The Must-Attend

Open Infrastructure Event

The open infrastructure landscape is changing, and so is the Summit. Now that users are integrating dozens of open source tools into a modern stack that reaches well beyond the scope of OpenStack, we’re re-organizing the event to focus on specific problem domains like container infrastructure, edge computing and CI/CD and we are focusing on the hard work of integrating all of these tools developed in disparate communities. This is the essential work of 2018 and beyond, to ensure that open infrastructure is truly a viable path for operators.

November 6-8, 2017

The Must-Attend

Open Infrastructure Event

Join the movement behind the most widely deployed open source cloud platform. Whether you are pursuing a private, hybrid or multi-cloud approach, the OpenStack Summit is the place to network, skill up and plan your cloud strategy.

November 6-8, 2017

Event Details

OpenStack Compliance Speed and Agility: Yes, It's Possible.

OpenStack is now serious platform for business with huge momentum in government and telco industries the world over.  In these verticals regulatory and security requirements are difficult to manage and OpenStack must rise to meet compliance frameworks such as FedRAMP, ANSSI and ETSI.

In this session, we will discuss OpenStack concerns and explore the latest in compliance tooling. In the spirit of "Compliance as Code" we've completed a proof of concept integration of OpenControl and OpenStack. With this work we'll show how security control remediation can be layered to create meaningful security documentation, gap analysis and reporting.  

In this session we explore:

- OpenControl (and compliance masonry) with OpenStack

- Compliance Masonry for Security Documentation

- An OpenStack FedRAMP HIGH public sector profile


What can I expect to learn?


Attendees can expect to learn:

What tooling exists to help manage compliance

How we can treat "compliance as code"

Which technical control groups matter in OpenStack

How a public sector organization achieved FedRAMP High in 3 months.

Tuesday, November 7, 9:50am-10:30am
Level: Beginner
Tags: Security
Sr. Principal Product Manager, OpenStack Platform
Basil is focused on leading the product management, positioning, and business strategy for security within the Red Hat OpenStack Platform product. Working cross-functionally, he's introduced and structured an effective, compliance-driven approach to cloud infrastructure security. Compliance frameworks of interest include: FedRAMP, ANSSI, ETSI and the work being done by the Cloud Security... FULL PROFILE
Red Hat, Chief Security Strategist
Shawn works as the Chief Security Technologist for Red Hat's Public Sector organization, focused on scoping, founding, and management of open source security technologies relevant to military computing initiatives. Wider known projects include co-authoring the first edition OpenStack Security Guide with the OpenStack Foundation, co-founding the OpenSCAP and SCAP Security Guide project, and... FULL PROFILE