We have handpicked the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Cloud Security & Virtualization at RSA Conference USA 2018.

RSA Conference held its event in San Francisco, CA at the Moscone Center & Marriott Marquis and brought together a record number of 50,000 attendees.Attendees experienced keynotes, peer-to-peer sessions, top notch track sessions, tutorials and seminars. Keynotes, sessions and debates focused on New Attack Technique, Encryption, Artificial Intelligence, Machine Learning, Internet Of Things, Cloud Security & Virtualization & many more.

(Source: RSA Conference USA 2018)


1. Building and Adopting a Cloud-Native Security Program

Speakers: Rich Mogull, Bill Burns

Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—all of which smacks security programs square in the face. This session will leverage the nearly 20 years of the speakers’ combined cloud experience to lay out a complete strategy for building out a cloud-first security program that covers infrastructure and application development.

>> Go To Presentation


2. ChaoSlingr: Introducing Security-Based Chaos Testing

Speakers: Grayson Brewer, Aaron Rinehart

ChaoSlingr introduces the discipline of security testing into chaos engineering with the focus on driving failure out of the model and going beyond the reactive processes that currently dominate traditional security testing methodology.

>> Go To Presentation

( Read More: Top 6 'Cloud Security' talks from RSA Conference 2016 (USA) )


3. Corpsec: “What Happened to Corpses A and B?”

Speaker: Chris Czub

Living BeyondCorp comes with its own challenges. This talk will dive into how Duo gets our hands around difficult problems regarding the security and management of cloud services and endpoints internally. This session will cover technical details of our security orchestration and automation approach, cloud service monitoring, and chatops-driven endpoint application whitelisting strategies.

>> Go To Presentation


4. Ephemeral DevOps: Adventures in Managing Short-Lived Systems

Speaker: Todd Carr

This talk will explore the concepts and experiences of using configuration management in a highly disposable environment of ephemeral virtual machines. It will cover why an operations team may desire such an environment, the tools the presenter used to build one, and most importantly, the sorts of failures, accomplishments and considerations encountered during the journey.

>> Go To Presentation


5. FIM and System Call Auditing at Scale in a Large Container Deployment

Speaker: Ravi Honnavalli

This will show how, on a large container deployment, the speaker achieved insight into security events like file events on sensitive files, system call auditing, user level activity trail, network activity, etc., by customizing and plumbing a stack of open source tools that use the underlying Linux’s inotify and kernel audit components and by aggregating these events centrally in Elasticsearch.

>> Go To Presentation


6. Humans and Data Don’t Mix: Best Practices to Secure Your Cloud

Speaker: Stephen Schmidt

While the causes of outages are varied, human error far outpaces all hardware failures. The risk of humans touching sensitive data is clear, but the tools, techniques and risk-mitigation strategies lag behind current realities. Stephen Schmidt, AWS CISO, will share hard-earned lessons around potential gaps in your security plan, along with steps to lessen potential angles of attack.

>> Go To Presentation


7. Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond

Speakers: Matt Kemelhar, Mark Simos

Based on investigations of real-world attacks, Microsoft Office 365 cybersecurity experts provide a prescriptive approach to identifying and implementing the most critical security controls to protect your Office 365 tenant. You will learn threats and defenses change from on-premises attacks and what Microsoft recommends for quickly protecting against the most likely and impactful risks.

>> Go To Presentation



8. Pragmatic Security Automation for Cloud

Speaker: Rich Mogull

Everything in cloud computing is automated and API-enabled, giving security teams a big opportunity to build and embed security into infrastructures. From continuous guardrails to automated "afterburners" to speed up complex processes, this advanced session leverages the latest software-defined security techniques and shows how to integrate automation. Be prepared for demos, design patterns and a little code.

>> Go To Presentation

Read More: CISO Platform Top IT Security Influencers (Part 1) )


9. Red Team vs. Blue Team on AWS

Speakers: Kolby Allen, Teri Radichel

Cloud attack vectors and security controls are different. Many companies breached on AWS moved sensitive data to AWS following best practices or implementing cloud security controls correctly. Reports indicate that hybrid cloud implementations have weaknesses and research finds that devs are the new security target. See Kolby Allen and Teri Radichel duke it out as Teri attacks an AWS account and Kolby defends it.

>> Go To Presentation


10. Transfer Learning: Re-purposing ML Algorithms from Different Domains to Cloud Defense

Speaker: Mark Russinovich

Machine learning algorithms are key to modern at-scale cyberdefense. Transfer learning is a state of the art ML paradigm that enables applying knowledge and algorithms developed from one field to another, resulting in innovative solutions. This talk presents transfer learning in action wherein techniques created from other areas are successfully re-purposed and applied to cybersecurity.

>> Go To Presentation


Your Complete Guide To Top Talks @RSA Conference 2018 (USA)

Get your FREE Guide on Top Talks @ RSA Conference 2018 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at RSA Conference into a single guide. Get your Free copy today.

>>Click Here To Get Your FREE Guide



E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)