Event Recording

OT Patch Management Best Practices

Speaker
Fulup Ar Foll
Founder and Lead Architect
IoT.bzh
Fulup Ar Foll
Fulup Ar Foll holds a Master in Computer Science from the Military French School ESAT. His career started with ten years of research on embedded operating systems. He then joined the Industry; taking on the technical direction of Wind-River in Europe before moving to Sun-Microsystems where he...
View profile
Top related content
Event Recording
Ola Sergatchov - Beyond Cloud - the Place Where Security, DevOps and Business Meet
Dec 04, 2019

As a result of the continous evolution of IT platforms, new environments and applications show up to simplify our lives. Some receive them with suspicion, others embrace them. But security challenges don't change, they just multiply. Visibility and segmentation cannot be a roadblock on the never-ending quest for innovation and business agility.  

Ola Sergatchov, Vice President of Corporate Strategy at Guardicore, in her presentation, will explore how we can deliver more with less. How to accelerate while reducing security risks, and most importantly, align security, DevOps and business objectives without major IT overhaul.

Event Recording
Graham Williamson: Avoiding Plan B – Doing It Right the First Time
Oct 28, 2021
Webinar Recording
The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure
Apr 29, 2020

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud environments (or wherever else). This requires a security angle on DevOps, which you might name DevSecOps.

Such an approach includes security and identity as a service, which has been referred to in the past as Application Security Infrastructures. It requires adequate protection of both the DevOps tools chain and the applications that run in containers, which are constructed in microservices architectures and go hybrid. It is about the other SaaS (Security as a Service), the other IDaaS (Identity as a Service) differently from IAM provided as SaaS service, it is about enhancements to traditional PAM (Privileged Access Management). It is about concepts, organization, and tools. 

Event Recording
Hack a Cloud and Kubernetes
May 10, 2023

People are under the impression that when you spin up the latest and greatest AKS, EKS, OpenShift or GKE instance, that you're secure. However with K8S, now more than ever the workload underneath matters. One privileged, neglected, container can compromise an entire setup. Rather than just talking about the risks or best practices, this talk is all about showing how easy it is to do.

The talk will first discuss possible attack paths in the Kubernetes cluster, and what differences exist in the attack techniques compared to classic infrastructures. For this purpose, a web application in a container will be compromised, then the Kubernetes cluster and the cloud account. Subsequently, 2 open-source tools will be discussed how such vulnerabilities and misconfigurations can be detected in the different infrastructure layers.

Event Recording
Francisco Z. Gaspar - The Unpatchable Element
Dec 12, 2019
Event Recording
The Future of IoT Security
Sep 15, 2021

Speaker: Graham Williamson

Event Recording
The Role of Policy Management in the Software-Defined Era
May 16, 2015

The panel is comprised of industry experts from NIST NCCoE, Microsoft, Intel, Cisco and HyTrust, who discuss the role of policy management in the software-defined era. Speakers present commonly used policy definitions and usage, and debate the emerging need for policy-based resource lifecycle management, including how to secure these resources and demonstrate compliance, leveraging concrete use cases: 1) Software Defined Networking, 2) Software Defined Data Center/Orchestration, and 3) NCCoE Building Blocks – ABAC and Trusted Geo-Location.

Event Recording
Panel | Best Practices to Implement Security Automation
Sep 15, 2021
Alexei Balaganski, Lead Analyst, KuppingerCole
Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic
Christopher Schütze, Director Practice Cybersecurity and Lead Analyst, KuppingerCole
Event Recording
Cybersecurity for industrial connected objects
Oct 27, 2021