From zero to secure in 1 minute - IaaS security
אירוע InfoSec 2015, חמישי, 21 במאי 2015, 13:15
Recent hacks to IaaS platforms reveled that we need to master the attack vectors used: Automation and API attack vector, insecure instances and management dashboard with wide capabilities. Those attack vectors are not unique to Cloud Computing but there are magnified due to the cloud characteristics. The fact is that IaaS instance lifecycle is accelerating, nowadays we can find servers that are installed, launched, process data and terminate - all within a range of minutes. This new accelerated lifecycle makes traditional security processes such as periodic patches, vulnerability scanning, hardening, and forensics impossible. In this accelerated lifecycle, there are no maintenance windows for patches or ability to mitigate vulnerability, so the security infrastructure must adapt to new methods. In this new thinking, we require automation of instance security configuration, hardening, monitoring, and termination. Because there are no maintenance windows, Servers must be patched before they boot up, security configuration and hardening procedures should be integrated with server installation and vulnerability scanning and mitigation processes should be automatic. In the presentation, we plan to announce the full version of a new open source tool called "Cloudefigo" and explain how it enables accelerated security lifecycle. We demonstrate how to launch a pre-configured, already patched instance into an encrypted storage environment automatically while evaluating their security and mitigating them automatically if a vulnerability is found. In the live demo, we leverage Amazon Web Services EC2 Cloud-Init scripts and object storage for provisioning automated security configuration, integrating encryption, including secure encryption key repositories for secure server's communication. The result of those techniques is cloud servers that are resilient, automatically configured, with the reduced attack surface
Moshe Ferber is an information security entrepreneur and a popular industry speaker. With over 20 years of experience in various industry leading positions. Currently Mr. Ferber focuses in promoting innovation in the Israeli startup scene as an investor, lecturer and evangelist for various cloud security topics and serving as the Co-chairman for the Cloud Security Alliance Israeli Chapter.
הרצאות נוספות באירוע InfoSec 2015
-
חמישי, 21 במאי 2015, 09:00
-
חמישי, 21 במאי 2015, 11:35
-
חמישי, 21 במאי 2015, 11:35
-
חמישי, 21 במאי 2015, 09:05
-
חמישי, 21 במאי 2015, 11:55
-
חמישי, 21 במאי 2015, 11:55
-
חמישי, 21 במאי 2015, 09:10
-
חמישי, 21 במאי 2015, 12:15
-
חמישי, 21 במאי 2015, 12:15
-
חמישי, 21 במאי 2015, 09:35
-
חמישי, 21 במאי 2015, 12:35
-
חמישי, 21 במאי 2015, 12:35
-
חמישי, 21 במאי 2015, 10:05
-
חמישי, 21 במאי 2015, 12:55
-
חמישי, 21 במאי 2015, 10:25
-
חמישי, 21 במאי 2015, 13:15
-
חמישי, 21 במאי 2015, 10:40
-
חמישי, 21 במאי 2015, 13:35
-
חמישי, 21 במאי 2015, 11:00
-
חמישי, 21 במאי 2015, 13:55
-
חמישי, 21 במאי 2015, 14:15