Top Cybersecurity Instructors and Best Offers of the Year Available Now - Learn More!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Cloud & Dev Ops Summit @Night

  • Thursday, October 22nd | 5:30 - 6:50 PM MDTThursday, October 22, 2020 at 7:30 PM EDT (2020-10-22 23:30:00 UTC)
  • Toni de la Fuente, Shaun McCullough, Cesar Rodriguez

You can now attend the webcast using your mobile device!

  

Overview

Learn to Safeguard Mission-Critical Assets in the Cloud

Protecting information systems, applications, and data in the cloud presents a new set of challenges for organizations to overcome. Our SANS instructors are among the best cybersecurity instructors in the world and will provide you with guidance and all the skills you need to defend your organization from ever-evolving threats. Students will also be able to enjoy live online bonus sessions!

White Space

Agenda

5:30-5:50 pm MDT - Securing Serverless with Terrascan

Cesar Rodriguez, Head of Developer Advocacy, Accurics

As development teams move to serverless architectures, how does this change the way security is handled vs traditional infrastructure? In this talk we'll walk through how security controls can be embedded into serverless architectures and how Terrascan, an open source static code analyzer for infrastructure as Code, can help find security issues in your serverless infrastructure before it's deployed.

White Space

6:00-6:20 pm MDT - What I Have Learned Writing Prowler

Toni de la Fuente @toniblyx, Senior Security Consultant, AWS

Prowler is an AWS security assessment Open Source tool that helps cloud security auditors to know the security status of their resources in the AWS cloud. I want to share all what I have learned during the last 3 years, not only in terms of Open Source and such, but also around use cases, community, AWS security, AWS services APIs, AWS command line interface and security in general. What mistakes I've made and what would be different if I start it again. This talk will help attendees to make better decisions and fail earlier if they start the journey of building their own security tools.

White Space

6:30-6:50 pm MDT - Architecting for Threat Hunting

Shaun McCullough @thecybergoof, Director

Improve your Threat Hunting success through architecture and operations. This talk will highlight architecture design patterns, DevSecOps pipelines, and the Cloud's automatable infrastructure to mitigate the threat and make attacker behaviors stand out.

White Space

Speaker Bios

Toni de la Fuente

Toni de la Fuente is a Senior Security Consultant with AWS Professional Services where he works in hardening environments and implementing security best practices to address customer challenges across the global landscape. Toni is also author of Prowler, an Open Source security tool that helps AWS customers to assess and understand how to improve their security posture in the AWS cloud. Prior to joining AWS, Toni worked as Lead of Security Operations and Cloud Security Architect at Alfresco Software.


Shaun McCullough

As a hands-on practitioner with a gift for architecture design, Shaun explores the good and bad of how the Cloud is changing the way the industry secures and runs infrastructure. During his 25+ years of experience, Shaun has spent equal parts in security engineer and operations as well as software development. With extensive experience within the Department of Defense, Shaun was the Technical Director of the Red and Blue operations teams, a researcher of advanced host analytics, and ran a threat intelligence focused open source platform based on MITRE ATT&CK. Previously, he was a consultant with H&A Security Solutions, focusing on analytic development, DevOps support, and security automation tooling. Shaun has authored the brand new SEC541: Cloud Monitoring and Threat Hunting and can be found teaching SEC545: Cloud Security Architecture and Operations on a regular basis. Learn more about Shaun here.


Cesar Rodriguez

Cesar Rodriguez is the Head of Developer Advocacy at Accurics and has spent the last 10+ years working in the cloud security space, securing both private cloud working for the military as well as public cloud in the financial sector. He is passionate about contributing to the developer community through open source projects (Terrascan), blogs, and participating in local meetups.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.