2021 Talks

First Contact with Container Security (Intermediate)

Abstract: In the cloud companies are transitioning to the use of microservices at a rapid pace. While this model decreases time to market, it also increases supply chain security risk and lowers visibility. According to the Cloud Native Computing Foundation, 92% of companies surveyed are using containers in their production environments. It seems that when it comes to transitioning part of your cloud ecosystem, resistance is futile.

Your containers are likely hosting applications that deliver content to customers. Meaning that your container runtime is exposed to the internet. As modern runtime environments are complex, they present multiple attack vectors. Even the best security is not a guarantee against an attackmaking comprehensive and active runtime protection all the more essential.

Intezers Ell Marquez and SANS Institutes Jake Williams will explain how increased visibility into each deck (containers) environment (code) can help you act quickly to prevent your environment from being assimilated by attackers.

A Muggles Guide to Security In The Cloud (Intro Level)

Abstract: In the security and technology world, we rely so heavily on buzz words to explain our work that others feel like we are magicians working spells that they will never be able to do.

Saying, “Due to issues with our security posture, the APT manipulated a well-known CVE to breach our cloud-native-applications.” Might as well be: “The Death Eaters were able to use a port key to enter our environment and effectively cast the Avada Kedavra spell.”

Instead, we could say, “An attacker used a known flaw to gain access to our environment and brought down our servers.”

In this session, we will come to understand that security for our cloud environments can be simple to understand, yes even for muggles. That is, if we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.

A Wizards Guide to Security in the Cloud (Intermediate)

Abstract: A Horcrux is a powerful object in which a Dark wizard or witch [attacker] has hidden a fragment of his or her soul [code] for the purpose of attaining immortality [persistence].

Creating a Horcrux gives one the ability to anchor their own soul [code] to earth[environment], if the body [process] is destroyed.

In this session, we will come to understand how attackers are able to not only compromise our cloud environments but also maintain persistence—while our security teams are distracted by a mountain of false alerts. If we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.

Is Linux Secure by Default? (Intro Level)

Abstract: The Linux operating system is secure by default because Windows is the most used operating system globally. Thus attackers create viruses and malware to target Windows systems. While cringe-worthy to read, these are all real statements being touted in the technology sector. This is a false narrative that is still frequently touted in the technological world. This webinar will highlight the common myths proliferated around the Linux operating system. As well as how they are endangering companies’ production environments, and steps companies can take to mitigate the new techniques attackers are using to benefit from these myths.

How Hackers Saved My Life

Abstract: Starting in Security, the motto that got me through was, “It’s Okay To Be New.” Though I’ll tell you a secret, which is that I didn’t always believe it. I was new at Dev, Sec, and even Ops! I felt the motto should have been, “The impostor is strong in this one.”

Although the journey has not been easy, the more I learn, the stranger the journey becomes. Why? Because the principles I am learning: visibility, code reuse and yes, even social engineering, helped me see beyond the unknown and find my path. Even more surprising, the help I needed most came from those who we have been taught to fear.

While “How Hackers Saved My Life” may sound like an exaggeration, the truth is that it may be an understatement. Join us as we explore how our lives are a series of functions that we execute in an endless loop. And how you can hack the code for a better life, a better career, and a better community. You don’t have to get unplugged to be Neo.