Austin
April 25-29, 2016

Event Details


DEFCON 3: OpenStack Meets the Information Security Department

A vendor-neutral look at real obstacles and architectural solutions for Information Security compliance when deploying OpenStack. 

So you think the architecure is complete, but perhaps the security division didn't really understand it as well as you thought? Bringing OpenStack into an enterprise environment can often present big challenges for a conventional Information Security organisation - and big obstacles for the deployer.

  • How can long-established approval processes apply to cloud?
  • Can orchestration and automation work through these barriers?
  • Why do all these network trunks terminate in those boxes?
  • Where do the firewalls go?
  • But CI can improve security, right?

This session takes real-life deployment issues from several large-scale deployment projects across different customers (financial services, telecomunications, manufacturing) and presents solution approaches for each.


What can I expect to learn?

Deployers and OpenStack developers: 

  • Understand the types of questions and problems likely to be encountered during deployment
  • Gain some insight into Information Security viewpoint
  • Be ready to answer some of the security questions towards your deployment architecture

Enterprise Security professionals:

  • Understand how OpenStack can address security requirements
  • High-level view of features and security design approaches
  • See how the "cloud way" can potentially improve controls without manual intervention
Monday, April 25, 2:50pm-3:30pm
Difficulty Level: Intermediate
Solinea
James is a Cloud Architect at Solinea where he helps enterprises and service providers deploy and integrate OpenStack into their organisations. His work with clients spans from strategy and roadmap developemnt, through to architecture, design, and adoption.  He is based in Solinea’s Seoul office, covering the APJ region. Prior to joining Solinea, James was Chief... FULL PROFILE