Sessions

GOTO Copenhagen 2019

Looking at the ongoing risks on any company today, no matter how much time and money you'll invest in cyber security as CISO or any security practitioner, You always arrive to same conclusion, it's not enough to achieve high standard of security, you have to do it 24/7 according to the changing cyber threats. In the talk we'll give a brief overview on different aspects of Cyber Security in the modern world, talking about Cloud and other external services that any size of a company uses now a days. We'll show from experience that the best and most fit approach is to achieve on going monitoring on your security posture. For the "why"? because the only thing that is a 100% sure, that the attack surface of every company is changing constantly, So we should keep on validating our security posture accordingly.

And now the "How": We'll share how to build an infrastructure for security researchers that will allow them to concentrate on business logic and writing hacker “tasks”. Using Docker and Kubernetes on Google Cloud, these tasks can then be performed in parallel and without a lot of DevOps hassle. Our technique removes two common barriers: first, long and risky deployment processes and second, low transparency within the production system.

Lessons learned promised and a glimpse of the Hackers view, because it's always interesting to see how you look from the outside.

What will the audience learn from this talk? We'll share a how we achieved the next three goals:

1. Remove security researchers from the need to write infrastructure code.
2. Increase efficiency by running security activities in parallel.
3. Generate more accurate risk modeling results through automation

Does it feature code examples and/or live coding? The talk will feature code examples of the implementation of the workflow manager that we've written in Python. But it will a high level overview of classes because we can't expose the real code.

Prerequisite attendee experience level: 300