Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Sh*t my cloud evangelist         says... ...Just not to my CSO
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
Defining theproblem set
IT’S A TRAP!
Developer Priorities*            VS           Security Priorities                *Mark Curphey - The Great Security Divide...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
@SMCES...   VS   ...SECURITY
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                        VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ...
What’s Missing?
What’s Missing? ✤   Instrumentation that is inclusive of security
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
Nasty bits
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
Application Security: Meh
API Security Sucks Harder  ✤   Most Security Drones can’t spell XML  ✤   ...they rarely use SOAP  ✤   ...they don’t get RE...
Fool! You Fell Victim To One Ofthe Classic Blunders!
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Sh*T My Cloud Evangelist Fails to say...        CE              NS                      OR                             ED ...
The 7 Dirty Words              ...Of Cloud Security
The 7 Dirty Words  1. Scalability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability  3. Fungibility                   ...Of Cloud Security
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance                     ...Of Cloud S...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost                     .....
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability   ...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability  7...
Scalability
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Security@Scale
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Cloud: The Revengeof VPN and PKI
Cloud: The Revengeof VPN and PKIHINT: CLOUD SECURITY IS MORETHAN OVERLAY ENCRYPTION &MULTI-FACTOR AUTHENTICATIONMECHANISMS
He P’s On Everything...                Everything’s Connected
Do Not Poke the bear       If You Think A Noogie Is Bad, Try the Wedgie!
Portability
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability✤   Dude, Where’s My IOS ACL    5-Tuple!?        Working with VMware vShield REST API in perl. Richard Park, So...
Portability✤   ...or this:                  AWS Security : A Practitioner’s Perspective. Jason Chan, Netflix
Fungibility
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
The Problem IsAlways Hamsters
The Hamster Sine Wave of Pain...*                                                               The Security Hamster Sine ...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
Compliance
Compliance ✤ Security != Compliance and “security” doesn’t matter
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Mapping the Model to the Metal
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
About @Beaker:✤ I’m an a*hole
Nächste SlideShare
Wird geladen in …5
×
12.658 Aufrufe

Veröffentlicht am

About @Beaker:✤ I’m an a*hole with a blog (rationalsurvivability.com)✤ Global Chief Security Architect for a company who provides networking & security widgets to SP’s & Enterprises✤ Love Cloud & particularly fond of those that do my bidding in a manner commensurate with my OCD-driven need to manage outcomes in a reasonably predictable way

Veröffentlicht in: Technologie, Business

×