A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Pragmatic Cloud Security: What InfoSec Practitioners Have Been Waiting For - Josh Danielson (@JoshGDanielson) and Arthur Andrieu (BSides Huntsville 2014) (Hacking Illustrated Series InfoSec Tutorial Videos)

Pragmatic Cloud Security: What InfoSec Practitioners Have Been Waiting For
Josh Danielson (@JoshGDanielson) and Arthur Andrieu

Applying security standards consistently across environments has typically been a struggle for security practitioners. Maintaining accurate system baselines in dynamic, complex ecosystems is a challenge that makes asset management a seemingly impossible process to control in traditional environments. With the elastic capabilities of Cloud services such as AWS, it may appear at first glance that this struggle will only continue. However, there is a light at the end of the tunnel. In this talk we will describe a practical implementation of AWS services; CloudTrail, SNS, and SQS, in combination with the configuration management capabilities of Puppet to ensure a consistent set of security standards across an entire environment; even providing real-time notification of noncompliance instances. Lastly, we will take a peek into the future, where organizations will likely become more reliant on AWS services as critical components in their configuration management solution.

Bio: Josh Danielson is a Sr. Security Manager for Axway, where he is responsible for global governance of the Cloud Services security program. With nearly a decade of experience in both public and private sectors, he has served a variety of industries throughout his security career; from academia and government contracting, to the software space. Josh is an active member of the infosec community, were he has participated in multiple volunteer events. Josh has received a Master of Science degree in Information Management from Syracuse University, and currently holds multiple certifications including CISSP-ISSAP, and CISM. Arthur Andrieu is a Senior Security Architect with Axway. Based out of Paris, France, he leads Tier-1 customer deployments in Axway's Cloud Services division. Arthur has several years of experience in delivering and securing enterprise systems, to include streamlining cloud processes based-on DevOps methodologies.

Back to BSides Huntsville 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast