GPN18:Cloud Security Suite - One stop tool for AWS & GCP Security Audit

aus dem Wiki des Entropia e.V., CCC Karlsruhe
Wechseln zu: Navigation, Suche

Ein Vortrag von Jayesh Singh Chauhan auf der GPN18.

Detailed Outline of the Presentation:

- Introduction to the cloud and how it is being adapted by small and large firms. - Gartner quadrant showing how much stake AWS and GCP have among all cloud service providers. - Why more and more firms are migrating to cloud providers. - Default security offered by AWS and GCP. - What doesn't get covered due to misconfiguration of services done by DevOps/ITOps team. - What are the consequences of these misconfigurations. - How major firms have been exposed to the same threats and have fallen prey. - How this can be fixed ? Either by hiring a third party or using open source tools. - Third party security company costs money and involves providing your access to that company. - Open source requires a lot of research and involves successful configuration of all the tools. - How cloud secuity suite solves the above stated problems. - Showcasing the research done to integrate the available open source tools, addition of custom checks to help audit the infra further. Also, how easy it is to get the tool up and running. (Demo) - Showcase the OS audit capability of the tool where it can scan the OS of an instance belonging to the same infrastructure.(Demo) - Showcasing the report structure and how portable they are. (Demo) - Virtual environment and docker support. - Q&A - End