Upgrade to Pro — share decks privately, control downloads, hide ads and more …

State of OpenStack Security

Bryan Payne
May 01, 2014
Technology
0
71

State of OpenStack Security

Bryan Payne

May 01, 2014
Tweet

More Decks by Bryan Payne

See All by Bryan Payne
Fail, Learn, Fix: Improving Security The Old-Fashioned Way
bdpayne
0
260
BLESS: Better Security and Ops for SSH Access
bdpayne
3
740
Securing Containers the Netflix Way
bdpayne
1
2.3k
PKI at Scale Using Short-Lived Certificates
bdpayne
0
870
Platform Security Jobs at Netflix
bdpayne
0
870
Improving Cloud Security with Attacker Profiling
bdpayne
2
820
Key Management in AWS: How Netflix Secures Sensitive Data Without Its Own Data Center
bdpayne
4
1.9k
Security at Different Layers of Abstractions: Application, Operating Systems, and Hardware
bdpayne
0
200
Platform Security at Netflix: Securing Microservices from the Ground Up
bdpayne
0
5.8k

Other Decks in Technology

See All in Technology
iOS/Androidで同じUI体験をネ イティブで作成する際に気をつ けたい落とし穴
fumiyasac0921
1
110
データプロダクトの定義からはじめる、データコントラクト駆動なデータ基盤
chanyou0311
2
280
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
350
ハイパーパラメータチューニングって何をしているの
toridori_dev
0
140
Amplify Gen2 Deep Dive / バックエンドの型をいかにしてフロントエンドへ伝えるか #TSKaigi #TSKaigiKansai #AWSAmplifyJP
tacck
PRO
0
370
EventHub Startup CTO of the year 2024 ピッチ資料
eventhub
0
110
TypeScript、上達の瞬間
sadnessojisan
46
13k
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.8k
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
300
障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2
arthur1
5
470
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
180

Featured

See All Featured
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
Six Lessons from altMBA
skipperchong
27
3.5k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
YesSQL, Process and Tooling at Scale
rocio
169
14k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
Adopting Sorbet at Scale
ufuk
73
9.1k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k

Transcript

  1. ©2014 Nebula, Inc. All rights reserved. State of OpenStack Security

    Bryan D. Payne Director of Security Research May 1, 2014

  2. ©2014 Nebula, Inc. All rights reserved. My Background • Focused

    on security my entire career • Spent a few years in school

  3. ©2014 Nebula, Inc. All rights reserved. Nebula One DevOPs/Test Apps

    & Workloads Media Apps & Workloads Other … Apps & Workloads Social Collaboration Apps & Workloads Big Data + Analytics Apps & Workloads Mobile Apps & Workloads Compute Storage Network Identity/Security Management/Orchestration/API Interface Turnkey Infrastructure as a Service (IaaS) Block Object 1000+  companies  contributing  to  OpenStack Industry Standard Servers

  4. ©2014 Nebula, Inc. All rights reserved. OSSG HISTORY

  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None
  18. None
  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None
  35. None
  36. None

  37. ©2014 Nebula, Inc. All rights reserved. LOOKING FORWARD

  38. ©2014 Nebula, Inc. All rights reserved. Key OSSG Projects •

    OpenStack Security Guide (aka “the book”) • OpenStack Security Notes (OSSN) • Threat Modeling & Analysis

  39. ©2014 Nebula, Inc. All rights reserved. Mid-Term Goals • Quality

    work in three key projects • More formal acceptance in community • Increase collaboration with core devs

  40. ©2014 Nebula, Inc. All rights reserved. OpenStack Projects “The Glue”

    Improve available security Document best practices Simplify security compliance Work with builders, ops, users

  41. ©2014 Nebula, Inc. All rights reserved. QUESTIONS Email: [email protected] Twitter:

    @bdpsecurity