The Must-Attend

Open Infrastructure Event

The world runs on open infrastructure. At the OpenStack Summit, you’ll learn about the mix of open technologies building the modern infrastructure stack, including OpenStack, Kubernetes, Docker, Ansible, Ceph, OVS, OpenContrail, OPNFV, and more. Whether you are pursuing a private, public or multi-cloud approach, the OpenStack Summit is the place to network, skill up and plan your cloud strategy.

Sydney
November 6-8, 2017

The Must-Attend

Open Infrastructure Event

Join the movement behind the most widely deployed open source cloud platform. Whether you are pursuing a private, hybrid or multi-cloud approach, the OpenStack Summit is the place to network, skill up and plan your cloud strategy.

Sydney
November 6-8, 2017

Event Details


OpenStack Compliance Speed and Agility: Yes, It's Possible.

OpenStack is now serious platform for business with huge momentum in government and telco industries the world over.  In these verticals regulatory and security requirements are difficult to manage and OpenStack must rise to meet compliance frameworks such as FedRAMP, ANSSI and ETSI.

In this session, we will discuss OpenStack concerns and explore the latest in compliance tooling. In the spirit of "Compliance as Code" we've completed a proof of concept integration of OpenControl and OpenStack. With this work we'll show how security control remediation can be layered to create meaningful security documentation, gap analysis and reporting.  

In this session we explore:

- OpenControl (and compliance masonry) with OpenStack

- Compliance Masonry for Security Documentation

- An OpenStack FedRAMP HIGH public sector profile

 


What can I expect to learn?

 

Attendees can expect to learn:

What tooling exists to help manage compliance

How we can treat "compliance as code"

Which technical control groups matter in OpenStack

How a public sector organization achieved FedRAMP High in 3 months.

Tuesday, November 7, 9:50am-10:30am
Will be recorded
Level: Beginner
Tags: Security
Sr. Principal Product Manager, OpenStack Platform
Basil is focused on leading the product management, positioning, and business strategy for security within the Red Hat OpenStack Platform product. Working cross-functionally, he's introduced and structured an effective, compliance-driven approach to cloud infrastructure security. Compliance frameworks of interest include: FedRAMP, ANSSI, ETSI and the work being done by the Cloud Security... FULL PROFILE
Red Hat, Chief Security Strategist
Shawn works as the Chief Security Technologist for Red Hat's Public Sector organization, focused on scoping, founding, and management of open source security technologies relevant to military computing initiatives. Wider known projects include co-authoring the first edition OpenStack Security Guide with the OpenStack Foundation, co-founding the OpenSCAP and SCAP Security Guide project, and... FULL PROFILE