TURTLES ALL THE WAY DOWN. Storing Secrets in the Cloud and in the Data Center
|
|
- Vernon Manning
- 6 years ago
- Views:
Transcription
1 TURTLES ALL THE WAY DOWN Storing Secrets in the Cloud and in the Data Center 1
2 INTRODUCTION Daniel Somerfield
3 TURTLES COMPANION SITE h:p://danielsomerfield.github.io/turtles 3
4 WHAT'S THE PROBLEM? We all have s We want to know they're safe And
5 WHAT'S THE PROBLEM? We need reliable, reproducible deployments
6 SETTING GOALS 6
7 WHAT GOOD LOOKS LIKE Security Goals Secrets are s AudiIng No reliance on heroes Standard pracices
8 WHAT DOES GOOD LOOK LIKE Automated Scales operaionally OperaDonal Goals
9 WHAT DOES GOOD LOOK LIKE It haz 2B EZ 2 uze!!!!
10 SEARCHING FOR THE ELUSIVE LAST TURTLE 10
11 THE FIRST TURTLE Does this sound familiar? Secrets in SCM Admins, admins everywhere CredenIal reuse Secrets are not really s
12 THE FIRST TURTLE Goals Encrypted s Controlled distribuion Secrets are automated
13 STRATEGIES application decryption orchestration server encrypted encrypted operational compartmentalization application deployment deployment encrypted plaintext target application encrypted store artifact repo encrypted store orchestrator decryption orchestration server orchestration server secure channel plaintext encrypted plaintext orchestration server encrypted target application plaintext plaintext target application encrypted store
14 ORCHESTRATOR DECRYPTION orchestrator decryption encrypted secure channel plaintext plaintext orchestration server encrypted plaintext target application encrypted store
15 ORCHESTRATOR DECRYPTION Advantages Key management IntegraIon Disadvantages Exploit severity Secrets at rest One more turtle orchestrator decryption secure channel plaintext encrypted plaintext orchestration server encrypted plaintext target application encrypted store
16 APPLICATION DECRYPTION application decryption encrypted orchestration server encrypted encrypted plaintext target application encrypted store
17 APPLICATION DECRYPTION Advantages CompartmentalizaIon IntegraIon Disadvantages Key management Secrets at rest One more turtle application decryption encrypted orchestration server encrypted encrypted plaintext target application encrypted store
18 OPERATIONAL COMPARTMENTALIZATION operational compartmentalization application deployment deployment artifact repo encrypted store orchestration server orchestration server target application plaintext
19 ORGANIZATIONAL COMPARTMENTALIZATION Advantages Clear responsibiliies IntegraIon Disadvantages OrganizaIonal silos Lack of transparency operational compartmentalization application deployment deployment artifact repo encrypted store orchestration server orchestration server target application plaintext
20 TOOLS SCM encrypion OrchestraIon tools Secret service
21 SCM ENCRYPTION EncrypIon of enire SCM repo or individual items within them.
22 SCM ENCRYPTION IntegraIon SCM- based audit Strengths
23 SCM ENCRYPTION Secret rotaion support Data at rest AudiIng of usage More turtles Weaknesses
24 SCM ENCRYPTION TOOLS Blackbox GitCrypt Transcrypt
25 ORCHESTRATOR ENCRYPTION
26 ORCHESTRATOR ENCRYPTION AutomaIon Familiar workflow Strengths
27 ORCHESTRATION ENCRYPTION Weaknesses Similar to SCM encrypion, plus: Vendor lock- in Another turtle
28 ORCHESTRATION ENCRYPTION TOOLS hiera- eyaml Blackbox Chef Chef Vault Ansible Vault
29 TOOLS SCM encrypion OrchestraIon tools Secret service
30 THE SECOND TURTLE Key RotaIon Limit s at rest Goals
31 PULLING application-pull plaintext target application secure channel encrypted plaintext server encrypted store
32 SECRET SERVICES A separate endpoint providing s on demand over a secure channel.
33 SECRETS SERVICES Strengths Minimizes at rest Facilitates rotaion CompartmentalizaIon Ephemeral credenials Access policies AudiIng
34 SECRETS AS A SERVICE Weaknesses AdopIon Single point of failure Few opions One more turtle
35 SECRETS AS A SERVICE HashiCorp Vault Square KeyWhiz
36 TOOLS SCM encrypion OrchestraIon tools Secret service
37 THE THIRD TURTLE Goals Ephemeral credenials Instances without remote access Immutable infrastructure CredenIal- less architecture
38 TOOLS OrchestraIon tools Secret service???
39 FINAL THOUGHTS 39
40 THE BIG PICTURE build server orchestration server 1. publishes artifact 2. push orchestration package public key encrypted store artifact repo 3. download app package orchestration 4. download package 5. decrypt 6. start application application 7. delete private key
41 IN CLOSING So how do you find the last turtle? - TacIcal human intervenion - Audit - Automate - Evolve
42 Q & A Daniel Somerfield daniel.somerfield@thoughtworks.com h:p://danielsomerfield.github.io/turtles
Secrets at Scale Automated Bootstrapping of Secrets and Identity in the Cloud. Ian January 30, 2017
Secrets at Scale Automated Bootstrapping of Secrets and Identity in the Cloud Ian Haken @ianhaken January 30, 2017 The Problem With Secrets AES HSM JKS Where do I put my secret? Secrets at Scale TLS/HTTPS
More informationOrchestrating the Continuous Delivery Process
Orchestrating the Continuous Delivery Process steven.g.harris@cloudbees.com @stevengharris SVP Products, CloudBees 1 Continuous Delivery Overview Feedback Loop App Lifecycle BUILD TEST STAGE Deploy Run
More informationEnabling Cloud Adoption. Addressing the challenges of multi-cloud
Enabling Cloud Adoption Addressing the challenges of multi-cloud Introduction Organizations of all sizes are adopting cloud for application workloads. These organizations are looking to avoid the costs
More informationCLOUD WORKLOAD SECURITY
SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly
More informationOneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
More informationMobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management
Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management June 29, 2011 1 Forward-Looking Statements This presentation
More informationIBM Cloud for VMware Solutions vrealize Automation 7.2 Chef Integration
IBM Cloud for VMware Solutions vrealize Automation 7.2 Chef Integration Date: 2017-03-06 Version: 1.0 ã Copyright IBM Corporation 2016 Page 1 of 8 Table of Contents 1 Introduction... 3 1.1 Chef Server
More informationAgile CI/CD with Jenkins and/at ZeroStack. Kiran Bondalapati CTO, Co-Founder & Jenkins Admin ZeroStack, Inc. (
Agile CI/CD with Jenkins and/at ZeroStack Kiran Bondalapati CTO, Co-Founder & Jenkins Admin ZeroStack, Inc. (www.zerostack.com) Outline ZeroStack Hybrid Cloud Platform Jenkins and ZeroStack Jenkins at
More informationDatacenter Management and The Private Cloud. Troy Sharpe Core Infrastructure Specialist Microsoft Corp, Education
Datacenter Management and The Private Cloud Troy Sharpe Core Infrastructure Specialist Microsoft Corp, Education System Center Helps Deliver IT as a Service Configure App Controller Orchestrator Deploy
More informationSecure VFX in the Cloud. Microsoft Azure
Secure VFX in the Cloud Burst rendering, storage, and key management Microsoft Azure Joel Sloss, Microsoft Board of Directors, CDSA Agenda No premise for On-Premises Is it safe? On Being Internet-connected
More informationElizabeth Lawler CEO & Co-Founder Conjur,
SESSION ID: ASD-W02 Is DevOps Breaking Your Company? Elizabeth Lawler CEO & Co-Founder Conjur, Inc. @elizabethlawler Agenda I. Security + DevOps Overview Unstoppable Force vs Immovable Object Aligning
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationAGILE AND CONTINUOUS THREAT MODELS
SESSION ID: DEV-R04 AGILE AND CONTINUOUS THREAT MODELS Nancy Davoust Vice President, Security Architecture and Technology Solutions Comcast CONTEXT FOR AGILE AND CONTINUOUS THREAT MODELING The Landscape
More informationAbout This Document 3. Overview 3. System Requirements 3. Installation & Setup 4
About This Document 3 Overview 3 System Requirements 3 Installation & Setup 4 Step By Step Instructions 5 1. Login to Admin Console 6 2. Show Node Structure 7 3. Create SSO Node 8 4. Create SAML IdP 10
More informationDecentralised Communication: The challenge of balancing interoperability and privacy.
Decentralised Communication: The challenge of balancing interoperability and privacy. matthew@matrix.org http://www.matrix.org Privacy in Matrix 2 Two basic types of privacy: 1. Can attackers see what
More informationDeployment Patterns using Docker and Chef
Deployment Patterns using Docker and Chef Sandeep Chellingi Sandeep.chellingi@prolifics.com Agenda + + Rapid Provisioning + Automated and Managed Deployment IT Challenges - Use-cases What is Docker? What
More informationGlobal Data Plane. The Cloud is not enough: Saving IoT from the Cloud & Toward a Global Data Infrastructure PRESENTED BY MEGHNA BAIJAL
Global Data Plane The Cloud is not enough: Saving IoT from the Cloud & Toward a Global Data Infrastructure PRESENTED BY MEGHNA BAIJAL Why is the Cloud Not Enough? Currently, peripherals communicate directly
More informationPatching and Updating your VM SUSE Manager. Donald Vosburg, Sales Engineer, SUSE
Patching and Updating your VM SUSE Manager Donald Vosburg, Sales Engineer, SUSE dvosburg@suse.com Why should I care? I just clone my base VM image, and after that it is not my problem... Understand the
More informationLearn. Connect. Explore.
Learn. Connect. Explore. No More Storage Nightmares An Open Solution for Container Persistent Storage Learn. Connect. Explore. CONTAINERS vs VIRTUALIZATION Containers Abstracts OS Kernel Mostly Linux One
More informationDevOps Course Content
DevOps Course Content 1. Introduction: Understanding Development Development SDLC using WaterFall & Agile Understanding Operations DevOps to the rescue What is DevOps DevOps SDLC Continuous Delivery model
More informationQualys Cloud Platform (VM, PC) v8.x Release Notes
Qualys Cloud Platform (VM, PC) v8.x Release Notes Version 8.18.1 April 1, 2019 This new release of the Qualys Cloud Platform (VM, PC) includes improvements to Vulnerability Management and Policy Compliance.
More informationSecurity as Code: The Time is Now. Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS
Security as Code: The Time is Now Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS Introduction Business is moving faster to the cloud, and DevOps is accelerating scale and pushing automation
More informationCourse Overview This five-day course will provide participants with the key knowledge required to deploy and configure Microsoft Azure Stack.
[MS20537]: Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Length : 5 Days Audience(s) : IT Professionals Level : 300 Technology : Azure Delivery Method : Instructor-led (Classroom)
More informationREDEFINING THE ENTERPRISE
REDEFINING THE ENTERPRISE ENABLING IT AND BUSINESS TRANSFORMATION WITH INDUSTRY BENCHMARKS 1 TODAY S BUSINESS CHALLENGES REACT FASTER TO FIND NEW GROWTH CUT OPERATIONAL COSTS & LEGACY MORE THAN EVER 2
More informationticrypt DEPLOYMENT OVERVIEW AND TIMELINE Information about hardware, deployment, and on-boarding
ticrypt DEPLOYMENT OVERVIEW AND TIMELINE Information about hardware, deployment, and on-boarding THOMAS SAMANT thomas@terainsights.com Tera Insights, LLC Feb 15th 2018 ALIN DOBRA alin@terainsights.com
More information2 Me. 3 The Problem. Speaker. Company. Ed Breay Sr. Sales Engineer, Hitachi ID Systems.
1 2 Me Speaker Ed Breay Sr. Sales Engineer, Hitachi ID Systems. Company Hitachi, Ltd.: a 100 year old Fortune 100 conglomerate. Hitachi ID Systems, Inc.: a 19 year old IAM software subsidiary. Headquarters
More information* Inter-Cloud Research: Vision
* Inter-Cloud Research: Vision for 2020 Ana Juan Ferrer, ATOS & Cluster Chair Vendor lock-in for existing adopters Issues: Lack of interoperability, regulatory context, SLAs. Inter-Cloud: Hardly automated,
More informationVirtual Machine Encryption Security & Compliance in the Cloud
Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture
More informationSnapshot Best Practices: Continuous Integration
Snapshot Best Practices: Continuous Integration Snapshot provides sophisticated and flexible tools for continuously keeping Salesforce accounts, developer projects, and content repositories synchronized.
More informationArchitecting Microsoft Azure Solutions (proposed exam 535)
Architecting Microsoft Azure Solutions (proposed exam 535) IMPORTANT: Significant changes are in progress for exam 534 and its content. As a result, we are retiring this exam on December 31, 2017, and
More informationDevOps Using VSTS and Azure
DevOps Using VSTS and Azure ALMDO; 5 Days, Instructor-led Course Description The combination of Visual Studio Team Services (VSTS) and Microsoft Azure provides a powerful and fully featured solution to
More informationDEVOPSIFYING NETWORK SECURITY. An AlgoSec Technical Whitepaper
DEVOPSIFYING NETWORK SECURITY An AlgoSec Technical Whitepaper Introduction This technical whitepaper presents and discusses the concept of Connectivity as Code, a complementary concept to Infrastructure
More informationEndpoint Protection with DigitalPersona Pro
DigitalPersona Product Brief Endpoint Protection with DigitalPersona Pro An introductory technical overview to DigitalPersona s suite for Access Management, Data Protection and Secure Communication. April
More informationTable of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2
Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.
More informationPartner Center: Secure application model
Partner Center: Secure application model The information provided in this document is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including
More informationMandi Walls. Technical Community #habitatsh
Mandi Walls Technical Community Manager @lnxchk mandi@chef.io https://habitat.sh #habitatsh http://slack.habitat.sh/ Chef and Automation Infrastructure Automation Cloud early adopters Digital Transformation
More informationDocker and Security. September 28, 2017 VASCAN Michael Irwin
Docker and Security September 28, 2017 VASCAN Michael Irwin Quick Intro - Michael Irwin 2011 - Graduated (CS@VT); started full-time at VT Sept 2015 - Started using Docker for QA June 2016 - Attended first
More informationSMARTCRYPT CONTENTS POLICY MANAGEMENT DISCOVERY CLASSIFICATION DATA PROTECTION REPORTING COMPANIES USE SMARTCRYPT TO. Where does Smartcrypt Work?
SMARTCRYPT PKWARE s Smartcrypt is a data-centric audit and protection platform that automates data discovery, classification, and protection in a single workflow, managed from a single dashboard. With
More informationThis tutorial provides a basic understanding of the infrastructure and fundamental concepts of managing an infrastructure using Chef.
About the Tutorial Chef is a configuration management technology developed by Opscode to manage infrastructure on physical or virtual machines. It is an open source developed using Ruby, which helps in
More informationDevOps Technologies. for Deployment
DevOps Technologies for Deployment DevOps is the blending of tasks performed by a company's application development and systems operations teams. The term DevOps is being used in several ways. In its most
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationSafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION
SafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION Encrypt application data and keep it secure across its entire lifecycle no matter where it is transferred, backed up, or copied Rich application encryption
More informationMulti-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey - Sr. Director, Technical Marketing & Integrations BRKCLD-2008 Agenda Introduction Architecture
More informationA Dropbox-like Personal Cloud for OpenStack Swift
A Dropbox-like Personal Cloud for OpenStack Swift Pedro García López Adrián Moreno Martínez Cristian Cotes González OpenStack Summit May 2014 - Atlanta CloudSpaces project Open Service Platform for the
More informationContainers or Serverless? Mike Gillespie Solutions Architect, AWS Solutions Architecture
Containers or Serverless? Mike Gillespie Solutions Architect, AWS Solutions Architecture A Typical Application with Microservices Client Webapp Webapp Webapp Greeting Greeting Greeting Name Name Name Microservice
More informationSO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY
SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY www.securelink.net BACKGROUND Macro trends like cloud and mobility change the requirements for endpoint security. Data can
More informationThe Three Data Challenges
The Three Data Challenges Mark Bentkower, CISSP, Director Solutions Marketing, APAC 12 October 2017 2016 COMMVAULT SYSTEMS, INC. ALL RIGHTS RESERVED. You can have data without information, but you cannot
More informationWhat I ll be talking about. About me & bol.com The CI/CD bol.com Current setup. The future in the cloud
CI/CD @ bol.com What I ll be talking about 1. 2. 3. 4. 5. About me & bol.com The CI/CD story @ bol.com Current setup Mayfly The future in the cloud About me Maarten Dirkse @mdirkse on Twitter In IT since
More informationMcAfee Client Proxy Product Guide
McAfee Client Proxy 2.3.5 Product Guide COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee EMM, Foundstone,
More informationCon$nuous Deployment with Docker Andrew Aslinger. Oct
Con$nuous Deployment with Docker Andrew Aslinger Oct 9. 2014 Who is Andrew #1 So#ware / Systems Architect for OpenWhere Passion for UX, Big Data, and Cloud/DevOps Previously Designed and Implemented automated
More informationMove Beyond Primitive Drawing Tools with SAP Sybase PowerDesigner Create and Manage Business Change in Your Enterprise Architecture
SAP Sybase PowerDesigner Move Beyond Primitive Drawing Tools with SAP Sybase PowerDesigner Create and Manage Business Change in Your Enterprise Architecture Table of Contents 3 Add Intelligence to the
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationCHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING
www.hcltech.com CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING Why Next-Gen Networks? The rapid and large scale adoption of new age disruptive digital technologies has resulted in astronomical growth
More informationAspirin as a Service: Using the Cloud to Cure Security Headaches
SESSION ID: CSV-T10 Aspirin as a Service: Using the Cloud to Cure Security Headaches Bill Shinn Principle Security Solutions Architect Amazon Web Services Rich Mogull CEO Securosis @rmogull Little. Cloudy.
More informationSTORAGE MADE EASY: S3 DRIVE & S3 EXPLORER
SOLUTION GUIDE STORAGE MADE EASY: S3 DRIVE & S3 EXPLORER IBM COS ABOUT STORAGE MADE EASY FILE FABRIC The Storage Made Easy File Fabric enables IT to regain control of "cloud data sprawl" by unifying on-premises
More informationOPEN-O DevOps Practice with Automation Toolchain
OPEN-O DevOps Practice with Automation Toolchain Helen Chen Principal Architect, Huawei USA PTL of OPEN-O Integration helen.chen@huawei.com Weidong Shao Principal Engineer, Huawei USA weidong.shao@huawei.com
More informationCloud Technologies Public and Private Cloud Interconnection
Cloud Technologies Public and Private Cloud Interconnection Danut Agache - Technical Manager, CCIE #14573 Bogdan Nita - Data Center Architectures Consultant AGENDA About Us Cloud Technologies - Public
More informationBuilding Kubernetes cloud: real world deployment examples, challenges and approaches. Alena Prokharchyk, Rancher Labs
Building Kubernetes cloud: real world deployment examples, challenges and approaches Alena Prokharchyk, Rancher Labs Making a right choice is not easy The illustrated children guide to Kubernetes https://www.youtube.com/watch?v=4ht22rebjno
More information20537A: Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack
20537A: Configuring and Operating a Hybrid Cloud with Course Details Course Code: Duration: Notes: 20537A 5 days Elements of this syllabus are subject to change. About this course This five-day course
More informationMulti-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey Senior Director, Technical Marketing and Integrations Agenda Introduction Architecture
More informationDevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY
DevOps Anti-Patterns Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! 31 Anti-Pattern: Throw it Over the Wall Development Operations 32 Anti-Pattern: DevOps Team Silo
More informationCustomer s journey into the private cloud with Cisco Enterprise Cloud Suite
Customer s journey into the private cloud with Cisco Enterprise Cloud Suite Peter Charpentier, Senior Solution Architect, Cisco AS Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationNetwork Security Protection Alternatives for the Cloud
A Trend Micro White Paper May 2016 Network Security Protection Alternatives for the Cloud» A technical brief summarizing the deployment options that can be used to deploy IDS/IPS protection for cloud instances
More informationKubernetes Integration Guide
Kubernetes Integration Guide Cloud-Native Security www.aporeto.com Aporeto Kubernetes Integration Guide The purpose of this document is to describe the features of Aporeto that secure application services
More informationMulti-Vendor Key Management with KMIP
Multi-Vendor Key Management with KMIP Tim Hudson CTO & Technical Director tjh@cryptsoft.com 1 Abstract Practical experience from implementing KMIP and from deploying and interoperability testing multiple
More informationAddress new markets with new services
Address new markets with new services Programs Deployment Options On-premises Private Cloud Pre-configured Private Cloud Hosted Private Cloud Hyper-V Cloud Deployment Guides Hyper-V Cloud Fast Track Hyper-V
More informationAutomated Deployment of Private Cloud (EasyCloud)
Automated Deployment of Private Cloud (EasyCloud) Mohammed Kazim Musab Al-Zahrani Mohannad Mostafa Moath Al-Solea Hassan Al-Salam Advisor: Dr.Ahmed Khayyat 1 Table of Contents Introduction Requirements
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationEVERYTHING AS CODE A Journey into IT Automation and Standardization. Raphaël Pinson
EVERYTHING AS CODE A Journey into IT Automation and Standardization Raphaël Pinson Who am I? Raphaël Pinson aka Raphink Infrastructure Developer & Trainer Automation (Puppet, Augeas, Docker) Lausanne,
More informationIntroduction to cloud computing
Introduction to cloud computing History of cloud Different vendors of Cloud computing Importance of cloud computing Advantages and disadvantages of cloud computing Cloud deployment methods Private cloud
More informationLaunching a Highly-regulated Startup in the Cloud
Launching a Highly-regulated Startup in the Cloud Poornaprajna Udupi (@poornaudupi) 1 Starting in the 86%by 2020 Cloud Cisco Global Cloud Index: Forecast and Methodology, 2015 2020 2 Building blocks, Cost,
More informationSECURE DATA EXCHANGE
POLICY-DRIVEN SOLUTIONS FOR SECURE DATA EXCHANGE Sending and receiving data is a fundamental part of daily business for nearly every organization. Companies need to share financial transaction details,
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More information[MS10992]: Integrating On-Premises Core Infrastructure with Microsoft Azure
[MS10992]: Integrating On-Premises Core Infrastructure with Microsoft Azure Length : 3 Days Audience(s) : IT Professionals Level : 300 Technology : Azure Delivery Method : Instructor-led (Classroom) Course
More informationImproving client systems security with Qubes OS
4 Jul 2016 We need secure client systems We need secure client systems Otherwise no security really works: We need secure client systems Otherwise no security really works: Encryption 2-factor authentication
More informationTransforming the Internal IT Landscape with APIs. Scott Cranton Director, Application Platform SAs April 2018
Transforming the Internal IT Landscape with APIs Scott Cranton Director, Application Platform SAs April 2018 AGENDA API Domain Overview (very) Brief Technical Overview How to help your API Program Succeed
More informationTable of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine
Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of
More informationExam C Foundations of IBM Cloud Reference Architecture V5
Exam C5050 287 Foundations of IBM Cloud Reference Architecture V5 1. Which cloud computing scenario would benefit from the inclusion of orchestration? A. A customer has a need to adopt lean principles
More informationWHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction
WHITE PAPER RedHat OpenShift Container Platform Abstract Benefits: Applications are designed around smaller independent components called microservices. Elastic resources: Scale up or down quickly and
More informationService Insertion with ACI using F5 iworkflow
Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models
More informationDyadic Enterprise. Unbound Key Control For Azure Marketplace. The Secure-As-Hardware Software With a Mathematical Proof
Dyadic Enterprise Unbound Key Control For Azure Marketplace The Secure-As-Hardware Software With a Mathematical Proof Unbound Key Control (UKC) is the first software-only key management and key protection
More informationSustainable Security Operations
Sustainable Security Operations Optimize processes and tools to make the most of your team s time and talent The number and types of security incidents organizations face daily are steadily increasing,
More informationApplication Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015
Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services Redhat Summit 2015 Agenda Introduction Why Application Centric Application Deployment Options What is Microservices Infrastructure
More informationRok: Decentralized storage for the cloud native world
Whitepaper Rok: Decentralized storage for the cloud native world Cloud native applications and containers are becoming more and more popular, as enterprises realize their benefits: containers are great
More informationDeploying Public, Private, and Hybrid. Storage Cloud Environments
Deploying Public, Private, and Hybrid PRESENTATION TITLE GOES HERE Storage Cloud Environments Marty Stogsdill, Oracle Greg Kleiman, NetApp SNIA Legal Notice! The material contained in this tutorial is
More informationWeak Spots Enterprise Mobility Management. Dr. Johannes Hoffmann
Weak Spots Enterprise Mobility Management Dr. Johannes Hoffmann Personal details TÜV Informationstechnik GmbH TÜV NORD GROUP Dr. Johannes Hoffmann IT Security Business Security & Privacy Main focus: Mobile
More informationArchitect your deployment using Chef
ArcGIS Enterprise Architect your deployment using Chef Cherry Lin and Scott MacDonald ArcGIS Enterprise base deployment Why automate your ArcGIS Enterprise deployment? Efficiency Get up and running faster
More informationDEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE
SOLUTION OVERVIEW DEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE Cut Costs and Control Access with VMware Cloud PKS Digital transformation, the Internet of things, the growing popularity of public clouds,
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More informationDynamic App Services in Containerized Environments
Dynamic App Services in Containerized Environments F5 Government Technology Symposium Mark Dittmer Sr Product Management Engineer Understanding the Container Market and Customer Challenges 1 Organization
More informationBioTechnology. An Indian Journal FULL PAPER. Trade Science Inc. Study on secure data storage based on cloud computing ABSTRACT KEYWORDS
[Type text] [Type text] [Type text] ISSN : 0974-7435 Volume 10 Issue 22 BioTechnology 2014 An Indian Journal FULL PAPER BTAIJ, 10(22), 2014 [13778-13783] Study on secure data storage based on cloud computing
More informationJANUARY Migrating standalone ArcGIS Server to ArcGIS Enterprise
JANUARY 2018 Migrating standalone ArcGIS Server to ArcGIS Enterprise Copyright 2018 Esri All rights reserved. Printed in the United States of America. The information contained in this document is the
More informationOverhauling Dev Arch with Ansible Tower and Docker
Overhauling Dev Arch with Ansible Tower and Docker Scott Van Velsor, Bryan Shake, Khaled Awwad June 29 1130a #redhat #rhsummit origins the landscape that came before branch & path limits no automation
More informationDEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE
SOLUTION OVERVIEW DEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE Cut Costs and Control Access with VMware Kubernetes Engine Digital transformation, the Internet of things, the growing popularity of public
More informationConnect & take control
Connect & take control RealVNC invented VNC screen sharing technology over twenty years ago. We deliver secure screen sharing for a wide range of industry applications on all major computer and mobile
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Digital Interconnect Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively
More informationGAME Self-Service Portal
GAME Self-Service Portal Google Employee Training Guide 1 Table of Contents Introduction... 3 GAME SSP Login ID is Optional for Google Sales Managers... 3 GAME SSP Login ID is Available for Google Administrative
More informationBARCELONA. 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
BARCELONA 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved From Monolithic to Microservices Evolving Architecture Patterns in the Cloud Daniele Stroppa, AWS Solutions Architect Teo
More informationDatasheet. Only Workspaces delivers the features users want and the control that IT needs.
Datasheet Secure SECURE Enterprise ENTERPRISE File FILE Sync, SYNC, Sharing SHARING and AND Content CONTENT Collaboration COLLABORATION BlackBerry Workspaces makes enterprises more mobile and collaborative,
More informationHALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.
HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated
More information