Cloud Security

Cloud services have been disrupting traditional IT operations and impact the overall way of service and software development delivery. While the Cloud adoption is ubiquitous, security concerns are still common.

In this webinar, we will cover two main aspects: How to ensure that your Cloud provider and platform is secure and how to secure your own Cloud infrastructure.

Live Sessions

The next live session of this webinar will take place on December 10th, 2019. Register here.

Don't have a subscription yet? Hurry up, so you can be there in person and ask interesting questions.

Availability

This webinar is part of Cloud Computing and Networking roadmap and accessible with standard subscription

Start now Access content

Contents

The introductory part of this webinar covers the following topics:

  • Cloud security certifications & provider evaluation models
  • Cloud threats & vulnerabilities
  • Your (security) responsibilities in Cloud operation, in particular:
    • Identity & Access Management
    • Network Security
    • Automation
    • Logging & Monitoring
    • Pentesting, Auditing & Tooling

In addition, Matthias described how cloud-native use of cloud services could improve the security level of your assets.

Identity and Access Management

In this section you'll learn how to set up your public cloud platform accounts and how to protect them. In addition, Cloud IAM solutions offer the possibility to use the platform accounts for your application stack as well - and we will explore security challenges and opportunities of this approach.

Network Security

The network security aspects of AWS and Azure public clouds are described in Amazon Web Services Networking and Microsoft Azure Networking webinars.

Logging and Monitoring

Cloud environments offer new logging mechanisms which differ from traditional technologies. We will have a look at those and figure out how to integrate them with your existing solutions.

Automation & Testing

One of the biggest advantage of public cloud environments is their capability to modify any object via an API call or use infrastructure-as-code templates to deploy, modify or destroy whole application stacks, as well as monitor the compliance of actual deployment with desired state specified in the template.

We will see how to leverage this capability to increase our level of security and see how this affects traditional security testing approaches.

The Author

Matthias LuftMatthias Luft is a Principal Platform Security Engineer at Salesforce Heroku. After more than 10 years in IT Security, he is still excited about a broad range of topics (from hypervisor security to IT security management) and has presented on them on various occasions. Currently, he works on container and cloud security topics.