GPN18:Cloud Security Suite - One stop tool for AWS & GCP Security Audit
Ein Vortrag von Jayesh Singh Chauhan auf der GPN17.
Detailed Outline of the Presentation:
- Introduction to the cloud and how it is being adapted by small and large firms. - Gartner quadrant showing how much stake AWS and GCP have among all cloud service providers. - Why more and more firms are migrating to cloud providers. - Default security offered by AWS and GCP. - What doesn't get covered due to misconfiguration of services done by DevOps/ITOps team. - What are the consequences of these misconfigurations. - How major firms have been exposed to the same threats and have fallen prey. - How this can be fixed ? Either by hiring a third party or using open source tools. - Third party security company costs money and involves providing your access to that company. - Open source requires a lot of research and involves successful configuration of all the tools. - How cloud secuity suite solves the above stated problems. - Showcasing the research done to integrate the available open source tools, addition of custom checks to help audit the infra further. Also, how easy it is to get the tool up and running. (Demo) - Showcase the OS audit capability of the tool where it can scan the OS of an instance belonging to the same infrastructure.(Demo) - Showcasing the report structure and how portable they are. (Demo) - Virtual environment and docker support. - Q&A - End
Links
Fahrplan |
Hauptseite | Feedback | FAQ
2³² Stars In The Sky Abschlussrunde mit Vorstellung FreifunkBW::Camp Alice explodiert! Begrüßung und Einleitung Bondage-Workshop BorgBackup Treffen Build yourself a SNMP replacement Building a Photobooth Closing und Review Combining the Intertubes using Multipath TCP Critical Mass CyberMorning Show Cybern Demoshow Die manpages.debian.org-Modernisierung Digitalisierte Stromnetze und Smart Meter in Deutschland Einführung Infotresen Einführung in Onshape Einführung in die Chaosvermittlung Electronic GeekBag Esoterische Programmiersprachen FreeBSD: The Power to Serve a Community Freifunk Interconnectivity Freifunk-Admin-Talkrunde From Mirai to Apple Guerilla Stricken Gulasch Karaoke Gulaschausgabe HTTP Security Header Hack the Badge - Preisverleihung Hackertours Haecksenfryhstyck How to fly to the Moon How we bodged the Badge Improving the Web of Trust with GNOME Keysign Introduction to Automated Binary Analysis Jonglier-Workshop Lightning Talks Lossless Data Compression Mammut statt Vogel Mate Making DIY McFly McFly Menstruation Matters Mitgliederverwaltung für Erfas My Little Pony - Videoanalyse ist Magie Network Flow Analysis using Netflow protocols and tflow2 Neues ECAD-Programm horizon OWASP TOP 10 OWASP Top 10 Privacy Risks Project PGP Keysigning Panik überall Pixel-Art Workshop Playing Studio Sets Live with Ableton Podcasten QR-Codes SHA2017 Orga Meet @ GPN17 Salt-Orchestrated Software Defined Freifunk Backbone im Hochstift Smarthome mit ioBroker Sysadmin Nightmares The Elektr0nic Window Towards a more secure operating system without sacrificing usability Vertrauen ist gut, Kontrolle ist besser. Virtual Reality mit Freier Software WCW 2017 Livestream Webserversecurity 101 Werwölfe von Düsterwald What to hack Wie kommt eigentlich das Internet von Hamburg nach Stuttgart? ZFS replication with zrepl ffbw.de Workshop git-dit gokrazy: ein Go userland für Raspberry Pi 3 appliances hacking galaxy S8 iris recognition small modifications and embodied connectivity the dark side of the wifi Æ-DIR Installation Workshop