Securing your IaaS infrastructure (AWS, OpenStack and others)

Securing your IaaS infrastructure Or - how not to become the next Code-Spaces.

Last June, a code repository SaaS provider name code-spaces was completely wiped out and closed business after an intruder managed to gain access to their AWS dashboard. All of the company data including volumes, snapshots, objects and backup was deleted leaving the company manager only one alternative – shutdown the business.

Infrastructure as a Service can do amazing things for your business, providing young companies access to enterprise level infrastructure with flexibility and ease of use. But the very same advantages of the cloud also possess the greatest threats. The centralization of controls, resources polling and automation capabilities can act as two edged sword if not maintain correctly.

In the presentation we will review the challenges facing IaaS consumers, overview important IaaS security features inside OpenStack and other platforms and list the important attack vectors to look out for.

Presenter:
Moshe Ferber
Co-chairman of the board, Cloud Security Alliance, Israel