BT
Older rss
49:18

Selling Unikernels: The CyberChaff Experience

Posted by Adam Wick  on  Feb 10, 2017 Posted by Adam Wick  on  Feb 10, 2017

Adam Wick talks about his team’s experience developing CyberChaff, a novel network defense solution with unikernels built into its core and why unikernels made sense for them.

55:48

The Seven Righteous Fights

Posted by Heidi Waterhouse  on  Jan 26, 2017 Posted by Heidi Waterhouse  on  Jan 26, 2017

Heidi Waterhouse discusses seven issues to tackle during project development: Localization, Security, Extensibility, Documentation, Affordance, Acceptance, Accessibility.

58:37

Managing Secrets at Scale

Posted by Mark Paluch  on  Dec 17, 2016 Posted by Mark Paluch  on  Dec 17, 2016

Mark Paluch discusses keeping the security bar high while running services that require secrets, securely sharing and managing secrets (certificates, passwords, keys) using Vault and Spring Boot.

41:46

Modern Web Security, Lazy But Mindful Like a Fox

Posted by Albert Yu  on  Dec 15, 2016 Posted by Albert Yu  on  Dec 15, 2016

Albert Yu presents a few viable, usable and effective defensive techniques that developers have often overlooked.

01:06:25

OpenID Connect & OAuth - Demystifying Cloud Identity

Posted by Filip Hanik  on  Dec 10, 2016 1 Posted by Filip Hanik Sree Tummidi  on  Dec 10, 2016 1

Filip Hanik and Sree Tummidi talk about the OpenID Connect and OAuth 2, sharing their experiences building the CF User Authentication and Account management project, and OpenID Connect implementation.

44:04

The Psychology of Security Automation

Posted by Jason Chan  on  Dec 03, 2016 Posted by Jason Chan  on  Dec 03, 2016

​Jason Chan discusses how security teams can use thoughtful tools and automation to improve relationships with development teams while creating a more secure and manageable environment.

54:05

Art of Stepping on the Same Rake, Volume 2

Posted by Alex Holden  on  Dec 02, 2016 Posted by Alex Holden  on  Dec 02, 2016

Alex Holden talks about hackers and their attacks, their latest techniques and the defenses needed today and tomorrow. He also talks about a number of recent breaches as well as lessons learned.

42:51

What Happens When Data Gets Breached?

Posted by Jarrod Overson  on  Dec 02, 2016 Posted by Jarrod Overson  on  Dec 02, 2016

Jarrod Overson talks about a world where passwords are traded, sold, verified, and used to exploit sites, how to recognize malicious traffic, and how to take a stand against attackers.

58:42

To Spring Security 4.1 and beyond

Posted by Rob Winch  on  Nov 09, 2016 1 Posted by Rob Winch Joe Grandja  on  Nov 09, 2016 1

Rob Winch and Joe Grandja discuss how to easily secure an application with Spring Security 4.1 and focus on some of the new features found in Spring Security 4.1.

33:40

An Authentication and Authorization Architecture for a Microservices World

Posted by David Ferriera  on  Oct 19, 2016 Posted by David Ferriera  on  Oct 19, 2016

David Ferriera describes how ForgeRock provides a standards-based blueprint that offers a flexible solution to balance security and performance while protecting Cloud Foundry services end-to-end.

37:21

Cloud Native Key Management

Posted by Justin Smith  on  Oct 05, 2016 Posted by Justin Smith  on  Oct 05, 2016

Justin Smith discusses credential hygiene in distributed systems, covering topics such as key encrypting keys, hardware security modules, and promising advances in muti-party computation.

29:59

What I Learned from Four Years of Science-ing the Crap out of DevOps

Posted by Nicole Forsgren  on  Sep 22, 2016 Posted by Nicole Forsgren  on  Sep 22, 2016

Nicole Forsgren shares the results of studies spanning four years and 25,000 DevOps data points: continuous delivery and Lean management practices improves quality and security outcomes.

BT