We are preparing another exciting evening with high quality security talks followed by networking session were you can treat yourself with some pizza and beer!
19:00 - 19:30 Vaibhav Jain - Security Dashboard: The Unified Cloud Security View
Security Dashboard is a one stop solution which provides all users at Adobe an opportunity to look at their cloud infrastructure which includes AWS, Azure and ITC from security standpoint and leverage it to make themselves CCF and PCI ready. In addition to this it also alerts teams by creating JIRA tickets in their own JIRA Projects so that teams now know tangibles of what needs to be fixed and all this is done intelligently via automation workflows.
All of this is developed using a combination of Splunk, Python and JIRA Query Language by ingesting logs coming to Central Adobe Security Splunk from tools like Mavlink, Hubble, Rapid7 and ImageFactory which are mandated to be deployed in Adobe wide Cloud Services.
19:30 - 20:00 Andreea Dima - Continuous automated detection of web application vulnerabilities
A manual, human-based, security testing is lengthy, inefficient and in many cases does not adapt to the needs of companies. Therefore, Andreea`s project proposes an approach that involves a continuous automated detection of web applications vulnerabilities, providing a consistent system that allows immediate detection of security inconsistencies by developers and thus more rapid remediation. The main focus of this project is to integrate security validation into a CI/CD Pipeline that also offers a great way to monitor and analyze the results. When a push is made in the Git repository, the pipeline starts automatically and builds, deploys the application on Kubernetes, runs the Kube-hunter for testing the cluster, runs OWASP ZAP for detecting top web vulnerabilities, and runs Snyk for testing application dependencies.
20:00 - 21:00 Trent Bennett & Brendan Abbott - Kubernetes Security
There is not a one-size-fits-all approach to Kubernetes security. This talk will briefly go through some best practices, and then discuss multiple components of Adobe's security implementation in Kubernetes, including RBAC, NetworkPolicy, and Ingress. Trent and Brendan will also talk through a few common (and not always immediately obvious) ways to shoot yourself in the foot when it comes to security in Kubernetes.