Upgrade to Pro — share decks privately, control downloads, hide ads and more …

State of OpenStack Security

938bca9547ba1cac3e69d80efd67fe6b?s=47 Bryan Payne
May 01, 2014
Technology
0
48

State of OpenStack Security

938bca9547ba1cac3e69d80efd67fe6b?s=128

Bryan Payne

May 01, 2014
Tweet

More Decks by Bryan Payne

See All by Bryan Payne
Fail, Learn, Fix: Improving Security The Old-Fashioned Way
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
0
210
BLESS: Better Security and Ops for SSH Access
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
3
660
Securing Containers the Netflix Way
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
1
2.1k
PKI at Scale Using Short-Lived Certificates
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
0
780
Platform Security Jobs at Netflix
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
0
820
Improving Cloud Security with Attacker Profiling
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
2
790
Key Management in AWS: How Netflix Secures Sensitive Data Without Its Own Data Center
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
4
1.5k
Security at Different Layers of Abstractions: Application, Operating Systems, and Hardware
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
0
170
Platform Security at Netflix: Securing Microservices from the Ground Up
938bca9547ba1cac3e69d80efd67fe6b?s=48 bdpayne
0
5.4k

Other Decks in Technology

See All in Technology
E2E自動テスト導入・運用をめぐる先入観と実際に起きたこと / Preconceptions and What Happened with E2E Testing
77fa3ebbf229a884c74c905034b1f4c2?s=48 ak1210
1
230
プロダクション環境の信頼性を損ねず観測する技術
3baceb46dfe36422370df30b8eab61d1?s=48 egmc
4
420
開発者のための GitHub Organization の安全な運用と 継続的なモニタリング
9b565bcc5e776225de62be25cc30f97f?s=48 flatt_security
3
3.6k
AWS ChatbotでEC2インスタンスを 起動できるようにした
Eb5a213a0a76afa872249a05444c78c1?s=48 iwamot
0
120
ニフティでSRE推進活動を始めて取り組んできたこと
374e82d9428869942bed1de094a7ca95?s=48 niftycorp
2
300
New Features in C# 10/11
1c3658db58f755e44fc1a70255c08ff7?s=48 chack411
0
920
Kubernetesの上に作る、統一されたマイクロサービス運用体験
5292dd0924f5e440a4b7ff40b165a0b4?s=48 tkuchiki
1
840
1,000万人以上が利用する「家族アルバム みてね」のSRE組織は4年間でどのように作られてきたのか/SRE NEXT 2022
46839cf590a549efe13547c17a6b2fde?s=48 isaoshimizu
4
2.8k
Dagu | オンプレ向けワークフローエンジン(WebUI 同梱)
2a80a0a6f834a75cc418ef59175ecbb0?s=48 yohamta
0
140
LINEスタンプの実例紹介 小さく始める障害検知・対応・振り返りの 改善プラクティス
A3966f193f4bef226a0d3e3c1f728d7f?s=48 line_developers
PRO
3
1.4k
完全に理解した incremetal 〜そして、何もわからないへ〜
F40e385e485eafaed67850df08b122d0?s=48 mashiike
0
210
Whats new in Android Media?
35e891f6b7c223caa0e69b665f23b115?s=48 myolwin00
2
100

Featured

See All Featured
We Have a Design System, Now What?
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
35
2.9k
JavaScript: Past, Present, and Future - NDC Porto 2020
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
37
3.2k
Happy Clients
C51b39fa3c79ccb99dcb8a076bc98287?s=48 brianwarren
89
5.5k
Optimizing for Happiness
25c7c18223fb42a4c6ae1c8db6f50f9b?s=48 mojombo
365
63k
The Illustrated Children's Guide to Kubernetes
0438ae60cde4c7add6f9da48f28c15cc?s=48 chrisshort
14
34k
Infographics Made Easy
282d599b414022eba5096510f675b6e2?s=48 chrislema
233
17k
Building Your Own Lightsaber
Fe6b81005d1553accd6b2a28f6a2bef1?s=48 phodgson
94
4.6k
Agile that works and the tools we love
462dad0dd24c568a32dcdb0ae895ae1b?s=48 rasmusluckow
319
19k
Build your cross-platform service in a week with App Engine
5f83ef806155b403c3393160ce51f955?s=48 jlugia
219
17k
Building Better People: How to give real-time feedback that sticks.
9952dfcd5d338f8a8e7175c8a8f65fb5?s=48 wjessup
343
17k
Web development in the modern age
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
197
9.3k
Stop Working from a Prison Cell
C1daf20e5c49ff910745198ef9869ac2?s=48 hatefulcrawdad
261
17k

Transcript

  1. ©2014 Nebula, Inc. All rights reserved. State of OpenStack Security

    Bryan D. Payne Director of Security Research May 1, 2014

  2. ©2014 Nebula, Inc. All rights reserved. My Background • Focused

    on security my entire career • Spent a few years in school

  3. ©2014 Nebula, Inc. All rights reserved. Nebula One DevOPs/Test Apps

    & Workloads Media Apps & Workloads Other … Apps & Workloads Social Collaboration Apps & Workloads Big Data + Analytics Apps & Workloads Mobile Apps & Workloads Compute Storage Network Identity/Security Management/Orchestration/API Interface Turnkey Infrastructure as a Service (IaaS) Block Object 1000+  companies  contributing  to  OpenStack Industry Standard Servers

  4. ©2014 Nebula, Inc. All rights reserved. OSSG HISTORY

  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None
  18. None
  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None
  35. None
  36. None

  37. ©2014 Nebula, Inc. All rights reserved. LOOKING FORWARD

  38. ©2014 Nebula, Inc. All rights reserved. Key OSSG Projects •

    OpenStack Security Guide (aka “the book”) • OpenStack Security Notes (OSSN) • Threat Modeling & Analysis

  39. ©2014 Nebula, Inc. All rights reserved. Mid-Term Goals • Quality

    work in three key projects • More formal acceptance in community • Increase collaboration with core devs

  40. ©2014 Nebula, Inc. All rights reserved. OpenStack Projects “The Glue”

    Improve available security Document best practices Simplify security compliance Work with builders, ops, users

  41. ©2014 Nebula, Inc. All rights reserved. QUESTIONS Email: bryan.payne@nebula.com Twitter:

    @bdpsecurity