security strategies at minimal cost while delivering high value.
(Source : RSA Conference USA 2017)
You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next?
Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies.
Join us to learn:
• How security will be integrated into the overall processes of development and deployment.
• How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed.
• How to be successful with API-enabled, continuous security tools in the cloud.
• How to operationalize security alarms, enabling world-class incident response and remediation capabilities.
You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next?
Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages.
It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations.
In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies.
This slide deck covers:
- How security will be integrated into the overall processes of development and deployment.
- How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed.
- How to be successful with API-enabled, continuous security tools in the cloud.
- How to operationalize security alarms, enabling world-class incident response and remediation capabilities.
Building an Enterprise-scale DevSecOps Infrastructure: Lessons LearnedPrateek Mishra
The DevSecOps concept is widely accepted yet its implementation at enterprise-scale presents challenges. This session will describe three challenges and software solutions that address them: 1) dozens of autonomous teams using varied tooling to build applications; 2) use of many different scanning tools and security information sources; and 3) Identity and context aware security guidance to development teams.
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
Nico Popp, Vice President, Information Protection, Symantec explains. As users, infrastructure and applications move to the cloud at a record-breaking pace, the cloud has become a paradox: both a dream and a nightmare. Accessibility, scale, price and elasticity drive high adoption while security is a source of constant concern. This session will focus on a practical four pillar model for enterprise cloud security, all supported by real-world implementation.
Building and Adopting a Cloud-Native Security ProgramPriyanka Aash
Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—all of which smacks security programs square in the face. This session will leverage the nearly 20 years of the speakers’ combined cloud experience to lay out a complete strategy for building out a cloud-first security program that covers infrastructure and application development.
(Source: RSA Conference USA 2018)
It about the technical session. I have given a talk so that local people know about the cloud and they feel motivated to work with the cloud. It was basically for newbies who are planning to start their career. I tried to show them who they would be a cloud engineer what's will be their future responsibility and more.
Recon for the Defender: You Know Nothing (about Your Assets), Jon SnowPriyanka Aash
Understanding what you own is step one in securing your assets. A simple concept that still escapes the grasp of most, and it’s getting harder in a cloud-enabled world. Despite this struggle there’s a plethora of APIs and publicly available data to give you a jumpstart on identifying high-risk assets. This session will share techniques and tools to gather data and identify unknown risks.
Learning Objectives:
1: Learn about sources and methods to identify public, unknown assets.
2: Gain access to OSS tooling allowing defenders to operationalize asset inventory process.
3: Learn to apply risk methods using public data attributes to understand quantitative risk.
(Source: RSA Conference USA 2018)
RSA 2018: Recon For the Defender - You know nothing (about your assets)Jonathan Cran
Ed Bellis and Jonathan Cran of Kenna Security discuss a number of fast-moving, emerging threats to the enterprise and provide insight into ways that organizations can get ahead by adding a recon capability - adding more visibility of their exposure & allowing enough time for patch windows.
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxlior mazor
Our technology, work processes, and activities all depend on if we trust our software to be developed in a safe and secure manner. Join us virtually for our upcoming "Secure Your DevOps Pipeline: Best Practices" Meetup to learn how to integrate security in the development process, DevSecOps advance methods, manage the implement secure coding analysis and how to manage software security risks.
Similar to CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery (20)
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
10. #RSAC
Direct Connections/VPNs to Clouds are evil!
10
CloudProviderNetwork
DataCenter
PUBLIC SUBNET
APP
DATABASE
DATABASE
APP
PUBLIC SUBNET
VPN
Cloud Web Console
API Credentials
“NEW” BOUNDARY HAS ALL THE WEAKNESSES OF BOTH AND MIXES TWO DIFFERENT SECURITY MODELS!
Remote Access
PRIVATE
SOFTWARE VPN
MANAGED VPN
10.0.0.0/8
Connected & Routable?
No IDS?
What do you mean the
IP could change?
Tags? Security
Groups? SDE?
11. #RSAC
Cloud Lateral Movement …
11
An Application vulnerability can
lead to a Cloud Account
Takeover
Most apps require traditional
defense in depth which doesn’t
apply to cloud apps
Baselines are really important
and drift management essential
CloudAccount
Vulnerable App
Create
Instance/Role
/User
Account
Takeover
Remote Shell
12. #RSAC
Beware of Orchestrators…
12
Orchestration creates blast radius
because it centralizes the
deployment/security for cloud
workloads.
Tools that act on behalf usually
require credentials and create
blindspots.
Non-native tools require
specialized skills and make it
difficult to gain context on what
the right behavior should be.
Cloud Orchestration Platform
CloudProviderNetwork
A B C
CloudAccount
CloudAccount
CloudAccount
secrets
What’s normal?
13. #RSAC
MFA is a MUST!
13
Passwords don’t work.
Passwords aren’t enough to protect
infrastructure.
API Credentials and Roles can be
misappropriated
Most Cloud Environments and Apps
have one level of access
On some cloud platforms it is possible
to make roles work only when MFA is
provided and for certain actions to
require MFA
123456
Implement cloud template…
API Credentials accepted...
Please input your MFA token:
XXXXXX (123456)
Cloud stack 123 has been implemented.
Phishing can be
detrimental
MFA can be applied
to Accounts and
some api calls
14. #RSAC
Selfie for Forensics
14
Full Account Snapshot (Roles,
Instances, Managed Services)
Used to determine what
happened along with Audit
Trails
Ability to clone and perform
sandbox analysis Selfie
CloudProviderNetwork
A B C
CloudAccount
CloudAccount
CloudAccount
Cloud Account Snapshot
16. #RSAC
Missing Tools of the Trade
Enumeration tools for API discovery and drift detection are few and far
between
Scanners are missing Cloudy capabilities, ie. Credential Discovery, API
Integrations, Pathway Enumeration
Varying levels of resources and 3rd party add-ons create visibility challenges
Permissions are not granular enough and role inheritance is missing
Hard to create coarse grained controls to allow for innovation
Network monitoring and controls are not easily passed to cloud customers
17. #RSAC
Cloud Security is a Big Data Challenge…
DevOps + Security is the
biggest big data challenge
ahead.
Use Attack Models and choose
the right Data Sources to
discover attacks in near real-
time.
Develop a scientific approach
to help DevOps teams get the
security feedback loop they
have been looking for.
17
• Web Access Logs
• Java Instrumentation
• Proxy Logs
• DNS Logs
20. #RSAC
Apply what you learned today…
20
Next week you should:
Understand how your organization is or plans to use cloud providers
Identify cloud workloads and virtual blast radius within your organization
In the first 3 months following this presentation you should:
Begin to build Security as Code skills and run cloud security experiments to understand the
issues
Develop Crawl-Walk-Run plans to help your organization build security into cloud workloads
Within 6 months you should:
Cloud workloads have been instrumented for known security issues and flagged during the
Continuous Delivery of software to the cloud
Your group has begun to test using Red Team methods and automation to ensure end-to-end
security for your cloud workloads
Remediation happens in hours to days as a result of automation
21. #RSAC
Get Involved &
Join the Community
devsecops.org
@devsecops on Twitter
DevSecOps on LinkedIn
DevSecOps on Github
RuggedSoftware.org
Compliance at Velocity
Join Us !!!
Spread the word!!!
21