Please join us on August 24th for the next Colorado CF Meetup at an exciting customer location - DISH Network at Grand Central! We are excited to co-host with Dish and show off their Dish Labs floor. For the event we have two great speakers who will discuss the modern vulnerabilities and remedies to securing next gen applications.
John Field Enterprise software security traditionally resists change as a matter of unquestioned policy. Vulnerability is a function that changes with time. The probability of being exploited increases with the accumulation of long lived credentials and unpatched code. The question that must be asked is: how can a security strategy which resists change keep up with the pace of the modern threat landscape? This asymmetry in speed and adaptiveness only creates advantages for the attacker. What if the only what to increase security is to move as fast as possible? Continuously rotating credentials, patching systems, and rebuilding clusters to minimize windows of vulnerability decreases the threat profile in time and severity. This presentation will outline principles and practices of Cloud Native Security and how Cloud Foundry can be part of your strategy to increase velocity and security.
Phillip Maddux Over the last several years we've witnessed, and experienced, an advance towards new approaches in web technologies and the processes to deploy web applications. In this talk, we'll explore and describe the "Modern Web", discuss observations on the evolution of the Secure SDLC, recognize existing challenges in achieving real-time threat visibility once web applications are deployed to production, and finally, walk through the concepts that address the challenges in fast paced "agile" development cycles.
John Field has more than 20 years experience in software development, system architectures, and information security.John is currently a Product Manager for Pivotal Cloud Foundry platform security. In this role, John is focused on transforming how security and compliance can be optimized in cloud native environments. Prior to this role, John worked for 7 years as a SeniorTechnologist in the EMC CTO Office, mentoring a number of product development teams. Prior to joining EMC, John was a member of the RSA Security CTO team. John came to RSA via the acquisition of his startup Transindigo, where he was the co-founder and CTO. John got his start in information security back in the 1990's at Bankers Trust Company, a top-10 WallStreet bank, where he was responsible for building and deploying the bank's first global user authentication and authorization infrastructure. An excellent communicator, he has been an invited speaker at many industry events including CFSummit, JavaOne, SpringOne, EMC World, RSA Conference, &the 2nd International Workshop on RESTful Design at the W3C.
Phillip Maddux is a Senior Solutions Engineer at Signal Sciences and has over 10 years of experience in information security, with the majority of that time focused on application security in the financial services sector. In his spare moments he enjoys converting ideas to code and committing them to Github.
Metered parking is available and there are pay lots available across from the office (18th & Wazee). We look forward to seeing you there!