Social Network For CISO (Chief Information Security Officers)
Our editorial team has handpicked the best of the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Cloud Security & Virtualization at RSA Conference USA 2018.
RSA Conference held its event in San Francisco, CA at the Moscone Center & Marriott Marquis and brought together a record number of 50,000 attendees.Attendees experienced keynotes, peer-to-peer sessions, top notch track sessions, tutorials and seminars. Keynotes, sessions and debates focused on New Attack Technique, Encryption, Artificial Intelligence, Machine Learning, Internet Of Things, Cloud Security & Virtualization & many more.
(Source: RSA Conference USA 2018)
Speakers: Rich Mogull, Bill Burns
Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—all of which smacks security programs square in the face. This session will leverage the nearly 20 years of the speakers’ combined cloud experience to lay out a complete strategy for building out a cloud-first security program that covers infrastructure and application development.
Speakers: Grayson Brewer, Aaron Rinehart
ChaoSlingr introduces the discipline of security testing into chaos engineering with the focus on driving failure out of the model and going beyond the reactive processes that currently dominate traditional security testing methodology.
Speaker: Chris Czub
Living BeyondCorp comes with its own challenges. This talk will dive into how Duo gets our hands around difficult problems regarding the security and management of cloud services and endpoints internally. This session will cover technical details of our security orchestration and automation approach, cloud service monitoring, and chatops-driven endpoint application whitelisting strategies.
Speaker: Todd Carr
This talk will explore the concepts and experiences of using configuration management in a highly disposable environment of ephemeral virtual machines. It will cover why an operations team may desire such an environment, the tools the presenter used to build one, and most importantly, the sorts of failures, accomplishments and considerations encountered during the journey.
Speaker: Ravi Honnavalli
This will show how, on a large container deployment, the speaker achieved insight into security events like file events on sensitive files, system call auditing, user level activity trail, network activity, etc., by customizing and plumbing a stack of open source tools that use the underlying Linux’s inotify and kernel audit components and by aggregating these events centrally in Elasticsearch.
Speaker: Stephen Schmidt
While the causes of outages are varied, human error far outpaces all hardware failures. The risk of humans touching sensitive data is clear, but the tools, techniques and risk-mitigation strategies lag behind current realities. Stephen Schmidt, AWS CISO, will share hard-earned lessons around potential gaps in your security plan, along with steps to lessen potential angles of attack.
Speakers: Matt Kemelhar, Mark Simos
Based on investigations of real-world attacks, Microsoft Office 365 cybersecurity experts provide a prescriptive approach to identifying and implementing the most critical security controls to protect your Office 365 tenant. You will learn threats and defenses change from on-premises attacks and what Microsoft recommends for quickly protecting against the most likely and impactful risks.
Speaker: Rich Mogull
Everything in cloud computing is automated and API-enabled, giving security teams a big opportunity to build and embed security into infrastructures. From continuous guardrails to automated "afterburners" to speed up complex processes, this advanced session leverages the latest software-defined security techniques and shows how to integrate automation. Be prepared for demos, design patterns and a little code.
Speakers: Kolby Allen, Teri Radichel
Cloud attack vectors and security controls are different. Many companies breached on AWS moved sensitive data to AWS following best practices or implementing cloud security controls correctly. Reports indicate that hybrid cloud implementations have weaknesses and research finds that devs are the new security target. See Kolby Allen and Teri Radichel duke it out as Teri attacks an AWS account and Kolby defends it.
Speaker: Mark Russinovich
Machine learning algorithms are key to modern at-scale cyberdefense. Transfer learning is a state of the art ML paradigm that enables applying knowledge and algorithms developed from one field to another, resulting in innovative solutions. This talk presents transfer learning in action wherein techniques created from other areas are successfully re-purposed and applied to cybersecurity.