Pragmatic Cloud Security: What InfoSec Practitioners Have Been Waiting For presented at BSidesSLC 2015

by Joshua Danielson,

Summary : Applying security standards consistently across environments has typically been a struggle for security practitioners. Maintaining accurate system baselines in dynamic, complex ecosystems is a challenge that makes asset management a seemingly impossible process to control in traditional environments. With the elastic capabilities of Cloud solutions such as Amazon Web Service (AWS) it may appear at first glance that this struggle will only continue. However, there is a light at the end of the tunnel. In this talk we will describe a practical implementation of AWS services; CloudTrail, SNS, and SQS, in combination with the configuration management capabilities of Puppet to ensure a consistent set of security standards across an entire environment; enabling practitioners to secure cloud environments in near real-time, even allowing for the segregation of non-compliant systems just as quickly. Lastly, we will take a peek into the future, where organizations will likely become more reliant on AWS services as critical components in their configuration management solution.