Threat detection and response in the cloud
In this session we talk about how to do detection and response in the AWS public cloud and what native AWS services can be used to do this. What options are available and what (if any) 3rd party solutions play a role here? If it was up to us, what are the top use cases a security operations center should monitor in a public cloud environment? Is a traditional SIEM solution still required or can we build a similar function using native AWS services?
Securing your Secrets in the Cloud
Have you spotted access keys in code? Putting it directly in your code might not be a good idea. Maybe you saw that Kubernetes offers secrets for this. Have you found your Kubernetes secrets to be readable by everyone? So where do you put your secrets in a secure way? In this session we will look at various solutions, such as Hashicorp Vault, Kubernetes, and solutions offered by AWS.
Data & Security in the cloud
Martijn Doedens (Cloud Security Consultant at Oblivion) and Niels Zeilemaker (CTO at GoDataDriven) summarise the current state of secure data processing in the (AWS) cloud. We cover the specific services related to data and the services that are used to standardise secure landing zone, actual risks and threats that our customers face when processing big data on AWS and which configurations (aka best practices) you should always implement.