12 steps to cloud security
Whether you are running on a public or a private cloud provider, this talk aims to help you secure your cloud based deployment, by using a simple step-by-step guide that involves using open source tools. You will be able to understand and implement a security framework for your own cloud deployment.
This talk outlines a 12-step guide consisting of the following steps:
- Knowing your shared responsibility
- Protecting your network
- Protecting your cloud machine images
- Protecting your data at rest
- Protecting your data in transit
- Protecting and patching your instances
- Protecting access to your instances
- Protecting your applications
- Auditing and monitoring your cloud
- Validating your protection
- Automating everything
- Updating your security policy
Open Source tools and technologies covered:
- PfSense, Openswan, OpenVPN
- SELinux, App Armor, Dm-crypt
- Nginx, ModSecurity
- Samba/Winbind, OpenLDAP
- Logstash, Nagios, Ganglia
- Metasploit, Nessus
- Ansible, Docker, Jenkins
We will be going over each step in detail, so attendees can understand the importance of underlying security domains and learn how to go about implementing them using open source solutions alone. I will also be sharing my personal experiences and best practices when it comes to implementing a security framework for the cloud using open source tools and technologies.
Presenters
Vishnu Vettrivel, DataBrigade
Vishnu Vettrivel is a developer and architect with over 15 years of experience with open source, Big Data and linux based environments in Banking, e-commerce and Healthcare industries. He currently builds, secures and operates multiple data driven applications in the cloud for an analytics platform company in Bellevue. He is a champion of open source and secure development, agile architectures and Continuous delivery. Vishnu has a graduate degree in Software Management from the Carnegie Mellon and lives in the Seattle Metro Area.