SlideShare a Scribd company logo
November	15,	2016
Security,	Identity,	and	DevOps,	oh	my…
Chris	Sanchez,	Founder	and	CTO,	zibernetics
Twitter	- @CSanchezAustin
chris@zibernetics.com
November	15,	2016
November	15,	2016
November	15,	2016Post questions to #security-track
Background
• 20+	years	in	Austin	Technology	as	an	Engineer,	Manager,	Mentor,	Executive,	and	Entrepreneur
• Tech	Veteran	– iChat/Acuity,	CALEB	Technologies,	Webify,	PointSource,	21CT,	CognitiveScale,	Sun	
Microsystems,	IBM
• Passion	for	Identity	and	DevOps
• Founded	zibernetics	in	2015
– Research	and	Development	projects
• Identity,	HIPAA	Security,	DevOps,	Cloud,	Linux
– Consultancy	for	early	stage	and	growth	startups
November	15,	2016Post questions to #security-track
Pop	Quiz:	Why	is	this	bad?	
pg_hba.conf
host all pgbot 192.168.5.0/24 trust
host all pgbot 172.20.0.0/16 trust
First	2	people	to	post	the	most	
interesting	security	issues	to	the	
#security-track with	#IdentityOps	will	
win	a	bumper	sticker.	è
#IdentityOps
November	15,	2016Post questions to #security-track
DevOps	is	hard	because	____
moving	fast,	lot	of	tooling,	skills,	knowledge
November	15,	2016Post questions to #security-track
What	makes	it	harder?
The	Business	is	moving	faster
November	15,	2016Post questions to #security-track
What	makes	it	harder?
and	changing…
November	15,	2016Post questions to #security-track
and	harder
Security	is	hard
November	15,	2016Post questions to #security-track
…and	harder
Security	gets	little	to	no	planning
November	15,	2016Post questions to #security-track
What’s	needed?
Security	Strategy	ó DevOps	Strategy
November	15,	2016Post questions to #security-track
There's	no	need	to	fear,	IdentityOps	is	here.
What	is	IdentityOps?
Security	– Treat	as	a	first	class	citizen
Identity	– Right	resource,	time,	reason
DevOps	– Security	that	scales
November	15,	2016Post questions to #security-track
IdentityOps	Essentials
November	15,	2016Post questions to #security-track
Use	Case:	SSH	Access
– Use	Case: Provide	user-level	access	to	Linux	servers	and	
support	business	and	IT	policy
– Solution	Options:	SSH	Public	Key	Authentication
– Advantages:
• Well	understood	and	secure	solution
• Very	good	support	by	all	Linux	distributions
– Challenges:
• Only	provides	for	authn,	not	authz
• More	operational	overhead	– e.g.	user	management
November	15,	2016Post questions to #security-track
Use	Case:	SSH	Access
• Solution:	SSH	Fabric
– Model	the	concept	of	Users,	Layers,	Groups,	and	
Hosts	as	virtual	objects	that	are	overlaid	on	top	of	an	
existing	Linux	infrastructure
– Keeps	ssh keys	centralized	in	an	LDAP	Directory	(not	
authorized_keys file)	and	deliver	real-time	for	authn
– Advanced	authorization	that	integrates	with	PAM	for	
seamless,	fine-grained	authz
– Centralized	policy	for	sudo access
November	15,	2016Post questions to #security-track
1)	Model	Concepts
November	15,	2016Post questions to #security-track
1)	Model	Concepts
Layers
Hosts
prod_pub
Groups
Users
November	15,	2016Post questions to #security-track
2)	Centralize	SSH	Keys
LDAP	Schema
November	15,	2016Post questions to #security-track
2)	Centralize	SSH	Keys
Configure	SSH:	/etc/ssh/sshd_config
November	15,	2016Post questions to #security-track
2)	Centralize	SSH	Keys
Custom	Script:	sshldap-pubkey.sh
November	15,	2016Post questions to #security-track
3)	Configure	PAM
Configure	LDAP:	/etc/ldap.conf
November	15,	2016Post questions to #security-track
3)	Configure	PAM
Force	TLS	to	LDAP
November	15,	2016Post questions to #security-track
3)	Configure	PAM
Configure	Authz:	/etc/pam.d/common-account
November	15,	2016Post questions to #security-track
3)	Configure	PAM
Configure	Authn:	/etc/pam.d/common-auth
November	15,	2016Post questions to #security-track
3)	Configure	PAM
Enable	LDAP:	/etc/nsswitch.conf
November	15,	2016Post questions to #security-track
Restrict	Host	Access:	/etc/security/access.conf
4)	Configure	sudo
November	15,	2016Post questions to #security-track
4)	Configure	sudo
Create	sudo rule:	/etc/sudoers.d/sshldap
November	15,	2016Post questions to #security-track
LDAP	and	Linux	are	Connected
5)	Test	SSH	Fabric
November	15,	2016Post questions to #security-track
5)	Test	SSH	Fabric
Policy	Allow:	grp_itops,	security_admins
November	15,	2016Post questions to #security-track
5)	Test	SSH	Fabric
Policy	Deny:	All	other
November	15,	2016Post questions to #security-track
5)	Test	SSH	Fabric
Update	Policy
November	15,	2016Post questions to #security-track
5)	Test	SSH	Fabric
Policy	Allow:	ops_prv
November	15,	2016Post questions to #security-track
5)	Test	SSH	Fabric
Policy	Allow	Sudo:	ops-prv-sudo
November	15,	2016Post questions to #security-track
Use	Case:	Docker	Access
– Use	Case: Provide	access	to	Docker	runtime	
while	supporting	business	and	IT	policy
– Solution	Options:	Docker	group	or	Authz plug-in
– Advantages:
• Users	don’t	require	admin	access
• Plug-in	architecture	is	very	flexible	(Authz)
– Challenges:
• Have	to	rely	on	local	Linux	groups
• Docker	group	or	Admin	access	is	required
• Access	is	coarse	– you	can	do	anything
November	15,	2016Post questions to #security-track
Use	Case:	Docker	Access
• Solution:	Docker	Fabric
– Model	the	concept	of	Users,	Layers,	Groups,	and	
Hosts	as	virtual	objects	that	are	overlaid	on	top	of	
an	existing	Linux	infrastructure	(same	as	previous	
use	case)
– Centralized	policy	for	User-level	access	to	Docker	
(via	TLS	and	Flask	app)
– Keeps	rules	centralized	a	repository	that	are	
enforced	at	runtime	(same	as	previous	use	case)
November	15,	2016Post questions to #security-track
2)	Centralize	Policy	for	User-level	Access
Setup	Docker	Group:	/etc/default/docker
November	15,	2016Post questions to #security-track
2)	Centralize	Policy	for	User-level	Access
Update	Docker	socket	access:	/lib/systemd/system/docker.socket
November	15,	2016Post questions to #security-track
2)	Centralize	Policy	for	User-level	Access
Create	Authz Plugin:	/etc/default/docker_fabric_authz
November	15,	2016Post questions to #security-track
2)	Centralize	Policy	for	User-level	Access
Create	Authz Plugin:	/etc/systemd/system/docker.service.d/docker_fabric_authz.conf
November	15,	2016Post questions to #security-track
2)	Centralize	Policy	for	User-level	Access
Create	Authz Plugin:	/usr/local/bin/docker_fabric_authz.py
November	15,	2016Post questions to #security-track
export theUser="Branton Davis”
alias dockera="docker -H=$(hostname):2376 
--tlsverify 
--tlscacert=/etc/zinet/pki/server/zibernetics-int-cacert.crt 
--tlscert="/etc/zinet/pki/user/${theUser}.crt" 
--tlskey="/etc/zinet/pki/user/${theUser}.ukey" "
4)	Test	Docker	Fabric
November	15,	2016Post questions to #security-track
4)	Test	Docker	Fabric
Policy	Deny:	All	others
November	15,	2016Post questions to #security-track
4)	Test	Docker	Fabric
Update	Policy
November	15,	2016Post questions to #security-track
4)	Test	Docker	Fabric
Policy	Allow:	ops_prv
November	15,	2016Post questions to #security-track
IdentityOps	Summary
DirectoryBusiness	Policies Linux.	Docker
November	15,	2016Post questions to #security-track
IdentityOps	Summary
Centralized,	real-time	policy	for	
access	management
Uniform	application	of	policy	and	
real-time	enforcement
Better	operational	efficiency
Enable	use	cases:	least	privilege,	
nonrepudiation,	segregation	of	
duties,	auditability
November	15,	2016Post questions to #security-track
W:	http://www.zibernetics.com T:	@CSanchezAustin E:	chris@zibernetics.com
First	person	to	post	Wile	E.	Coyote’s	
middle	name	to	the	#security-track
with	#IdentityOps	will	win	a	bumper	
sticker.	è
#IdentityOps
November	15,	2016Post questions to #security-track
Thank	you!
W:	http://www.zibernetics.com T:	@CSanchezAustin E:	chris@zibernetics.com

More Related Content

Viewers also liked

Application Secret Management with KMS
Application Secret Management with KMSApplication Secret Management with KMS
Application Secret Management with KMS
Sonatype
 
My Little Webap - DevOpsSec is Magic
My Little Webap - DevOpsSec is MagicMy Little Webap - DevOpsSec is Magic
My Little Webap - DevOpsSec is Magic
Apollo Clark
 
The Retail Enterprise - And the rise of the omni-present consumer Part 2
The Retail Enterprise - And the rise of the omni-present consumer Part 2The Retail Enterprise - And the rise of the omni-present consumer Part 2
The Retail Enterprise - And the rise of the omni-present consumer Part 2
Zensar Technologies Ltd.
 
Devops security
Devops securityDevops security
Devops security
Logicaltrust pl
 
Devops/Sysops security
Devops/Sysops securityDevops/Sysops security
Devops/Sysops security
Logicaltrust pl
 
Beschikbaar jr. HBO Netwerk/Security/DevOps Engineer
Beschikbaar jr. HBO Netwerk/Security/DevOps EngineerBeschikbaar jr. HBO Netwerk/Security/DevOps Engineer
Beschikbaar jr. HBO Netwerk/Security/DevOps Engineer
Marc Servaes (06-47841367)
 
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Akond Rahman
 
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
Sonatype
 
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
Christian Schneider
 
Security and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsSecurity and dev ops for high velocity organizations
Security and dev ops for high velocity organizations
Chef
 
DevOps and IT security
DevOps and IT securityDevOps and IT security
DevOps and IT security
ch.osme
 
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
Sonatype
 
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)
Arjun Comar
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Black Duck by Synopsys
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
Sonatype
 
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul ReedRelease Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
SeniorStoryteller
 
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Denim Group
 
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionScaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
SeniorStoryteller
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecureSecurity & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Puppet
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devops
James '​-- Mckinlay
 

Viewers also liked (20)

Application Secret Management with KMS
Application Secret Management with KMSApplication Secret Management with KMS
Application Secret Management with KMS
 
My Little Webap - DevOpsSec is Magic
My Little Webap - DevOpsSec is MagicMy Little Webap - DevOpsSec is Magic
My Little Webap - DevOpsSec is Magic
 
The Retail Enterprise - And the rise of the omni-present consumer Part 2
The Retail Enterprise - And the rise of the omni-present consumer Part 2The Retail Enterprise - And the rise of the omni-present consumer Part 2
The Retail Enterprise - And the rise of the omni-present consumer Part 2
 
Devops security
Devops securityDevops security
Devops security
 
Devops/Sysops security
Devops/Sysops securityDevops/Sysops security
Devops/Sysops security
 
Beschikbaar jr. HBO Netwerk/Security/DevOps Engineer
Beschikbaar jr. HBO Netwerk/Security/DevOps EngineerBeschikbaar jr. HBO Netwerk/Security/DevOps Engineer
Beschikbaar jr. HBO Netwerk/Security/DevOps Engineer
 
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
 
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
Meta Infrastructure as Code: How Capital One Automated Our Automation Tools w...
 
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
Security DevOps - Wie Sie in agilen Projekten trotzdem sicher bleiben // DevO...
 
Security and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsSecurity and dev ops for high velocity organizations
Security and dev ops for high velocity organizations
 
DevOps and IT security
DevOps and IT securityDevOps and IT security
DevOps and IT security
 
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
 
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
 
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul ReedRelease Engineering & Rugged DevOps: An Intersection - J. Paul Reed
Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed
 
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
 
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionScaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecureSecurity & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
 
BsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devopsBsidesMCR_2016-what-can-infosec-learn-from-devops
BsidesMCR_2016-what-can-infosec-learn-from-devops
 

Similar to Security, Identity, and DevOps, oh my - Print

Operationalizing Red Teaming for Fun and Profit
Operationalizing Red Teaming for Fun and ProfitOperationalizing Red Teaming for Fun and Profit
Operationalizing Red Teaming for Fun and Profit
Sonatype
 
CV | Michele Spagnuolo
CV | Michele SpagnuoloCV | Michele Spagnuolo
CV | Michele Spagnuolo
Michele Spagnuolo
 
An End to End Stack for a Container Age - Continuous Delivery London 2016
An End to End Stack for a Container Age - Continuous Delivery London 2016An End to End Stack for a Container Age - Continuous Delivery London 2016
An End to End Stack for a Container Age - Continuous Delivery London 2016
Chris Jackson
 
Introduction to Business for Software Developers
Introduction to Business for Software DevelopersIntroduction to Business for Software Developers
Introduction to Business for Software Developers
Chris Cera
 
Fringe IA (InfoCamp Seattle 2013)
Fringe IA (InfoCamp Seattle 2013)Fringe IA (InfoCamp Seattle 2013)
Fringe IA (InfoCamp Seattle 2013)
Michael Adcock
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
Peter Wood
 
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
Manuel Pais
 
The Future of-the CMS (Twin Cities DrupalCamp 2015)
The Future of-the CMS (Twin Cities DrupalCamp 2015)The Future of-the CMS (Twin Cities DrupalCamp 2015)
The Future of-the CMS (Twin Cities DrupalCamp 2015)
Todd Ross Nienkerk
 
Question of trust
Question of trustQuestion of trust
Question of trust
ssuserd8f6cf1
 
Four Kitchens Presents: Future of the CMS
Four Kitchens Presents: Future of the CMSFour Kitchens Presents: Future of the CMS
Four Kitchens Presents: Future of the CMS
Four Kitchens
 
Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...
Ajay p
 
Chandu cyber security career path
Chandu cyber security career pathChandu cyber security career path
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
SeniorStoryteller
 
Websauna - introduction to the best Python web framework
Websauna - introduction to the best Python web frameworkWebsauna - introduction to the best Python web framework
Websauna - introduction to the best Python web framework
Mikko Ohtamaa
 
5 Reasons to Attend the Upcoming Watson Developer Conference
5 Reasons to Attend the Upcoming Watson Developer Conference5 Reasons to Attend the Upcoming Watson Developer Conference
5 Reasons to Attend the Upcoming Watson Developer Conference
IBM Watson
 
How I Cloned Myself Using AI - Next Gen Social Engineering
How I Cloned Myself Using AI - Next Gen Social EngineeringHow I Cloned Myself Using AI - Next Gen Social Engineering
How I Cloned Myself Using AI - Next Gen Social Engineering
titanlambda
 
Recruiting Great Engineers in Six Easy Steps
Recruiting Great Engineers in Six Easy StepsRecruiting Great Engineers in Six Easy Steps
Recruiting Great Engineers in Six Easy Steps
Aleksandr Yampolskiy
 
Software Architecture as Systems Dissolve
Software Architecture as Systems DissolveSoftware Architecture as Systems Dissolve
Software Architecture as Systems Dissolve
Eoin Woods
 
2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery
devopsdaysaustin
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
North Texas Chapter of the ISSA
 

Similar to Security, Identity, and DevOps, oh my - Print (20)

Operationalizing Red Teaming for Fun and Profit
Operationalizing Red Teaming for Fun and ProfitOperationalizing Red Teaming for Fun and Profit
Operationalizing Red Teaming for Fun and Profit
 
CV | Michele Spagnuolo
CV | Michele SpagnuoloCV | Michele Spagnuolo
CV | Michele Spagnuolo
 
An End to End Stack for a Container Age - Continuous Delivery London 2016
An End to End Stack for a Container Age - Continuous Delivery London 2016An End to End Stack for a Container Age - Continuous Delivery London 2016
An End to End Stack for a Container Age - Continuous Delivery London 2016
 
Introduction to Business for Software Developers
Introduction to Business for Software DevelopersIntroduction to Business for Software Developers
Introduction to Business for Software Developers
 
Fringe IA (InfoCamp Seattle 2013)
Fringe IA (InfoCamp Seattle 2013)Fringe IA (InfoCamp Seattle 2013)
Fringe IA (InfoCamp Seattle 2013)
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
 
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
Beating the 1:100 Odds with Team Design for Security @ Open Security Summit, ...
 
The Future of-the CMS (Twin Cities DrupalCamp 2015)
The Future of-the CMS (Twin Cities DrupalCamp 2015)The Future of-the CMS (Twin Cities DrupalCamp 2015)
The Future of-the CMS (Twin Cities DrupalCamp 2015)
 
Question of trust
Question of trustQuestion of trust
Question of trust
 
Four Kitchens Presents: Future of the CMS
Four Kitchens Presents: Future of the CMSFour Kitchens Presents: Future of the CMS
Four Kitchens Presents: Future of the CMS
 
Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...
 
Chandu cyber security career path
Chandu cyber security career pathChandu cyber security career path
Chandu cyber security career path
 
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
 
Websauna - introduction to the best Python web framework
Websauna - introduction to the best Python web frameworkWebsauna - introduction to the best Python web framework
Websauna - introduction to the best Python web framework
 
5 Reasons to Attend the Upcoming Watson Developer Conference
5 Reasons to Attend the Upcoming Watson Developer Conference5 Reasons to Attend the Upcoming Watson Developer Conference
5 Reasons to Attend the Upcoming Watson Developer Conference
 
How I Cloned Myself Using AI - Next Gen Social Engineering
How I Cloned Myself Using AI - Next Gen Social EngineeringHow I Cloned Myself Using AI - Next Gen Social Engineering
How I Cloned Myself Using AI - Next Gen Social Engineering
 
Recruiting Great Engineers in Six Easy Steps
Recruiting Great Engineers in Six Easy StepsRecruiting Great Engineers in Six Easy Steps
Recruiting Great Engineers in Six Easy Steps
 
Software Architecture as Systems Dissolve
Software Architecture as Systems DissolveSoftware Architecture as Systems Dissolve
Software Architecture as Systems Dissolve
 
2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery2016 - Safely Removing the Last Roadblock to Continuous Delivery
2016 - Safely Removing the Last Roadblock to Continuous Delivery
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 

Recently uploaded

Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
ShulagnaSarkar2
 
What’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete RoadmapWhat’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete Roadmap
Envertis Software Solutions
 
Benefits of Artificial Intelligence in Healthcare!
Benefits of  Artificial Intelligence in Healthcare!Benefits of  Artificial Intelligence in Healthcare!
Benefits of Artificial Intelligence in Healthcare!
Prestware
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Paul Brebner
 
Boost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management AppsBoost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management Apps
Jhone kinadey
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
sjcobrien
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
ervikas4
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
Tier1 app
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging  a  Tech AgencyPreparing Non - Technical Founders for Engaging  a  Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
ISH Technologies
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Peter Muessig
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
brainerhub1
 
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
kalichargn70th171
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
Bert Jan Schrijver
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 

Recently uploaded (20)

Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
 
What’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete RoadmapWhat’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete Roadmap
 
Benefits of Artificial Intelligence in Healthcare!
Benefits of  Artificial Intelligence in Healthcare!Benefits of  Artificial Intelligence in Healthcare!
Benefits of Artificial Intelligence in Healthcare!
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
 
Boost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management AppsBoost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management Apps
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging  a  Tech AgencyPreparing Non - Technical Founders for Engaging  a  Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
 
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 

Security, Identity, and DevOps, oh my - Print