SecAppDev 2020 Lecture Details
The hitchhikers guide to secrets for cloud environments
Friday March 13, 11:00 - 12:30
From API Keys to encryption keys, the number of secrets an average app requires is increasing. The talk will focus on secrets management for Kubernetes, AWS and Azure environments with some gotchas and implementation nuances
Secrets are ubiquitous. From API Keys to encryption keys, the number of secrets an average app requires for its ops, especially in the cloud, is increasing Unfortunately, developers and practitioners are unaware of secrets management, resulting in some very serious vulnerabilities.
In this talk, we discuss how to handle secrets the right way. Concretely, we look at vault-based secrets management for Kubernetes, AWS and Azure environments. Not only do we cover best practices, we also investigate gotchas and implementation nuances across platforms.
How to handle encryption and secrets in Kubernetes environments, on Azure and on AWS.
Developers, application security professionals, cloud professionals
Basic knowledge of cloud platforms and encryption techniques
Abhay Bhargav is the Founder of we45, a focused Application Security Company. He is the Chief Architect of “Orchestron"", a leading Application Vulnerability Correlation and Orchestration Framework. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA 2019, SHACK and so on.
Related devops security sessions
A practical view of security toolchains in DevSecOps
Lecture by Abhay Bhargav
You wanted to know about DevSecOps Pipelines, but didnt know whom to ask? This anecdotal, demo-filled talk delves into DevSecOps with strategies for tool orchestration, vulnerability management and more. Best yet, you can do all this for $0
DevOps Security Wednesday March 11, 16:00 - 17:30
Lessons from the Node.js ecosystem bug bounty
Lecture by Marcin Hoppe
DevOps Security Friday March 13, 14:00 - 15:30