SlideShare a Scribd company logo

Thinking Out cLOUD Security Journey

Download as PPTX, PDF
Stu Hirst
Stu Hirst

The document discusses the author's journey in cloud security and managing security across multiple companies simultaneously. It emphasizes the importance of recruiting skilled security professionals, implementing basic security controls like MFA and tightening IAM permissions, and challenges such as differing technologies, cultures, and the complexity of cloud environments. The author also provides resources for learning more about AWS security best practices.

Technology
1 of 33
Thinking Out cLOUD @stuhirstinfosec
Disclaimers; I like memes. I’m not an ‘expert’ or a ‘thought leader’, but I’ve learned some stuff along the way. @stuhirstinfosec
Who Am I? @stuhirstinfosec
“Security culture is what employees do when the Security team isn’t looking” @stuhirstinfosec
@stuhirstinfosec The Initial Journey…
@stuhirstinfosec The Initial Journey…
@stuhirstinfosec The Initial Journey… • Well Architected Reviews with AWS • Manual auditing of accounts • Setting up of WAFs, AWS tools such as Guard Duty • Leveraging Trusted Advisor to help • Compliance related activities • Trying to ensure logging is in place
@stuhirstinfosec Defining Your Cloud Risk
Defining AWS / Cloud Risk @stuhirstinfosec There are existing frameworks that can help; • CIS Benchmarking • NIST • ISACA • Cloud Security Alliance
Defining AWS / Cloud Risk @stuhirstinfosec CIS: • AWS, Azure, Google Cloud • Docker, Kubernetes • Security Metrics • Also desktop apps, network devices, mobile devices, servers, operating systems
Defining Potential AWS Risks & Vulnerabilities https://github.com/stuhirst/awssecurity/blob/master/risksandv ulns.md @stuhirstinfosec • DDOS • WAF • LOGGING • KEYS • ENCRYPTION • S3 • IAM • VULN MGMT
Defining Potential AWS Risks & Vulnerabilities https://github.com/stuhirst/awssecurity/blob/master/risksandv ulns.md @stuhirstinfosec • DDOS - what protection do you have at various layers? • WAF - are you using one?! Does it have custom rulesets? Is it in blocking mode? • LOGGING - VPC flow logs, S3 logs, ELB logs - do you centralise these? • KEYS - how are you protecting these? Any in GitHub?! • ENCRYPTION - are you forcing encryption on S3, EBS volumes & snapshots - encrypt all the things! • S3 - do you know if buckets/objects are open to the world?! • IAM - overly permissive roles, lack of offboarding • VULN MGMT - are you using up to date AMIs?
@stuhirstinfosec
@stuhirstinfosec
@stuhirstinfosec Create a whole new AWS account to do this!
Imagine joining one company…. easy?! @stuhirstinfosec
What about four companies at once?! @stuhirstinfosec
Complexities of 4 brands @stuhirstinfosec • Tech stack • Programming languages • Cultures • Maturity • Business structure • Levels of knowledge • Location/language
Some of the complexities of multi-brand companies… @stuhirstinfosec • Accounts - often many! • Terraform vs CloudFormation • HUGE amounts of data! • Cost / budget implications • Staff turnover multiplied
@stuhirstinfosec Q: What’s the most important aspect of securing the Cloud?
@stuhirstinfosec RECRUIT! RECRUIT! RECRUIT!
Back To Basics! Some things you need to consider…. @stuhirstinfosec
MFA! @stuhirstinfosec
OVERLY PERMISSIVE IAM @stuhirstinfosec
OPEN S3 BUCKETS @stuhirstinfosec
LOGGING @stuhirstinfosec
KEY ROTATION & CREDS @stuhirstinfosec
INCIDENT RESPONSE @stuhirstinfosec
COST CONTROL @stuhirstinfosec
@stuhirstinfosec So what have I learnt during this last year? * Your journey has to start somewhere! * Changing businesses takes real time and graft. And it’s painful! * Try and get the major stakeholders around the table regularly to collaborate - this takes effort! * People repeat mistakes - we need to find a way to make that better * Cloud is HARD and often COMPLEX * Recruitment is absolutely KEY!
@stuhirstinfosec
What has helped? @stuhirstinfosec Not enough hours in the day!
@stuhirstinfosec Want to know more? AWS Security Slack Group AWS Arsenal - open source tools https://github.com/stuhirst/awssecurity AWS Vulnerability & Risk list https://github.com/stuhirst/awssecurity/blob/master/risksandvulns.md

Recommended

Stu Hirst - Thinking Out cLoud July 2019
Stu Hirst - Thinking Out cLoud July 2019Stu Hirst - Thinking Out cLoud July 2019
Stu Hirst - Thinking Out cLoud July 2019Stu Hirst
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Stu Hirst
 
The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)Julien SIMON
 
Practical Cyber: Lessons from 500,000 Miles of Security Evangelism
Practical Cyber: Lessons from 500,000 Miles of Security EvangelismPractical Cyber: Lessons from 500,000 Miles of Security Evangelism
Practical Cyber: Lessons from 500,000 Miles of Security EvangelismBen Johnson
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
 
Lean Security
Lean SecurityLean Security
Lean SecurityBen Johnson
 
How We end the Walking Dead in the Enterprise - Session Sponsored by Versent
How We end the Walking Dead in the Enterprise - Session Sponsored by VersentHow We end the Walking Dead in the Enterprise - Session Sponsored by Versent
How We end the Walking Dead in the Enterprise - Session Sponsored by VersentAmazon Web Services
 
Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17itSMF UK
 

Recommended

Stu Hirst - Thinking Out cLoud July 2019
Stu Hirst - Thinking Out cLoud July 2019Stu Hirst - Thinking Out cLoud July 2019
Stu Hirst - Thinking Out cLoud July 2019Stu Hirst
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Stu Hirst
 
The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)The Lost Tales of Platform Design (February 2017)
The Lost Tales of Platform Design (February 2017)Julien SIMON
 
Practical Cyber: Lessons from 500,000 Miles of Security Evangelism
Practical Cyber: Lessons from 500,000 Miles of Security EvangelismPractical Cyber: Lessons from 500,000 Miles of Security Evangelism
Practical Cyber: Lessons from 500,000 Miles of Security EvangelismBen Johnson
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
 
Lean Security
Lean SecurityLean Security
Lean SecurityBen Johnson
 
How We end the Walking Dead in the Enterprise - Session Sponsored by Versent
How We end the Walking Dead in the Enterprise - Session Sponsored by VersentHow We end the Walking Dead in the Enterprise - Session Sponsored by Versent
How We end the Walking Dead in the Enterprise - Session Sponsored by VersentAmazon Web Services
 
Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17Steve Chambers - Cloud for GrownUps ITSM17
Steve Chambers - Cloud for GrownUps ITSM17itSMF UK
 
Architectural Considerations for Startups
Architectural Considerations for StartupsArchitectural Considerations for Startups
Architectural Considerations for StartupsNiall Roche
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsAlison Gianotto
 
(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big Data(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big DataAmazon Web Services
 
Rugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with SecurityRugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with SecurityDavid Etue
 
Tech essentials for Product managers
Tech essentials for Product managersTech essentials for Product managers
Tech essentials for Product managersNitin T Bhat
 
Skyscanner
SkyscannerSkyscanner
SkyscannerAmazon Web Services
 
Searching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldSearching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldOpenSource Connections
 
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...OpenSource Connections
 
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)Seth Carstens
 
Paytm labs soyouwanttodatascience
Paytm labs soyouwanttodatasciencePaytm labs soyouwanttodatascience
Paytm labs soyouwanttodatascienceAdam Muise
 
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi DouglenDevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi DouglenDevSecCon
 
Application security in a hurry webinar
Application security in a hurry webinarApplication security in a hurry webinar
Application security in a hurry webinarkdinerman
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
Serverless Toronto helps Startups
Serverless Toronto helps StartupsServerless Toronto helps Startups
Serverless Toronto helps StartupsDaniel Zivkovic
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchSpencer Koch
 
Sidecars and a Microservices Mesh
Sidecars and a Microservices MeshSidecars and a Microservices Mesh
Sidecars and a Microservices MeshRed Hat Developers
 
Microservices Journey Fall 2017
Microservices Journey Fall 2017Microservices Journey Fall 2017
Microservices Journey Fall 2017Christian Posta
 
Key considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdlesKey considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdlesScalr
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...Stu Hirst
 
AWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptxAWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptxStu Hirst
 

More Related Content

Similar to Thinking Out cLOUD Security Journey

Architectural Considerations for Startups
Architectural Considerations for StartupsArchitectural Considerations for Startups
Architectural Considerations for StartupsNiall Roche
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsAlison Gianotto
 
(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big Data(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big DataAmazon Web Services
 
Rugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with SecurityRugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with SecurityDavid Etue
 
Tech essentials for Product managers
Tech essentials for Product managersTech essentials for Product managers
Tech essentials for Product managersNitin T Bhat
 
Searching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldSearching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldOpenSource Connections
 
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...OpenSource Connections
 
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)Seth Carstens
 
Paytm labs soyouwanttodatascience
Paytm labs soyouwanttodatasciencePaytm labs soyouwanttodatascience
Paytm labs soyouwanttodatascienceAdam Muise
 
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi DouglenDevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi DouglenDevSecCon
 
Application security in a hurry webinar
Application security in a hurry webinarApplication security in a hurry webinar
Application security in a hurry webinarkdinerman
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
Serverless Toronto helps Startups
Serverless Toronto helps StartupsServerless Toronto helps Startups
Serverless Toronto helps StartupsDaniel Zivkovic
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchSpencer Koch
 
Sidecars and a Microservices Mesh
Sidecars and a Microservices MeshSidecars and a Microservices Mesh
Sidecars and a Microservices MeshRed Hat Developers
 
Microservices Journey Fall 2017
Microservices Journey Fall 2017Microservices Journey Fall 2017
Microservices Journey Fall 2017Christian Posta
 
Key considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdlesKey considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdlesScalr
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 

Similar to Thinking Out cLOUD Security Journey (20)

Architectural Considerations for Startups
Architectural Considerations for StartupsArchitectural Considerations for Startups
Architectural Considerations for Startups
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk Fundamentals
 
(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big Data(SEC326) Security Science Using Big Data
(SEC326) Security Science Using Big Data
 
Rugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with SecurityRugged Building Materials and Creating Agility with Security
Rugged Building Materials and Creating Agility with Security
 
Tech essentials for Product managers
Tech essentials for Product managersTech essentials for Product managers
Tech essentials for Product managers
 
Skyscanner
SkyscannerSkyscanner
Skyscanner
 
Searching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldSearching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data World
 
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
Building a Lightweight Discovery Interface for China's Patents@NYC Solr/Lucen...
 
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
WordCamp 2012 - Seth Carstens Presentation (Responsive Width)
 
Paytm labs soyouwanttodatascience
Paytm labs soyouwanttodatasciencePaytm labs soyouwanttodatascience
Paytm labs soyouwanttodatascience
 
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi DouglenDevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
DevSecCon Tel Aviv 2018 - Value driven threat modeling by Avi Douglen
 
Application security in a hurry webinar
Application security in a hurry webinarApplication security in a hurry webinar
Application security in a hurry webinar
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale
 
Serverless Toronto helps Startups
Serverless Toronto helps StartupsServerless Toronto helps Startups
Serverless Toronto helps Startups
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from Scratch
 
Sidecars and a Microservices Mesh
Sidecars and a Microservices MeshSidecars and a Microservices Mesh
Sidecars and a Microservices Mesh
 
Microservices Journey Fall 2017
Microservices Journey Fall 2017Microservices Journey Fall 2017
Microservices Journey Fall 2017
 
Key considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdlesKey considerations when adopting cloud: expectations vs hurdles
Key considerations when adopting cloud: expectations vs hurdles
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
 

More from Stu Hirst

Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...Stu Hirst
 
AWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptxAWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptxStu Hirst
 
Stu Hirst - 10 Years To Ciso
Stu Hirst - 10 Years To CisoStu Hirst - 10 Years To Ciso
Stu Hirst - 10 Years To CisoStu Hirst
 
Stu Hirst - Thinking Out cLoud 2020
Stu Hirst - Thinking Out cLoud 2020Stu Hirst - Thinking Out cLoud 2020
Stu Hirst - Thinking Out cLoud 2020Stu Hirst
 
Hi DevOps, I'm Security, I Love You
Hi DevOps, I'm Security, I Love YouHi DevOps, I'm Security, I Love You
Hi DevOps, I'm Security, I Love YouStu Hirst
 
An Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecAn Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecStu Hirst
 
War Stories - From The Front Lines Of InfoSec!
War Stories - From The Front Lines Of InfoSec!War Stories - From The Front Lines Of InfoSec!
War Stories - From The Front Lines Of InfoSec!Stu Hirst
 
An Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecAn Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecStu Hirst
 
Turing's Testers - Security Scotland May 2018
Turing's Testers - Security Scotland May 2018Turing's Testers - Security Scotland May 2018
Turing's Testers - Security Scotland May 2018Stu Hirst
 
DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!Stu Hirst
 

More from Stu Hirst (10)

Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
Stu Hirst - Imposter Syndrome 2024 - Presented at Cloud Expo Europe (Cyber Ke...
 
AWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptxAWS Meet Up COPENHAGEN.pptx
AWS Meet Up COPENHAGEN.pptx
 
Stu Hirst - 10 Years To Ciso
Stu Hirst - 10 Years To CisoStu Hirst - 10 Years To Ciso
Stu Hirst - 10 Years To Ciso
 
Stu Hirst - Thinking Out cLoud 2020
Stu Hirst - Thinking Out cLoud 2020Stu Hirst - Thinking Out cLoud 2020
Stu Hirst - Thinking Out cLoud 2020
 
Hi DevOps, I'm Security, I Love You
Hi DevOps, I'm Security, I Love YouHi DevOps, I'm Security, I Love You
Hi DevOps, I'm Security, I Love You
 
An Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecAn Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSec
 
War Stories - From The Front Lines Of InfoSec!
War Stories - From The Front Lines Of InfoSec!War Stories - From The Front Lines Of InfoSec!
War Stories - From The Front Lines Of InfoSec!
 
An Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSecAn Imposter's Journey Into InfoSec
An Imposter's Journey Into InfoSec
 
Turing's Testers - Security Scotland May 2018
Turing's Testers - Security Scotland May 2018Turing's Testers - Security Scotland May 2018
Turing's Testers - Security Scotland May 2018
 
DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Thinking Out cLOUD Security Journey