Upgrade to Pro — share decks privately, control downloads, hide ads and more …

State of OpenStack Security

State of OpenStack Security

Bryan Payne

May 01, 2014
Tweet

More Decks by Bryan Payne

Other Decks in Technology

Transcript

  1. ©2014 Nebula, Inc. All rights reserved.
    State of OpenStack Security
    Bryan D. Payne
    Director of Security Research
    May 1, 2014

    View full-size slide

  2. ©2014 Nebula, Inc. All rights reserved.
    My Background
    • Focused on security my entire career
    • Spent a few years in school

    View full-size slide

  3. ©2014 Nebula, Inc. All rights reserved.
    Nebula One
    DevOPs/Test
    Apps & Workloads
    Media
    Apps & Workloads
    Other …
    Apps & Workloads
    Social
    Collaboration Apps
    & Workloads
    Big Data
    + Analytics
    Apps & Workloads
    Mobile
    Apps & Workloads
    Compute Storage Network
    Identity/Security
    Management/Orchestration/API Interface
    Turnkey Infrastructure as a Service
    (IaaS)
    Block Object
    1000+  companies  contributing  to  OpenStack
    Industry Standard Servers

    View full-size slide

  4. ©2014 Nebula, Inc. All rights reserved.
    OSSG HISTORY

    View full-size slide

  5. ©2014 Nebula, Inc. All rights reserved.
    LOOKING FORWARD

    View full-size slide

  6. ©2014 Nebula, Inc. All rights reserved.
    Key OSSG Projects
    • OpenStack Security Guide (aka “the book”)
    • OpenStack Security Notes (OSSN)
    • Threat Modeling & Analysis

    View full-size slide

  7. ©2014 Nebula, Inc. All rights reserved.
    Mid-Term Goals
    • Quality work in three key projects
    • More formal acceptance in community
    • Increase collaboration with core devs

    View full-size slide

  8. ©2014 Nebula, Inc. All rights reserved.
    OpenStack Projects “The Glue”
    Improve available security
    Document best practices
    Simplify security compliance
    Work with builders, ops, users

    View full-size slide

  9. ©2014 Nebula, Inc. All rights reserved.
    QUESTIONS
    Email: [email protected]
    Twitter: @bdpsecurity

    View full-size slide