Info-Security Conference Securing Your Applications in the Cloud. 29 May 2013
|
|
- Abel Norman
- 8 years ago
- Views:
Transcription
1 Info-Security Conference 2013 Securing Your Applications in the Cloud 29 May 2013
2 Applications in the Cloud Problem: In the cloud, application security is your final line of defence We are still not doing application security right generally Why should we expect to be able to do it right in the cloud? Ideas: Awareness, guidance, training, and context Reinforced by the right tools integrated into a secure development lifecycle Paving the way for more secure apps and better competitiveness (DevOps)
3 Quick Re-cap of Terminology IaaS, PaaS, SaaS determines which layers you have to secure yourself IaaS is most similar to traditional app security application still crosses a trust-boundary when it moves from dev to production and you still have to worry about the whole application stack PaaS abstracts out low layers but multi-tenant issues arise SaaS the app provides end-user functions and is part of the platform; can add custom functionality to the app
4 Cloud application security issues Are you securing the right layers? For example, IaaS most layers are in scope can you automate securing them? E.g. using pre-secured VM images? But how do you deal with ongoing image security? Internal apps are now external access control? Shadow IT? Testing and acceptance procedures for SaaS "By 2016, 40% of enterprises will make proof of independent security testing a precondition for using any type of cloud service, up from less than 1% today (Gartner 2013 Application Security forecast)
5 Cloud application security issues Generally application security is still not being done right Developers still don t know about security Developers still don t know how to deal with a customer who asks for security Security is seen as the customer s responsibility, not the developer s Even in-house app development is often distanced from the rest of the organisation E.g. the PCI DSS section 6 compliance issues cannot leave security to the end of the process
6 What is DevOps? Developers want change; operations want stability Traditional lifecycle too slow need continuous deployment Goes hand-in-hand with cloud Who does DevOps? Netflix 70 production deployments PER DAY (Oct 2012)
7 DevOps Security In DevOps the developer is also the tester and also does the QA it is a self-service build environment DevOps changes traditional web application security controls WAFs: continuous deployment = continuous configuration! Pentesting: useful for spot checks but very, very slow in comparison with the speed of deployment DAST/Code audit: Setup/running time/analysis just too slow
8 Tools/Techniques Available Vulnerability Assessment App Code Framework PHP/.NET/Java etc Servers (web, db) Operating System Fast Inexpensive Fully automated Not risk-based Only finds known vulnerabilities Static Source Code Audit App Code Framework PHP/.NET/Java etc Servers (web, db) Operating System Fast Mostly automated but Requires tuning/training Not risk-based Thorough examination of custom code Can be done all the time Penetration Testing App Code Framework PHP/.NET/Java etc Servers (web, db) Operating System Slow Holistic includes business logic and app state Risk-based Can only be done at end
9 So what should we do? LIFECYCLE plus tools secure software development lifecycle (SSDLC) Plan for security from the start of the lifecycle Engage the developers and be engaged (for example consider the differences in impact of SAST when developers are engaged and when they are not) Arm the developers! Training Secure frameworks (Spring, JAAS, Shiro, ESAPI etc) Open communication
10 So what should we do? Automate as much as possible. From OWASP: Unit Tests Develop Code Commit Source Control Build Trigger Deploy to Test Env Report & Notify Publish to release repository Deploy to Production
11 So what should we do? Automate the testing for every single release Unit Tests Develop Code Commit Source Control Build Trigger Deploy to Test Env Auto Test Report & Notify Publish to release repository Deploy to Production SCA Test
12 So what should we do? Keep using old tools: WAF on main functions and infrequently changed parts of the site Periodic penetration testing Manual code audit on most security-sensitive functions
13 Summary It s all about the lifecycle Engage with developers awareness, training, feedback Tools and automation wherever possible
14 Thank you! Richard Stagg Handshake Networking Ltd
The AppSec How-To: Achieving Security in DevOps
The AppSec How-To: Achieving Security in DevOps How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be
More informationJourney to the Cloud and Application Release Automation Shane Pearson VP, Portfolio & Product Management
Journey to the Cloud and Application Release Automation Shane Pearson VP, Portfolio & Product Management Hybrid Delivery: The right IT strategy Creating the optimal mix of traditional IT and cloud services
More informationSECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com
SECURING HEALTH INFORMATION IN THE CLOUD Feisal Nanji, Executive Director, Techumen feisal@techumen.com Conflict of Interest Disclosure Feisal Nanji, MPP, CISSP Has no real or apparent conflicts of interest
More informationTime to Value: Successful Cloud Software Implementation
Time to Value: Successful Cloud Software Implementation Cloud & Data Security 2015 Client Conference About the Presenter Scott Schimberg, CPA, CMA Partner, Consulting, Armanino Scott became a Certified
More informationStrategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security
Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities
More informationDevOps Course Content
DevOps Course Content INTRODUCTION TO DEVOPS What is DevOps? History of DevOps Dev and Ops DevOps definitions DevOps and Software Development Life Cycle DevOps main objectives Infrastructure As A Code
More informationCloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5
Cloud Computing: The atmospheric jeopardy Unique Approach Unique Solutions Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Background Cloud computing has its place in company computing strategies,
More informationHow We Implemented Security in Agile for 20 SCRUMs- and Lived to Tell
How We Implemented Security in Agile for 20 SCRUMs- and Lived to Tell SESSION ID: ASEC-R03 Yair Rovek Security Specialist LivePerson @lione_heart Challenged by Agile In the Next 45 Min LivePerson and Application
More informationSuccessful PaaS and CI in the Cloud
Successful PaaS and CI in the Cloud Steven G. Harris steven.g.harris@cloudbees.com @stevengharris AgileALM/EclipseCon 2012 Platform as a Service As-a-Service Examples Today SaaS PaaS "Cloud computing is
More informationAccelerating Time to Market:
Accelerating Time to Market: Application Development and Test in the Cloud Paul Speciale, Savvis Symphony Product Marketing June 2010 HOS-20100608-GL-Accelerating-Time-to-Market-Dev-Test-Cloud 1 Software
More informationBusiness Values of Network and Security Virtualization
Business Values of Network and Security Virtualization VMware NSX in the context of the Software Defined Data Center Klaus Jansen Virtual Networks Sales Specialist VMware NSBU 2014 VMware Inc. All rights
More informationIntel IT Cloud 2013 and Beyond. Name Title Month, Day 2013
Intel IT Cloud 2013 and Beyond Name Title Month, Day 2013 Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel and the
More informationTrust but Verify. Vincent Campitelli. VP IT Risk Management
Trust but Verify Vincent Campitelli VP IT Risk Management McKesson Corporation Trust but Verify Cloud Security 3 Agenda Cloud Defined Cloud Opportunities Cloud Challenges What s Different? How to Verify
More informationTesting Solutions to Tackle Application Security Checkpoint Technologies SQGNE. Jimmie Parson Checkpoint Technologies
Testing Solutions to Tackle Application Security Checkpoint Technologies SQGNE Jimmie Parson Checkpoint Technologies Welcome, Introductions Agenda Checkpoint Technologies Quick Corporate Overview Why do
More informationBarnaby Jeans Sr. Solution Architect Business Critical Applications
Barnaby Jeans Sr. Solution Architect Business Critical Applications Connected, Mobile, Information-Centric World Business Reduction in Complexity via New IT Architectures and Business Models The IT Dilemma
More informationService Automation to implement and operate your Cloud initiatives
Service Automation to implement and operate your Cloud initiatives Pierre AESCHLIMANN Principal Solution Consultant (EMEA Global Accounts) BMC Software ! Request, change, and support business services!
More informationIT Resource Management Technology for Reducing Operating Costs of Large Cloud Data Centers
Hitachi Review Vol. 61 (2012), No. 6 279 IT Resource Management Technology for Reducing Operating Costs of Large Cloud Data Centers Yukinori Sakashita Yutaka Kudo, Ph.D. Masataka Nagura, Ph.D. Takato Kusama
More informationWHY SERVICE PROVIDERS NEED A CARRIER PaaS SOLUTION cpaas for Network
WHY SERVICE PROVIDERS NEED A CARRIER PaaS SOLUTION cpaas for Network Functions Virtualization White Paper Carrier PaaS provides the tools service providers need to transform their current network operational
More informationFrom the Bottom to the Top: The Evolution of Application Monitoring
From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:
More informationSUCCESFUL TESTING THE CONTINUOUS DELIVERY PROCESS
SUCCESFUL TESTING THE CONTINUOUS DELIVERY PROCESS @huibschoots & @mieldonkers INTRODUCTION Huib Schoots Tester @huibschoots Miel Donkers Developer @mieldonkers TYPICAL Experience with Continuous Delivery?
More informationFive Tactics to Hybrid Cloud Success
March 2016 Five Tactics to Kick Start Your Table of Contents High-Performance IT Environments Drive Revenue and Agility 3 What is Hybrid Cloud? 4 Five Keys for Hybrid Cloud Success: 1. Start with a Business
More informationInformation Technology: This Year s Hot Issue - Cloud Computing
Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.
More informationAppStack Technology Overview Model-Driven Application Management for the Cloud
AppStack Technology Overview Model-Driven Application Management for the Cloud Accelerating Application Time-to-Market The last several years have seen a rapid adoption for public and private cloud infrastructure
More informationHybrid Cloud: Overview of Intercloud Fabric. Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group
Hybrid Cloud: Overview of Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group Agenda Why Hybrid cloud? Cisco Vision Hybrid Cloud Use Cases and ROI Architecture Overview Deployment Model and
More informationPCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
More informationCloud/SaaS enablement of existing applications
Cloud/SaaS enablement of existing applications GigaSpaces: Nati Shalom, CTO & Founder About GigaSpaces Technologies Enabling applications to run a distributed cluster as if it was a single machine 75+
More informationKonsolidacija podatkov v oblaku znotraj organizacije
Konsolidacija podatkov v oblaku znotraj organizacije Robert Korošec Oracle 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved. Deployment Models: Private, Public, Hybrid Exclusive Shared
More informationThe New Style of IT. Rob McMahon. Director Cloud Computing HP General Western Europe
The New Style of IT Rob McMahon Director Cloud Computing HP General Western Europe Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without
More informationSecurity in the Cloud
Security in the Cloud Visibility & Control of your Cloud Service Provider Murray Goldschmidt, Pierre Tagle, Ph.D. April 2012 Compliance, Protection & Business Confidence Sense of Security Pty Ltd Sydney
More informationTable of Contents. Abstract. Cloud computing basics. The app economy. The API platform for the app economy
Table of Contents Abstract Cloud computing basics The app economy The API platform for the app economy Your API platform: in the cloud or on premises? The cloud deployment model Cloud characteristics The
More informationACCELERATE DEVOPS USING OPENSHIFT PAAS
ACCELERATE DEVOPS USING OPENSHIFT PAAS September 3, 2014 AGENDA World we live in today IT organization: Charter, goals, and challenges DevOps: Problem statement, what, and why How to enable DevOps Application
More informationAccelerating Software Security With HP. Rob Roy Federal CTO HP Software
Accelerating Software Security With HP Rob Roy Federal CTO HP Software If we were in a cyberwar today, the United States would lose. Mike McConnell Former DNI, NSA. Head of Booz Allen Hamilton National
More informationMonitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Name, Title Oracle
Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Name, Title Oracle Complete Cloud Lifecycle Management Optimize Plan Meter & Charge Manage Applications and Business
More informationThe Safe Harbor. 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved.
The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to
More information[Who Cares?] as a Service
Who Cares? Figurative: I don t care. Literal: Who is caring for it? 4 Option 1: Build crib. Uncluttering Cloud 5 Option 2: Assemble crib. Uncluttering Cloud 6 Option 3: Buy assembled crib. Uncluttering
More informationCloud and Regulations: A match made in heaven, or the worst blind date ever?
Cloud and Regulations: A match made in heaven, or the worst blind date ever? Vinod S Chavan Director Industry Cloud Solutions, IBM Cloud October 28, 2015 Customers are faced with challenge of balancing
More informationThe AppSec How-To: 10 Steps to Secure Agile Development
The AppSec How-To: 10 Steps to Secure Agile Development Source Code Analysis Made Easy 10 Steps In Agile s fast-paced environment and frequent releases, security reviews and testing sound like an impediment
More informationApplication Security Center overview
Application Security overview Magnus Hillgren Presales HP Software Sweden Fredrik Möller Nordic Manager - Fortify Software HP BTO (Business Technology Optimization) Business outcomes STRATEGY Project &
More informationEnergy Efficiency Embedded Service Lifecycle: Towards an Energy Efficient Cloud Computing Architecture
Energy Efficiency Embedded Service Lifecycle: Towards an Energy Efficient Cloud Computing Architecture On behalf of the ASCETiC Consortium Project Number 610874 Instrument Collaborative Project Start Date
More informationThe Web AppSec How-to: The Defenders Toolbox
The Web AppSec How-to: The Defenders Toolbox Web application security has made headline news in the past few years. Incidents such as the targeting of specific sites as a channel to distribute malware
More informationWeb Application security testing: who tests the test?
Web Application security testing: who tests the test? Ainārs Galvāns Application Penetration Tester www.exigenservices.lv About myself Functional testing Leading test group Reporting to client Performance
More informationThe Elephant in the Room: What s the Buzz Around Cloud Computing?
The Elephant in the Room: What s the Buzz Around Cloud Computing? Warren W. Stippich, Jr. Partner and National Governance, Risk and Compliance Solution Leader Business Advisory Services Grant Thornton
More informationSecurity Models for Cloud. Kurtis E. Minder, CISSP
Security Models for Cloud Kurtis E. Minder, CISSP 1 Introduction Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson Business
More informationBuild & Manage Clouds with Red Hat Cloud Infrastructure Products. TONI WILLBERG Solution Architect Red Hat toni@redhat.com
Build & Manage Clouds with Red Hat Cloud Infrastructure Products TONI WILLBERG Solution Architect Red Hat toni@redhat.com AGENDA Cloud Concepts Market Overview Evolution to Cloud Workloads Evolution to
More informationCloud Consumer and Cloud Vendor Rights and Responsibilities
Cloud Consumer and Cloud Vendor Rights and Responsibilities Dr Mukesh Chandra Negi Project Manager, Tech Mahindra Ltd, Noida, India ABSTRACT: A cloud service provider is an organization which provides
More informationProductized Services: Cloud Performance Testing
Productized Services: Cloud Performance Testing Presented By Rupesh Garg, Wipro Technologies. 1 All About Cloud What is Performance Testing Cloud Testing Approach Cloud Service Providers Any Questions
More informationW H I T E PA P E R. Cloud Migration Methodology -Janaki Jayachandran (Director of Technology) a t t e n t i o n. a l w a y s.
W H I T E PA P E R Cloud Migration Methodology -Janaki Jayachandran (Director of Technology) a t t e n t i o n. a l w a y s. T A B L E O F C O N T E N T S Introduction Cloud - Is it real or hype? 3 Attributes
More informationOpen Source Multi-Cloud, Multi- Tenant Automation in the cloud with SlipStream PaaS
Open Source Multi-Cloud, Multi- Tenant Automation in the cloud with SlipStream PaaS A professional open source solution Robert Branchat, SixSq 5 July 2014 Lyon, France Based in Geneva, Switzerland Founded
More informationSession 3. the Cloud Stack, SaaS, PaaS, IaaS
Session 3. the Cloud Stack, SaaS, PaaS, IaaS The service models resemble a cascading architecture where services on a higher level, as identified by Weinhardt et.al. (2009); encapsulate functionality from
More informationIBM Cloud Computing for SAP. 2010 IBM Corporation
IBM Cloud Computing for SAP Agenda IBM Strategy and Offering for Cloud Computing SAP Product Strategy Cloud Computing for SAP Customers IBM Cloud Solutions for SAP Customers 2 IBM Strategy and Offerings
More informationOCR LEVEL 2 CAMBRIDGE TECHNICAL
Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT UNDERSTANDING CLOUD COMPUTING L/505/5652 LEVEL 2 UNIT 30 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 Understanding cloud
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationIntegrate App. Security in Continuous Integration
Integrate App. Security in October 12, 2015 TLP: WHITE www.excellium-services.com Excellium ID card A Luxembourg company created in 2012 targeting PSF and Support PSF. An experimented team in Information
More informationGetting Started with Web Application Security
Written by Gregory Leonard February 2016 Sponsored by Veracode 2016 SANS Institute Since as far back as 2005, 1 web applications have been attackers predominant target for the rich data that can be pulled
More informationA Strategic Approach to Web Application Security The importance of a secure software development lifecycle
A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationBe Fast, but be Secure a New Approach to Application Security July 23, 2015
Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Copyright 2015 Vivit Worldwide Copyright 2015 Vivit Worldwide Brought to you by Copyright 2015 Vivit Worldwide Hosted by Paul
More informationDevOps. Josh Preston Solutions Architect Stardate 69094.1
DevOps Josh Preston Solutions Architect Stardate 69094.1 I keep hearing about DevOps What is it? FOR MANY ORGANIZATIONS, WHAT IS I.T. LIKE TODAY? WATERFALL AND SILOS Application Version X DEVELOPMENT OPERATIONS
More informationNetworks and Services
Networks and Services Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Fall 2015 TOC 1 Infrastructure as a Service 2 Platform as a Service 3 Software as a Service Infrastructure as a Service Definition Infrastructure
More informationThe journey to the software defined enterprise and cloud brokerage
The journey to the software defined enterprise and cloud brokerage Aaron Steppat Senior Product Marketing Manager Software Defined Data Centre 19/03/2014 IT Challenges VMware Architecture VMware Strategy
More informationCollaborative DevOps Learn the magic of Continuous Delivery. Saurabh Agarwal Product Engineering, DevOps Solutions agarwasa@us.ibm.
Collaborative DevOps Learn the magic of Continuous Delivery Saurabh Agarwal Product Engineering, DevOps Solutions agarwasa@us.ibm.com Please note IBM s statements regarding its plans, directions, and intent
More informationWindows Azure and private cloud
Windows Azure and private cloud Joe Chou Senior Program Manager China Cloud Innovation Center Customer Advisory Team Microsoft Asia-Pacific Research and Development Group 1 Agenda Cloud Computing Fundamentals
More informationCopyright 2014, Oracle and/or its affiliates. All rights reserved.
1 Oracle Business Intelligence in the Cloud Gherardo Infunti Business Development Director EMEA Business Analytics 2 Disclaimer THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION. IT IS
More informationCombining Data Centre and Cloud Services in a Single Strategy
Combining Data Centre and Cloud Services in a Single Strategy Data Centre Briefing May 12,2015 Bratislava, Slovakia Page 1 Page 2 With the virtualization of workloads and removing the dependence of applications
More informationHow To Develop An Org Cloud Based Powerware For An Onpremise Cloud Environment
Developing Oracle Fusion Middleware Applications in the Cloud Antony Reynolds Matt Wright Ramkumar Menon 1 Who We Are Antony Reynolds Product Strategy Director, Oracle Author SOA Suite 11g Developers Cookbook
More informationProduction in the Cloud
2/18/2013 Production in the Cloud Presentation by: Rick Dmytryshyn, Program Manager Ph. (303) 882-1282, E-mail. rick.dmytryshyn@willbros.com Presentation Overview DEFINITION: What is the Cloud? SECURITY:
More informationEnabling Continuous Delivery for Java Projects with Oracle Cloud Services (Oracle PaaS) Siva Rama Krishna Oracle India
Enabling Continuous Delivery for Java Projects with Oracle Services (Oracle PaaS) Siva Rama Krishna Oracle India Agenda What is Continuous Delivery? What is Oracle PaaS? Enabling Continuous Delivery with
More informationBen Prusinski Session 3: 11/15/2012 14:30 to 15:30 Location: Diablo
Ben Prusinski Session 3: 11/15/2012 14:30 to 15:30 Location: Diablo About the Speaker- Ben Prusinski Oracle ACE Director, OCP, Beta tester, Author, Underwater Photographer Avid scuba diver and student
More informationFederal Secure Cloud Testing as a Service - TaaS Center of Excellence (CoE) Robert L. Linton
Session 5: Federal Secure Cloud Testing as a Service - TaaS Center of Excellence (CoE) Robert L. Linton Agenda HP ALM Solution Review HP Cloud Potential Cloud Portal HP ALM Solutions in a virtual environment
More informationVisibility and Control for Sanctioned & Unsanctioned Cloud Apps
Visibility and Control for Sanctioned & Unsanctioned Cloud Apps Walter Doria Technical Director Exclusive Networks Gabriele Buratti Principal SE Imperva Today s Agenda Introductions & Discussion Market
More informationThe Magazine for IT Security. May 2010. issue 3. sör alex / photocase.com
The Magazine for IT Security May 2010 sör alex / photocase.com free digital version made in Germany issue 3 Luiz Fotolia.com Clouds or storm clouds? Cloud Computing Security by Javier Moreno Molinero Gradually,
More informationOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy Han Wammes Public Sector Market Development Manager 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Safe Harbor Statement The following is intended
More informationFundamentals of Continuous Integration
Zend Blueprint for Delivery Fundamentals of Jenkins with and server by Slavey Karadzhov Introduction Delivery is a methodology, a mindset change and a leadership practice that focuses on how to achieve
More informationDevOps - Application Internet Development Within Corporate IT:
DevOps - Application Internet Development Within Corporate IT: A Tutorial Guide To Get IT Started By Telegraph Hill Program Initiatives, Inc. 1 What is DevOps? The App Internet market requires ever more
More informationManaging Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services
Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult
More informationDynamic Security for the Hybrid Cloud
Dynamic Security for the Hybrid Cloud Marc van Zadelhoff, VP Strategy, Marketing and Product Management, IBM Security Nataraj Nagaratnam, Distinguished Engineer and CTO Security Solutions, IBM Security
More information19.10.11. What Is the Cloud?
19.10.11 What Is the Cloud? What is Cloud? National Institute for Standards and Technology (NIST) Definition On-demand self-service > Through a portal, no human interaction > Only pay what you need Broad
More informationSoftware Quality Analysis with Cloud Challenges and Approaches. Progress Software, Hyderabad, India
Software Quality Analysis with Cloud Challenges and Approaches Dr Ganesh Iyer, PhD, Santhosh Kumar Soma, Kiran Kumar Angara, Principal QA Engineer Senior QA Engineer QA Engineer, Progress Software, Hyderabad,
More informationSecure Development Lifecycle. Eoin Keary & Jim Manico
Secure Development Lifecycle Jim Manico @manicode OWASP Volunteer Global OWASP Board Member OWASP Cheat-Sheet Series Manager VP of Security Architecture, WhiteHat Security 16 years of web-based, database-driven
More informationFROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE
FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE The demand for cloud infrastructure is rapidly increasing, the world of information is becoming application and
More informationOracle Reference Architecture and Oracle Cloud
Oracle Reference Architecture and Oracle Cloud Anbu Krishnaswamy Anbarasu Enterprise Architect Social. Mobile. Complete. Global Enterprise Architecture Program Safe Harbor Statement The following is intended
More informationBuilding an Internal Cloud that is ready for the external Cloud
Building an Internal Cloud that is ready for the external Cloud Luca ZERMINIANI, Senior Systems Engineer, VMware Italy Athens, February 2010 2009 VMware Inc. All rights reserved Agenda How virtualization
More informationEmbracing Cloud for Efficient Development
Embracing Cloud for Efficient Development Heikki Nousiainen 13.12. Protecting the irreplaceable f-secure.com Introduction Heikki Nousiainen Lead Architect, Cloud CSO-Technology Office Heikki.Nousiainen@F-Secure.com
More informationThreat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform
Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform Sebastian Zabala Senior Systems Engineer 2013 Trustwave Holdings, Inc. 1 THREAT MANAGEMENT
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationThe Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations
The Cloud at 30,000 feet Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations Survey: Where s home? How many using cloud computing now? How many thinking of using cloud computing? How
More informationA Gentle Introduction to Cloud Computing
A Gentle Introduction to Cloud Computing Source: Wikipedia Platform Computing, Inc. Platform Clusters, Grids, Clouds, Whatever Computing The leader in managing large scale shared environments o 18 years
More informationJava PaaS Enabling CI, CD, and DevOps
Java PaaS Enabling CI, CD, and DevOps AuthX Overview Who We Are? Digital Engagement Company offering Technical and Marketing Services with proven success supporting Fortune 1000 companies. We partner with
More informationEssential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service
Cloud Computing Although cloud computing is quite a recent term, elements of the concept have been around for years. It is the maturation of Internet. Cloud Computing is the fine end result of a long chain;
More informationService Orchestration
June 2015 Service Orchestration Infos and Use Cases Falko Dautel Robert Thullner Agenda + Overview + Use Cases & Demos VM Provisioning with ServiceNow Employee Onboarding + Summary + Questions & Answers
More informationVirtualization and IaaS management
CLOUDFORMS Virtualization and IaaS management Calvin Smith, Senior Solutions Architect calvin@redhat.com VIRTUALIZATION TO CLOUD CONTINUUM Virtual Infrastructure Management Drivers Server Virtualization
More informationHow To Get A Cloud Based System To Work For You
Predstavenie Oracle Cloud Platform Gabriela Hečková Technology Sales Consultant 1 Digital Business: Challenging Old Business Models Trends Driving Digital Disruption Mobile Social Big Data Internet of
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationCloud Computing & Sustainability. Virtualization, Cloud Computing & Green IT Summit. October 26, 2010
Cloud Computing & Sustainability Doug Bourgeois, Vice President, Federal Chief Cloud Executive Virtualization, Cloud Computing & Green IT Summit Proprietary October 26, 2010 2009 VMware Inc. All rights
More informationBuild and Manage Private and Hybrid Cloud. Urban Järund, Sr Regional Services Manager Nordics, Red Hat
Build and Manage Private and Hybrid Cloud Urban Järund, Sr Regional Services Manager Nordics, Red Hat CLOUD DEPLOYMENT MODELS HYBRID CLOUD Interoperable combination of private and public cloud. PRIVATE
More informationHybrid Cloud Computing
Dr. Marcel Schlatter, IBM Distinguished Engineer, Delivery Technology & Engineering, GTS 10 November 2010 Hybrid Computing Why is it becoming popular, Patterns, Trends, Impact Hybrid Definition and Scope
More informationSOA and Cloud in practice - An Example Case Study
SOA and Cloud in practice - An Example Case Study 2 nd RECOCAPE Event "Emerging Software Technologies: Trends & Challenges Nov. 14 th 2012 ITIDA, Smart Village, Giza, Egypt Agenda What is SOA? What is
More informationCloud Computing. Cloud computing:
Cloud computing: Cloud Computing A model of data processing in which high scalability IT solutions are delivered to multiple users: as a service, on a mass scale, on the Internet. Network services offering:
More informationMicro Focus 2012 Developer Conference April 17, 2012. Addressing today s challenges in application development
Micro Focus 2012 Developer Conference April 17, 2012 Addressing today s challenges in application development Paul Herzlich, Principal Consultant Creative Intellect Consulting Ltd 2 CIC: Who are we? Analyst
More information