Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
The payoff of successful Digital Transformation can be essential for companies engaged in highly-competitive markets. Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Based on real-life projects and experience from recent years, this session provides a quick insight into the role that the Cloud plays within Digital Transformation initiatives, touching on challenges companies usually face when dealing with governance, security, change management & cost-control. Examples and case studies included.
Security & Compliance in the Cloud [2019]Tudor Damian
Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked. While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Modern cybersecurity threats, and shiny new tools to help deal with themTudor Damian
With cybersecurity threats changing rapidly, we definitely need a new set of tools to be able to prevent and address them more efficiently: malware is becoming more complex and harder to detect, malicious insider attacks are on the rise and zero-day exploits make their way to the public much quicker than before. Join this session to see how Windows Server 2016 and Windows 10 can help organizations deal with this ever-changing security ecosystem by providing them with ways to better secure their environment and data. We’ll touch on topics such as malware & threat resistance, identity & access control, virtualization-based security, configurable code integrity, remote attestation and a few others.
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
The payoff of successful Digital Transformation can be essential for companies engaged in highly-competitive markets. Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Based on real-life projects and experience from recent years, this session provides a quick insight into the role that the Cloud plays within Digital Transformation initiatives, touching on challenges companies usually face when dealing with governance, security, change management & cost-control. Examples and case studies included.
Security & Compliance in the Cloud [2019]Tudor Damian
Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked. While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
With the emergence of the Cloud, IT risk has suffered yet another radical transformation. The past couple of years have also brought along new vulnerabilities, exploits, and attack methods, as well as new data privacy requirements such as the GDPR. While all of these things require significant changes to any existing processes and tools, they mostly require a different approach when catering to people's IT security awareness, especially when moving to the Cloud.
Modern cybersecurity threats, and shiny new tools to help deal with themTudor Damian
With cybersecurity threats changing rapidly, we definitely need a new set of tools to be able to prevent and address them more efficiently: malware is becoming more complex and harder to detect, malicious insider attacks are on the rise and zero-day exploits make their way to the public much quicker than before. Join this session to see how Windows Server 2016 and Windows 10 can help organizations deal with this ever-changing security ecosystem by providing them with ways to better secure their environment and data. We’ll touch on topics such as malware & threat resistance, identity & access control, virtualization-based security, configurable code integrity, remote attestation and a few others.
The state of web applications (in)security @ ITDays 2016Tudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach, especially after some of last years' heavily publicized cyber breaches. Join this session for a high-level overview on the industry trends in the area of web application security, and find out why security is bound to become a hot topic in any organization developing or using web applications.
2016, A new era of OS and Cloud SecurityTudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach when it comes to security, especially after some of last years’ heavily publicized incidents. Join this session for a discussion on what Microsoft is doing to protect against these new security threats with fresh approaches taken both at the server & client OS level, as well as in Azure.
Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked.
While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
This session intends to address business risks related to the use of IT, looking at industry standards, frameworks and best practices, as well as focusing on real world examples and specific plans on how to implement IT Risk Management on every level of your company.
There is no doubt that Intrusion Detection Systems should be incorporated into any security infrastructure, however today’s IDS implementations are far from perfect. Security Managers should continue to add layers to their defense strategy and not place too much reliance on this technology, as it’s not easy to create a system that can effectively flag an attack without crashing under the weight of its own logs, operate relatively maintenance free and respond appropriately to benign anomalous events without raising too many false alarms.
This session discusses some of the most common techniques aimed at evading IDS detection order to easily attack the infrastructure sitting behind those systems.
DefCamp #5, Bucharest, November 29th
Just as a chain is as weak as its weakest link, computer systems are as vulnerable as their weakest component – and that’s rarely the technology itself, it’s more often the people using it. This is precisely why it’s usually easier to exploit people’s natural inclination to trust than it is to discover ways to hack into computer systems. As the art of manipulating people into them giving up confidential information, Social Engineering has been a hot topic for many years. This session will discuss some of the most common Social Engineering techniques and countermeasures.
Azure Site Recovery and System Center Tudor Damian
Azure Site Recovery is a cloud-based service that automates virtual machine fail-over across sites. The service integrates with Virtual Machine Manager which manages on-premises Hyper-V servers. Hyper-V Replica technology replicates virtual machine configuration and data across sites. Based on customer feedback, support for SAN replication is important. This session covers the scenarios in scope, solution architecture, and SAN integration using SMI-S.
Upgrading your Private Cloud to Windows Server 2012 R2Tudor Damian
Learn about the functionality and processes that are available to enable you to move your private cloud deployments to Windows Server 2012 R2 with zero downtime. Understand the options that are available to you and the considerations that need to be made as you determine the best path for continuing to keep your environment on the best technology available for private clouds today. This session covers the end to end approach including Hyper-V, Clustering, Storage and SCVMM.
O scurta introducere in arhitectura Hyper-V R2 si Linux Integration Services v2.1, precum si o detaliere a unor solutii de management si instrumente utile in gazduirea sistemelor Linux sub Hyper-V - video screencast pe Vimeo: http://www.vimeo.com/15466169
The state of web applications (in)security @ ITDays 2016Tudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach, especially after some of last years' heavily publicized cyber breaches. Join this session for a high-level overview on the industry trends in the area of web application security, and find out why security is bound to become a hot topic in any organization developing or using web applications.
2016, A new era of OS and Cloud SecurityTudor Damian
The global security landscape is changing, now more than ever. With cloud computing gaining momentum and advanced persistent threats becoming a common occurrence, the industry is taking a more focused and serious approach when it comes to security, especially after some of last years’ heavily publicized incidents. Join this session for a discussion on what Microsoft is doing to protect against these new security threats with fresh approaches taken both at the server & client OS level, as well as in Azure.
Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked.
While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives.
This session intends to address business risks related to the use of IT, looking at industry standards, frameworks and best practices, as well as focusing on real world examples and specific plans on how to implement IT Risk Management on every level of your company.
There is no doubt that Intrusion Detection Systems should be incorporated into any security infrastructure, however today’s IDS implementations are far from perfect. Security Managers should continue to add layers to their defense strategy and not place too much reliance on this technology, as it’s not easy to create a system that can effectively flag an attack without crashing under the weight of its own logs, operate relatively maintenance free and respond appropriately to benign anomalous events without raising too many false alarms.
This session discusses some of the most common techniques aimed at evading IDS detection order to easily attack the infrastructure sitting behind those systems.
DefCamp #5, Bucharest, November 29th
Just as a chain is as weak as its weakest link, computer systems are as vulnerable as their weakest component – and that’s rarely the technology itself, it’s more often the people using it. This is precisely why it’s usually easier to exploit people’s natural inclination to trust than it is to discover ways to hack into computer systems. As the art of manipulating people into them giving up confidential information, Social Engineering has been a hot topic for many years. This session will discuss some of the most common Social Engineering techniques and countermeasures.
Azure Site Recovery and System Center Tudor Damian
Azure Site Recovery is a cloud-based service that automates virtual machine fail-over across sites. The service integrates with Virtual Machine Manager which manages on-premises Hyper-V servers. Hyper-V Replica technology replicates virtual machine configuration and data across sites. Based on customer feedback, support for SAN replication is important. This session covers the scenarios in scope, solution architecture, and SAN integration using SMI-S.
Upgrading your Private Cloud to Windows Server 2012 R2Tudor Damian
Learn about the functionality and processes that are available to enable you to move your private cloud deployments to Windows Server 2012 R2 with zero downtime. Understand the options that are available to you and the considerations that need to be made as you determine the best path for continuing to keep your environment on the best technology available for private clouds today. This session covers the end to end approach including Hyper-V, Clustering, Storage and SCVMM.
O scurta introducere in arhitectura Hyper-V R2 si Linux Integration Services v2.1, precum si o detaliere a unor solutii de management si instrumente utile in gazduirea sistemelor Linux sub Hyper-V - video screencast pe Vimeo: http://www.vimeo.com/15466169