Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance: CloudBytes

  • Date
  • Rating
  • Views
  • A Path to Achieving Network Security ZEN
    A Path to Achieving Network Security ZEN Den Jones, Director – Enterprise Security, Adobe Recorded: Jun 21 2018 47 mins
    Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Is it even possible to balance security and enhancement of the overall user experience? Adobe believes this is possible. We want to help you achieve this balance by sharing our framework known as Project “ZEN.”


    Project ZEN at Adobe is an initiative based upon principles found in zero-trust frameworks. Since there is no “off-the-shelf” solution to fully deliver on these principles today, ZEN is an investment in pioneering technology and policies to make the path to a zero-trust network more efficient and attainable.

    In this session you will: (a) learn about the principles behind Adobe ZEN, (b) understand the Adobe experience so you can start your own journey by leveraging existing security technology investments and targeted automation technologies, and (c) explore common issues you might encounter along the journey, with guidance on overcoming those issues.
  • Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy
    Taming the Cloud Together – CCSP & CCSK Cloud Certification Synergy David Shearer, CEO, (ISC)2; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork ; Rich Mogull, Securosis; B. Dunlap (Mod) Recorded: Jun 12 2018 58 mins
    Certain things go together to make the sum of their parts that much better. Peanut Butter and Jelly. Lennon and McCartney. Batman and Robin. In the ever-changing world of the cloud, cyber security professionals need continuous training and certifications to stay up-to-speed and pairing (ISC)2’s CCSP (Certified Cloud Security Professional) with CSA’s CCSK (Certificate of Cloud Security Knowledge) can put any cyber security practitioner ahead in terms of knowledge, skills and job opportunities. On June 12, 2018 at 1:00PM Eastern, join David Shearer, (ISC)2’s CEO and Jim Reavis, CSA’s CEO, along with other subject matter expects as we explore the differences between each program, the training options available for each, and how these programs are synergistic in nature and together were designed to build on one another.
  • The Evolution of Zero Trust Security: Next Gen Access
    The Evolution of Zero Trust Security: Next Gen Access Nick Fisher, Security Product Marketing at Okta Recorded: Jun 7 2018 28 mins
    As breaches fill the headlines, more organizations are adopting a Zero Trust security model and its key principle of "never trust, always verify." Modern implementations of this model are focusing on "Next Gen Access," where identity and authentication can greatly enhance your security posture with less complexity than network-based solutions. Join Nick Fisher of Okta where we’ll discuss how companies today are having success taking a Zero Trust approach to security.
  • Secure DevOps: Application Security from Development Through Runtime
    Secure DevOps: Application Security from Development Through Runtime Nathan Dyer of Tenable Recorded: Jun 5 2018 43 mins
    DevOps has become a competitive advantage for organizations competing in the new digital era. Increased speed, rapid experimentation, and continuous change are now guiding operating tenants to win in this market. Unfortunately, cybersecurity has been largely absent in the DevOps conversation despite the growing risks and high profile breaches over the past several years. Cybersecurity must adapt to DevOps, not the other way around, to overcome challenges relating to speed, poor visibility, and limited resources.

    Join Tenable as we talk about new approaches to secure applications across the entire software development lifecycle with specific examples along the way.
  • 3 Ways to Speed Up Your Incident Response Time
    3 Ways to Speed Up Your Incident Response Time Abik Mitra of Code42 Recorded: May 31 2018 44 mins
    The pace of cyber attacks on business users is increasing, but the time it takes to detect and recover from them is taking longer.

    In this webinar, Code42's Abhik Mitra will explore the root cause of this divergence and offer three principles that, when applied, can reverse the trend. These incremental changes in process and technology are actionable by most security and IT teams and can dramatically accelerate incident response.
  • Wrangling Those Pesky 3rd-party Software Vulnerabilities
    Wrangling Those Pesky 3rd-party Software Vulnerabilities Mayank Goyal, Sr. Security Researcher, Nishtha Behal, Security Researcher, Adobe Recorded: May 31 2018 39 mins
    Like many large software companies, Adobe makes use of both open source and commercial off-the-shelf software components to deliver solutions to its customers. From time to time, as with any publicly available software, vulnerabilities may be uncovered that require resolution – creating a cascading challenge in assuring that any solution we have using those components is remediated quickly. To help solve this vexing problem, Adobe developed an in-house solution we call “TESSA.” This session will discuss how TESSA came about, how it is helping to both track and automate remediation of vulnerabilities, and how we integrate it into our software development lifecycle to help us react more quickly to industry vulnerabilities. We would also like to get your feedback during this session to determine if TESSA would be useful to the CSA community as an open source project.
  • LIVE Cyber Attack Simulation: A Crypto Crime in Action
    LIVE Cyber Attack Simulation: A Crypto Crime in Action Hank Schless and Christian Lappin from Threat Stack Recorded: May 23 2018 37 mins
    Crypto mining and cyber crime are at the top of the list for headline-grabbing attacks. Want to see how it’s actually done?

    The reality of what happens on a day-to-day basis is the breakdown of people and process. Join us on May 23rd for a live simulation of hackers bypassing security controls and executing a crypto mining attack. Watch how a security engineer is able to quickly identify the attack, and then learn the tips you can take home to improve your own security posture.
  • GDPR: Personal Data Protection Compliance is a Business Matter
    GDPR: Personal Data Protection Compliance is a Business Matter Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting Recorded: May 22 2018 59 mins
    Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted approach. Compliance with the GDPR is becoming a necessary business requirement. Only companies that will be able to reassure business partners and consumers regarding their alignment to the new EU Regulation will stay competitive in the digital market. Moreover, if performed in a strategic way, compliance with the GDPR enables businesses to process personal data in manifold ways and thus to extract meaningful information from them in order to better serve actual and future customers, as well as to improve efficiency.

    During the webinar Prof. Dr. Paolo Balboni (Business Lawyer, Partner at ICT Legal Consulting) will present a strategic approach to GDPR compliance aimed at mitigating the legal risk and maximising the benefits of data processing activities.
  • 5 Steps to Boost Your Security Posture on AWS
    5 Steps to Boost Your Security Posture on AWS Neelum Khan, Tajvia Willis, and ​Sudha Iyer from Netskope Recorded: May 15 2018 28 mins
    Many customers have exposed their data in the cloud without proper security solutions. Securing data in the cloud to prevent exposures can present challenges to all enterprises. Despite the rapidly growing need for cloud-native visibility into behavior and activity across AWS environments, many companies are still in the beginning stages learning about best practices and security solutions for AWS. They want to know the best approach and how to get there.

    In this webinar, you will learn:
    - Common AWS security concerns
    - 5 steps you can take to boost your AWS security posture
    - How to implement these steps
  • How to Ace Type 2 SOC 2 with Zero Exceptions
    How to Ace Type 2 SOC 2 with Zero Exceptions Pete Cheslock and Pat Cable of Threat Stack Recorded: May 8 2018 43 mins
    Achieving Type 2 SOC 2 compliance with zero exceptions was no easy feat for Threat Stack. However, rather than implementing stringent security protocols at every point of production, they implemented and improved SecOps processes to make it happen.

    Learn how Threat Stack's Head of Ops, Pete Cheslock, and Sr. Infrastructure Security Engineer, Pat Cable collaborated to make the SOC 2 journey a success as well as the innovations created along the way (including a Change Management tool called ‘SockemBot’). Join this webinar to learn more about:

    - The SockemBot, ticketing workflows, and other SOC 2 innovations
    - Developer-approved operational changes for code and ticket mapping
    - The SOC 2 business benefits get to reap now

Embed in website or blog