[TALK]@Telematika

threat

Lightning Talk: Next chapter in MANRS

March 1, 2020

Mutually Agreed Norms for Routing Security (MANRS) is a global initiative that provides crucial fixes to reduce the most common routing threats. Originally designe …

BGP Route Security - Cycling to the Future!

February 28, 2020

The BGP routing protocol was designed to control traffic at interdomain routing level, but Its scalability and extensibility made it popular in other environments: …

Prioritizing trust while creating applications

February 26, 2020

Time and money are generally the resources we focus on when building applications. Yet we cant buy trust; it builds slowly and can be broken quickly when we dont factor it in to our development process. Jennifer Davis examines how to leverage security practices to enable an all-team approach to security.

An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry

February 23, 2020

Evaluating security risks and conducting threat modeling are challenging for open source project contributors and adopters. There are rarely enough people, or people with experience, to tackle these t …

Anomaly detection in smart buildings using federated learning

February 21, 2020

There's an exponential growth in the number of internet-enabled devices on modern smart buildings. IoT sensors measure temperature, lighting, IP camera, and more. Tuhin Sharma and Bargava Subramanian explain how they built anomaly-detection models using federated learningwhich is privacy preserving and doesn't require data to be moved to the cloudfor data quality and cybersecurity.

Getting a Good Nights Sleep After a Fresh Kubernetes Deployment

February 21, 2020

WIth constantly increasing number of security threats, no Kubernetes cluster should stay vulnerable. How easy it is to make sure yours follows all of the best practices? Having an automated assessment …

Linux Encryption Performance is Not an Excuse Anymore

February 10, 2020

Data breaches pose a threat to almost every enterprise today and are definitely getting more attention than ever before. One of the most effective ways to keep your data safe is by encrypting it, whet …

Building a Secure IoT Device

February 6, 2020

Building a secure connected device is a complex challenge.- Provisioning of a device requires handling of secrets. While creating a physically secure facility is an accepted way of securely provisio …

The 'S' in IoT stands for Security

January 26, 2020

IoT security isn't rocket surgery, but a race to market has left a proliferation of insecure, unpatchable devices strewn across the internet. Well-established software delivery and security best pract …

Security precognition: A look at chaos engineering in security incident response

January 19, 2020

Chaos engineering allows security incident response teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown. Join Aaron Rinehart to explore the hidden costs of security incidents, learn a new technique for uncovering system weaknesses in systems security, and more.

Security engineering 101: When good design and security work together

January 15, 2020

Is security always a bolt-on in your software process? Is your secure development lifecycle "build, then duct-tape on some security"? Wendy Knox Everette explains why good design principles go hand in hand with a strong security stance and highlights the importance of designing in security from the very start of your development process.

Evaluating cybersecurity defenses with a data science approach

January 12, 2020

Cybersecurity analysts are under siege to keep pace with the ever-changing threat landscape. The analysts are overworked as they are bombarded with and burned out by the sheer number of alerts that they must carefully investigate. Brennan Lodge and Jay Kesavan explain how to use a data science model for alert evaluations to empower your cybersecurity analysts.

Can Artificial Intelligence Secure Your Infrastructure?

January 8, 2020

While intrusion detection systems are the basis of every security aware organization and most of the network based threats have been successfully mitigated in the past; it has a major drawback. And th …

How Secure is Your Edge with EdgeX?

January 8, 2020

IoT presents a large attack surface, stemming from the number of connected components, physical distribution, and bugs in hardware and software. In this talk we focus on the Edge, systems close to the …

Maintaining human control of artificial intelligence

December 30, 2019

Although not a universally held goal, maintaining human-centric artificial intelligence is necessary for societys long-term stability. Joanna Bryson discusses why this is so and explores both the technological and policy mechanisms by which it can be achieved.

Masquerading malicious DNS traffic

December 22, 2019

Malicious DNS traffic patterns are inconsistent and typically thwart anomaly detection. David Rodriguez explains how Cisco uses Apache Spark and Stripes Bayesian inference software, Rainier, to fit the underlying time series distribution for millions of domains and outlines techniques to identify artificial traffic volumes related to spam, malvertising, and botnets (masquerading traffic).

The Devil in the Details: Kubernetes First Security Assessment

December 20, 2019

In October of last year, the Kubernetes project created a new Security Audit working group and began Kubernetes first comprehensive third-party security assessment. In the months that followed, we wo …

(Continuous) threat modeling: What works?

December 19, 2019

Threat modeling as a discipline has always enjoyed a special place in development, going from "Why do it?" to "I should do it one of these days" to "We did it and didn't even get a T-shirt." Many competing methodologies, interests, and constraints help make the process more difficult than it needs to be, reducing the results. Izar Tarandach shares the approach Autodesk uses for threat modeling.

Hardware-based KMS Plug-in to Protect Secrets in Kubernetes

December 19, 2019

Secrets are a key pillar of K8S security, and K8S 1.10+ enhanced the protection of secrets at-rest in the etcd, with support for an external KMS (via KMS plug-ins), and supporting envelope encryption. …

OAuth: When things go wrong (sponsored by Okta)

December 16, 2019

Aaron Parecki discusses common security threats when building microservices using OAuth and how to protect yourself. You'll learn about high-profile API security breaches related to OAuth; common implementation patterns for mobile apps, browser-based apps, and web server apps; and the latest best practices around OAuth security being developed by the IETF OAuth working group.

Did Kubernetes Make My p95s Worse?

December 6, 2019

When Airbnb first evaluated Kubernetes, they explicitly tested for performance and saw no significant differences. Then in 2019, as Airbnbs migration of services from EC2/Chef to Kubernetes went into …

Piloting Around the Rocks: Avoiding Threats in Kubernetes

December 4, 2019

Over three months in 2019, Trail of Bits completed the first-ever security review of Kubernetes, consisting of source review, dynamic testing, and threat modeling. One artifact, the threat model, lets …

Knative - The Security Platypus?

November 28, 2019

Knative provides a way to extend Kubernetes to run serverless workloads. Although it runs as pods, given the nature of those workloads it requires an approach to security that is distinct from standar …

Keynote: From COBOL to Kubernetes: A 250 Year Old Bank's Cloud-Native Journey

October 26, 2019

Adopting Kubernetes in an enterprise setting is challenging enough. Doing so in the highly-regulated banking industry presents further challenges. In this presentation Laura Rehorst (Product Owner - S …