Tuesday, April 14, 2020
Link visible for attendees
Join us this meetup as we have Patrick M. Ryan's presentation "Delegated authentication using OAuth: A case study using Spotify and AWS" and Josh Stella be giving a demonstration on "Hacking the Cloud: Simulating Advanced Cloud Misconfiguration Exploits "!
5:30-6:00 pm - Networking & Food/Drinks
6:00-6:15 pm - AWS Cloud Security Meetup opening
6:15-6:30 pm- Sponsors (Fugue, Inc & AWS)
6:30-7:15 pm - Patrick M. Ryan, "Delegated Authentication..."
7:15-7:25 pm - Short Break!
7:25-8:10 pm - Josh Stella, Demo "Hacking the Cloud..."
8:10-8:30 pm - Wrap Up & Networking
The location is TBD.
This event's food & drinks & swag are sponsored by Fugue, Inc; the venue is being sponsored by AWS Security!
[ https://fugue.co - "Fugue empowers engineers to build and operate secure cloud systems that are compliant with enterprise policies."]
Patrick M. Ryan,
Cloud Practice Lead @ Evans & Chambers
Pat has 30 years of experience in the IT industry, most of it in and around the Federal government. He holds AWS certifications, such as Solutions Architect Associate and Developer Associate. He is currently working in a security role for a Federal agency.
In this presentation, he will walk through the basics of the OAuth protocol, its use in a REST API, how to use the AWS Secrets Manager to maintain credentials, and a practical application of those technologies.
A very abbreviated version of this topic he published on the APN blog: https://aws.amazon.com/blogs/publicsector/delegated-authentication-oauth-case-study/ .
CTO and Founder @ Fugue
Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
In this session, he will be giving a live demo on preventing cloud-native exploits that require us to rethink cloud architecture and how we use services such as IAM. He will simulate advanced cloud attacks live to demonstrate how common cloud misconfigurations are exploited to understand how the can be prevented upfront with secure architecture.
If you are looking for your next step in your career, be sure to bring a copy of your resume and your best smile as AWS is hiring. There will be an AWS Security Engineer looking for possible future teammates. There are typically other attendees whose company may be hiring as well, and we will dedicate time to this after the talks.
We will need everyone who is planning to attend to RSVP 48 hours PRIOR to the event date!
RSVP will close Monday, April 14th, at 2:30 pm.
Space is limited, so RSVP will close sooner if capacity is reached!
Anyone who does not provide their full name by April 14th will be taken off the attendee list. This information is crucial for access to the building.
Please bring a government-issued photo ID to show security at the entrance.
There is no fee to attend this event, and it is open to the public. If you have any suggestions, recommendations, ideas, etc please see one of our organizers before or after the MeetUp, or reach out to us online. Please help spread the word by inviting your colleagues and connections on Facebook and LinkedIn.