Last week, OpenDNS had the opportunity to attend Cloud Security World, a conference organized by the MISTI Training Institute in Boston. The conference was two days of talks and a day of training. Here are just a few of the highlights:
Ben Tomhave, a Security Architect from New Context, spoke on automating systems, with ‘Automagic! Shifting Trust Paradigms Through Security Automation‘. He addressed the need for automation and artificial intelligence in the computing systems we use, with the goal of putting the human back in the process only as a fail-safe measure. He noted that we continue performing mundane tasks that a computer could learn, including system configuration and provisioning, but the technology to enable fully-functioning and self-learning AI is still probably a couple decades away. We loved his presentation, as we are always seeking to automate any repetitive tasks in order to focus on the real work that needs to get done.
Jonathan Stanney, from Venafi presented, ‘You Have a Blind Spot – Exposing The Misuse of The Foundation of Online Security‘. He showed us how SSL certificates are being sold on the black market and addressed the trend of attacks being performed over encrypted communications to make detection much more difficult.
Dennis Moreau, a Senior Engineering Architect at VMware presented, ‘Containers, Clouds and the Softwarization of Controls: More Complexity … or an Opportunity to Transform Security and Compliance‘. He spoke about using containerized network and endpoint virtualization technology to increase visibility and transform security monitoring.
From OpenDNS, I (Josh Pyorre) presented, ‘The Modern SOC: Adapting the Security Operations Model to How we Work‘. I spoke about my research on building Security Operations Centers to adapt to the changed security landscape. My talk included using Docker containers to build quick and modular intrusion detection sensors and methods for monitoring events that occur in and around cloud environments.
Brian Ahern, CEO and Chairman of Threat Stack and Craig Chamberlain, Director of Security Research at Acquia presented, ‘Inside-Out Security: Why the Cloud Workload is the New Endpoint‘. They spoke about infrastructure as a service and the security challenges this introduces while providing several methods to deal with the loss of network perimeters and role-based architectures.
Diana Kelley, an Executive Security Advisor at IBM and Ed Moyle, Director of Thought Leadership and Research at ISACA presented, ‘Cloud Containerization Success‘. They discussed how security containers built in Docker and other systems fit into security and some of the risks associated with putting them into cloud environments.
Adrian Sanabria, a Senior Security Analyst at 451 Research presented, ‘Cloud, DevOps and the New Security Practitioner‘. He spoke about the differences between old and new ways of configuring systems as they’ve moved into the cloud and how this affects the security field. His message was that we need to continue adapting to the changing landscape of systems and security to continue working as effective security practitioners.
Andrew Hay, an OpenDNS Alumni, now the CISO for DataGravity, presented ‘Facilitating Fluffy Forensics 2.0‘. He addressed the need for security tools and techniques used by forensics investigators to evolve with the landscape of cloud computing. He specifically discussed the kinds of hurdles investigators may face when performing incident response in cloud environments and demonstrated several tools and methods to overcome these issues.
Cloud Security World had a great message distributed across all the presentations: The endpoint continues to move further towards becoming obsolete and the perimeter continues to disappear as systems and services move into cloud computing environments. Our methods of detection and threat mitigation and the practice of security need to evolve quickly if we want to keep up.