When John McAfee Crashes Your Panel...

When John McAfee Crashes Your Panel...

RMISC serves as a powerful knowledge builder and networking opportunity for industry insiders as well for others who would like a glimpse into the fast-moving developments within the security field. This year’s event drew a record number of attendees because of its lineup of renowned panel of experts, including the high-profile keynote speaker John McAfee, who is currently running as the Libertarian Party candidate for president. McAfee surprised those in attendance at the opening plenary by crashing the opening Ambassador's Keynote Panel, and we were lucky to have captured the event in the following video...

Read More

Understanding a Rugged DevOps Approach to Security

Understanding a Rugged DevOps Approach to Security

Your operational tools deliver continuous monitoring and alerting—why doesn’t your security suite? No single path exists to a rugged DevOps approach that works for every organization, but certain key principles and techniques are used by the DevOps elite that give them distinct advantages. You can use these and revamp your organization’s processes and behaviors to gain efficiencies in your security operations. Security can no longer be thought of as being a separate step in a launch. Instead, security must be integrated into the overall processes of development and deployment...

Read More

On Programmatic Security Automation for AWS

On Programmatic Security Automation for AWS

The ability to provision and update infrastructure using APIs allows flexible and programmatic control of our security choices. These decisions will ultimately help protect intellectual data, content, applications, systems and networks ‘in’ the cloud. In this recorded webcast, John Martinez leads a deep dive discussion and provides a live demonstration of how to improve security awareness between IT, Dev, and Ops teams, as well as provide some real-world (code) examples on how to bring security into your application delivery model to reduce risks with DevOps integration and security and compliance automation...

Read More

Automating Critical AWS Security Operations

Automating Critical AWS Security Operations

You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next? Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation...

Read More

Security Will be the Winner in the Cloud Wars

Security Will be the Winner in the Cloud Wars

Clouds tout their rapid elasticity, infinite scalability and commodity pricing when wooing developers and operations engineers. While these are some of the sexier features of today’s cloud infrastructure providers, they are not the ultimate differentiator that will win the hearts and minds of the desirable CIOs running the Fortune 5000 enterprises. What magic trait will cloud providers rely on to earn the hearts of these power players? Security – the elusive and forever-moving target for many organizations...

Read More

Inside the CIS Cloud Security Benchmark for AWS

Inside the CIS Cloud Security Benchmark for AWS

The Center for Internet Security (CIS) Benchmarks have been the defacto standard for prescriptive, industry-accepted best practices for securely configuring traditional IT components. The release of the CIS AWS Foundations Benchmark into this existing ecosystem marks one of many milestones for the maturation of the cloud and its suitability for sensitive and regulated workloads...

Read More

Shodan Reveals Unprotected Cloud Cluster Controls

Shodan Reveals Unprotected Cloud Cluster Controls

What you are seeing here is the failure to implement proper security controls around administrative interfaces of, in this case, Enterprise Cassandra NoSQL clusters. The unprotected administrative interface gives remote attackers the ability to connect to the cluster and perform administrative functions without authentication or resistance. This is often the result of business pressure to deploy technology to solve complex problems, but failure by the business to invest in time and resources to help those product teams protect the infrastructure and services themselves...

Read More

Tony Bradley on Securely Migrating Workloads to the Cloud

Tony Bradley on Securely Migrating Workloads to the Cloud

Tony Bradley, founder of the Bradley Strategy Group and and Editor-in-Chief of Techspective, discusses some of the challenges organizations face when migrating sensitive workloads to the cloud. He is a respected authority on security and technology, with more than twelves years certified as a CISSP, nine years as a Microsft MVP, and being the author of numerous white papers, books, and a wide variety of industry publications. Bradley makes frequent speaking appearances on radio, television, webinars, and conference venues nationwide...

Read More

On Implementing the Top Ten AWS Security Best Practices

On Implementing the Top Ten AWS Security Best Practices

These Top Ten AWS Security Best Practices were put together by cloud security practitioners with over a decade of combined experience securing large AWS deployments. You will discover how most of these best practices are very easy to implement and go a very long way to ensuring your success on AWS. Evident.io's John Robel, Principal Solutions Architect, and 2ndWatch's Kevin Dillon, Solution Architect, provide actionable information that can be implemented immediately...

Read More

Programmatic Security Automation for AWS

Programmatic Security Automation for AWS

The ability to provision and update infrastructure using APIs allows flexible and programmatic control of our security choices. These decisions will ultimately help protect intellectual data, content, applications, systems and networks ‘in’ the cloud. In this webcast, John Martinez will lead a deep dive discussion and provide a live demonstration of how to improve security awareness between IT, Dev, and Ops teams, as well as provide some real-world (code) examples on how to bring security into your application delivery model to reduce risks with DevOps integration and security and compliance automation...

Read More