Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Sh*t my cloud evangelist         says... ...Just not to my CSO
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
About @Beaker:✤   I’m an a*hole with a blog (rationalsurvivability.com)✤   Global Chief Security Architect for a company w...
Defining theproblem set
IT’S A TRAP!
Developer Priorities*            VS           Security Priorities                *Mark Curphey - The Great Security Divide...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*              VS           Security Priorities1. Functions and features as                        1. ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
Developer Priorities*                 VS           Security Priorities1. Functions and features as                        ...
@SMCES...   VS   ...SECURITY
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                     VS   ...SECURITY✤   Cloud is more secure; security is more integrated   ✤   ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                      VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ✤ ...
@SMCES...                                        VS   ...SECURITY✤   Cloud is more secure; security is more integrated    ...
What’s Missing?
What’s Missing? ✤   Instrumentation that is inclusive of security
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
What’s Missing? ✤   Instrumentation that is inclusive of security ✤   Intelligence and context shared between infrastructu...
Nasty bits
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
“Information Security” Sucks                                                                                              ...
Application Security: Meh
API Security Sucks Harder  ✤   Most Security Drones can’t spell XML  ✤   ...they rarely use SOAP  ✤   ...they don’t get RE...
Fool! You Fell Victim To One Ofthe Classic Blunders!
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Fool! You Fell Victim To One Ofthe Classic Blunders!✤   Never Get Involved In    a Cloud War In Asia✤   Never Go In Agains...
Sh*T My Cloud Evangelist Fails to say...        CE              NS                      OR                             ED ...
The 7 Dirty Words              ...Of Cloud Security
The 7 Dirty Words  1. Scalability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability                   ...Of Cloud Security
The 7 Dirty Words  1. Scalability  2. Portability  3. Fungibility                   ...Of Cloud Security
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance                     ...Of Cloud S...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost                     .....
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability   ...
The 7 Dirty Words  1.   Scalability  2.   Portability  3.   Fungibility  4.   Compliance  5.   Cost  6.   Manageability  7...
Scalability
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Scalability  ✤ Distributed Networked System problems are tough; Distributed      Networked System Security problems are to...
Security@Scale
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Security@Scale ✤ It doesn’t. The MeatCloud giveth, the MeatCloud    taketh away... ✤ Beyond Gb/s, Connections/s, flows, etc...
Cloud: The Revengeof VPN and PKI
Cloud: The Revengeof VPN and PKIHINT: CLOUD SECURITY IS MORETHAN OVERLAY ENCRYPTION &MULTI-FACTOR AUTHENTICATIONMECHANISMS
He P’s On Everything...                Everything’s Connected
Do Not Poke the bear       If You Think A Noogie Is Bad, Try the Wedgie!
Portability
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability  ✤ If we don’t have consistency in standards/formats for     workloads & stack insertion, we’re not going to h...
Portability✤   Dude, Where’s My IOS ACL    5-Tuple!?        Working with VMware vShield REST API in perl. Richard Park, So...
Portability✤   ...or this:                  AWS Security : A Practitioner’s Perspective. Jason Chan, Netflix
Fungibility
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
Fungibility ✤   Fundamentally, we need reusable and programmatic     security design patterns; Controls today are CLI/GUI ...
The Problem IsAlways Hamsters
The Hamster Sine Wave of Pain...*                                                               The Security Hamster Sine ...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
The Hamster Sine Wave of Pain...*                                                              The Security Hamster Sine W...
Compliance
Compliance ✤ Security != Compliance and “security” doesn’t matter
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Compliance ✤ Security != Compliance and “security” doesn’t matter ✤ Regulatory compliance and frameworks don’t address    ...
Mapping the Model to the Metal
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
Mapping the Model to the Metal        Cloud Model Presentation                  Presentation   Modality                   ...
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
The 7 Dirty Words 1.
Próxima SlideShare
Cargando en…5
×
12.569 visualizaciones

Publicado el

The 7 Dirty Words 1. Scalability ...Of Cloud Security

Publicado en: Tecnología, Empresariales

×