Public Cloud Environments can make things, well, rather public. While there are ways to prevent this, and the cloud providers have made strides, retroactive changes are not a thing. As such, we still find very poorly configured environments today. Join us for this first of eight workshops in the Aviata Solo Flight Challenge Workshop series. We will show you how to look at a target organization's misconfigured public items. This lab will begin...

As the Internet celebrates 31 years, Identity, Zero Trust, Cloud, and AI currently have all the attention. Defenders face numerous challenges and headwinds in this complex, ever-expanding interconnected ecosystem of commerce, information exchange and cyber warfare. Endpoint, IDS and SIEM are so yesterday. Is network detection even worth mentioning? In this talk, Corelight will explain how elite cyber defenders are updating architecture and cap...

Government-wide pressure to improve service to citizens, incorporate telework, and optimize IT operations has led many agencies to further embrace cloud computing. Despite the improved efficiencies, securing the cloud remains a top priority. Cloud Computing Security can be defined as defending the confidentiality, integrity, and availability of agency assets (data, applications, infrastructure) using cloud services from both outside and inside...

Modern applications are transforming government agencies. From Artificial Intelligence for better customer engagement, to data analytics for forecasting, the need for accelerated computing is rapidly increasing. But enterprises face challenges with using existing infrastructure to power these applications. By evolving enterprise IT infrastructure into a unified architecture, all applications, modern and traditional, can run optimally on a shar...

In the final part of the Cloud Security Flight Simulator series, join SEC540 lead author and instructor Eric Johnson to learn how to enable workload identity for AWS Elastic Kubernetes Service (EKS) and Azure Kubernetes Service (AKS). Rather than issuing long-lived credentials to individual pods or inheriting excessive permissions from the node, Kubernetes service accounts can use an internal OpenID Connect (OIDC) provider to obtain a signed i...

Part 3: Continuing the Cloud Security Flight Simulator series, join SEC540 Cloud Security & DevSecOps Automation instructor Jon Zeolla for a webcast on software supply chain security. In a recent Sonatype State of the Supply Chain report, a 750% year-over-year increase in supply chain attacks was observed. In response to the increase in supply chain attacks, an Executive Order led to the development of supply chain security guidance includ...

The Federal Risk and Authorization Management Program (FedRAMP) began in 2011 to ensure the security of cloud services used by the federal government. FedRAMP is a government-wide program providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses NIST guidelines in its own framework to enable federal agencies to use cloud services securely and efficiently. Th...

Continuing the Cloud Security Flight Simulator series, join SEC540 Cloud Security & DevSecOps Automation author Ben Allen for a webcast on Kubernetes admission control. Kubernetes admission controllers play a critical role in enhancing the security of a Kubernetes cluster. They act as gatekeepers, intercepting requests to the Kubernetes API server before requests are processed and stored by the cluster. Learn how admission control policies...

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Security & DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series. In Part 1, join SEC540 lead author and instructor Eric Johnson for a discuss...

This event is 100% free for IT consultants, VARs, Integrators, and Managed Service Providers of all types who are looking for ways to grow their business. Sessions start at 10am ET.