past talks

What if the best guide to understanding advanced persistent threats wasn't a threat intelligence report, but a fairy tale? This talk draws parallels between the villain archetypes of Grimm's fairy tales and the motivations behind modern APT groups. By examining how these stories frame danger, deception, and preparation, we can reframe how we think about threat modeling and defense. The core argument: we've over-indexed on complex tooling and underinvested in foundational security practices. This session advocates for returning to basics, understanding who your adversaries are, what they want, and building defenses around anticipated threats rather than reacting after the fact.

IAM is the backbone of AWS security, and also the source of some of the most costly breaches in cloud history. Misconfigured policies, over-permissioned roles, and poorly understood trust relationships have taken down organizations of every size. This talk digs into real-world AWS breaches caused by IAM misconfiguration, explores best practices for policy development, and covers practical tools for auditing your cloud environment. Whether you're managing a small account or a sprawling multi-account org, you'll leave with concrete strategies for locking down your cloud before someone else finds the gaps first.

The tension between development and security teams is one of the most persistent problems in our industry, and slapping "DevSecOps" on it hasn't fixed anything. This talk skips the buzzwords and gets candid about why these teams struggle to work together, what that friction actually costs, and what it takes to build real trust. Drawing from experience on both sides of the table, this session offers practical strategies for bridging the cultural and communication gaps that slow teams down and leave organizations exposed. Because a team that trusts each other ships secure software. A team that doesn't just ships faster toward the next incident.

Every day, wars are being waged on an invisible battlefield. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn't an opposing army. Instead, it may very well be a single malicious actor or a state-sponsored group of hackers. Attackers are now investing more time and effort into creating malware tailored to Linux environments. The best-case scenario outcome of a successful attack is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. This presentation will focus on the techniques attackers use to transition traditional tools and create malware tailored to Linux and cloud environments. And, of course, the solution to how to change our security approaches to address the continuously changing threat landscape.

Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn't an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory — resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business.

Migrating to the cloud brings a new set of challenges, from new vulnerabilities to a constantly changing attack surface. These challenges are a juicy target for attackers. After all, an attackers' goal is simple: establish where our weaknesses are and exploit them. Companies have to successfully defend themselves from hundreds, if not thousands, of attacks. They now face the need to understand which of the dozens of cloud security solutions can best be implemented to keep attackers out of their data's home. But what happens when an attacker has breached our defenses? What happens when the call [attack] is coming from our data's home?

Starting in Security, the motto that got me through was, "It's Okay To Be New." Though I'll tell you a secret, which is that I didn't always believe it. I was new at Dev, Sec, and even Ops! I felt the motto should have been, "The impostor is strong in this one." Although the journey has not been easy, the more I learn, the stranger the journey becomes. Why? Because the principles I am learning: visibility, code reuse and yes, even social engineering, helped me see beyond the unknown and find my path. Even more surprising, the help I needed most came from those who we have been taught to fear. While "How Hackers Saved My Life" may sound like an exaggeration, the truth is that it may be an understatement. Join us as we explore how our lives are a series of functions that we execute in an endless loop. And how you can hack the code for a better life, a better career, and a better community. You don't have to get unplugged to be Neo.

Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn't an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory — resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. In the cloud, companies are transitioning to the use of microservices at a rapid pace. While this model decreases time to market, it also increases supply chain security risk and lowers visibility. According to the Cloud Native Computing Foundation, 92% of companies surveyed are using containers in their production environments. It seems that when it comes to transitioning part of your cloud ecosystem, resistance is futile.

The emergence of the cloud era has resulted in significant changes in the application development process. Traditional monolithic application architectures have given way to more agile cloud-native applications. With this transformation, developers have a greater responsibility to own their code in development and production. However, as DevOps shifts left, the "role" of security teams begins to dip. The "Shift Left" movement is believed to ensure that security concerns are considered throughout the entire development process, not just before deployment. However, this transition's success is questionable at best. Have we shifted too far left? Join Ell Marquez to explore the relationship between development, operations, and security teams. Discussing how increased visibility from development onto runtime can help us all boot scootin' boogie together.

In the security and technology world, we rely so heavily on buzz words to explain our work that others feel like we are magicians working spells that they will never be able to do. Saying, "Due to issues with our security posture, the APT manipulated a well-known CVE to breach our cloud-native-applications." Might as well be: "The Death Eaters were able to use a port key to enter our environment and effectively cast the Avada Kedavra spell." Instead, we could say, "An attacker used a known flaw to gain access to our environment and brought down our servers." In this session, we will come to understand that security for our cloud environments can be simple to understand, yes even for muggles — if we focus on the root cause of all cyber attacks: unauthorized code.

A Horcrux is a powerful object in which a Dark wizard or witch [attacker] has hidden a fragment of his or her soul [code] for the purpose of attaining immortality [persistence.] Creating a Horcrux gives one the ability to anchor their own soul [code] to earth [environment], if the body [process] is destroyed. In this session, we will come to understand how attackers are able to not only compromise our cloud environments but also maintain persistence — while our security teams are distracted by a mountain of false alerts — if we focus on the root cause of all cyber attacks: unauthorized code.

The Linux operating system is secure by default because Windows is the most used operating system globally. Thus attackers create viruses and malware to target Windows systems. While cringe-worthy to read, these are all real statements being touted in the technology sector. This is a false narrative that is still frequently touted in the technological world. This talk will highlight the common myths proliferated around the Linux operating system, how they are endangering companies' production environments, and steps companies can take to mitigate the new techniques attackers are using to benefit from these myths.

Many of us in the technical community have heard the saying RTFM (Read The Friendly Manual) as advice given to someone learning Linux. In Confessions of a Sysadmin, Ell Marquez will share the practical approach she used to learn to navigate the command line along with some of the secrets she has learned along the way. As members of the tech community we have ALL experienced an awkward moment or two… or five. We will go on a journey together, break down gates, have honest conversations, and hit a few painful points that we've experienced in our careers. From mansplaining and gate keeping to being told that real admins only use arch, we will confess the sins of the Linux world in hopes of inspiring the next generation. Along the way we will tell a few stories that you just might be able to relate to.

Ever been a Daniel in need of a Mr. Miyagi? Are you ready to achieve greatness but with no real clue where to start? Finding a mentor is the first step, but knowing how to make the most of the time spent with your mentor makes the real difference. Join in on a conversation about identifying your person of influence and building a plan together from wax on, wax off to being carried away by the cheering crowd. There has been a push in our community to be active mentors. What is not explained, however, is how to foster a healthy and prosperous relationship that benefits both the mentor and the mentee. Together we will explore the different types of mentoring relationships, as well as setting goals, tracking progress, and getting the most out of these relationships.

Getting started in tech can be a difficult process. We often feel we don't know enough to even know what we need to learn. Friends will recommend that we begin by seeking certifications to help us stand out in the job market — but what certification do you start with? The AWS Certified Cloud Practitioner examination is intended for individuals who are seeking the knowledge and skills necessary to effectively demonstrate an overall understanding of the AWS Cloud. During our study cram you will learn about the fundamentals of the AWS Cloud, along with building an outline of what you will need to study in order to build your cloud skills and grow your professional credibility. Great for anyone looking to work with the AWS cloud or just starting their cloud journey.

The number one question that someone starting out with container technology always seems to have is "Where do I get started?" While this appears to be a simple question for some, the quick responses of "Read the docs" or "What questions do you have?" fall short when the docs look like they were written in Greek — and you didn't manage to take that elective in high school. Or you simply just don't know enough to know what you should be asking. If you have found yourself in this situation, this is the perfect talk to attend. We will go over the basics of container technology by answering the basic questions: who, what, when, where, and why.

Being new to containers can feel like sitting in front of a firehose and trying to drink all of the water coming at you. Especially here at DockerCon! In this workshop, we're going to dive into what containers and images actually are and some best practices around them, how to use volumes and port mappings, and how to run multi-service applications. There will be quite a few hands-on opportunities, as well as training from some of our Docker Captains. Note: This workshop does not cover orchestration or running containers in production (monitoring, logging, etc.), as there are other workshops solely focused on those topics.

Many of us in the technical community have heard the saying RTFM (Read The Friendly Manual) as advice given to someone learning Linux. In Confessions of a Sysadmin, Ell Marquez and Allie Barnes share a practical approach to learning to navigate the command line along with some of the secrets learned along the way. As members of the tech community we have ALL experienced an awkward moment or two… or five. We get real and hit a few points that we've experienced in our careers — from mansplaining to being told that real admins only use arch — confessing the sins of the Linux world in hopes of inspiring the next generation.

The technology industry has been rapidly growing for some time and as the industry grew there became a shift in our mindset as we could no longer fill all the roles that were needed. With this came a push to diversify, to bring in new blood and new ideas, and in the process we began to develop a community. Recently the topic of conversation has turned to imposter syndrome — a feeling of inadequacy that persists despite evidence of the contrary — and the solution is being placed on the shoulders of the individual alone. However, we are not addressing the whole issue, or even acknowledging that these feelings may be caused by a toxic part of our culture that leads us to break down those we claim to want to build up.

(20 min talk) In this short and to the point talk we will work on how to turn our goals and dreams into real, practical SMART goals. Through the use of SMART goals we gain the foundation we need to approach mentors, managers, or even face imposter syndrome head on.

The technical community is all abuzz about containers but does anyone really know what they are? We will take the journey together, learning about the evolution of containerization technology. Understanding virtualization, Linux containers, and then moving on to cover the basics of Docker and Kubernetes.

Many companies that have started adopting OpenStack are in desperate need of people who can run their cloud. This workshop is designed to give OpenStack users an overview of the skills needed to pass the OpenStack Certified Administrator Exam. Attendees will get experience in both the Horizon Dashboard and the CLI.

Now that you're an OpenStack administrator, how do you meet the ever-changing needs of your company? This workshop provides an easy-to-follow walkthrough of many of the tasks an OpenStack administrator might be expected to perform using the Horizon interface. You have been hired as a Linux administrator — but what does that really mean? Rackspace Training Summit Workshops are the first to provide large audiences with easily accessible environments, dynamic slide content, and truly effective instruction that takes learning OpenStack to the next level.