Upgrade to Pro — share decks privately, control downloads, hide ads and more …

State of OpenStack Security

State of OpenStack Security

Bryan Payne

May 01, 2014
Tweet

More Decks by Bryan Payne

Other Decks in Technology

Transcript

  1. ©2014 Nebula, Inc. All rights reserved. State of OpenStack Security

    Bryan D. Payne Director of Security Research May 1, 2014
  2. ©2014 Nebula, Inc. All rights reserved. My Background • Focused

    on security my entire career • Spent a few years in school
  3. ©2014 Nebula, Inc. All rights reserved. Nebula One DevOPs/Test Apps

    & Workloads Media Apps & Workloads Other … Apps & Workloads Social Collaboration Apps & Workloads Big Data + Analytics Apps & Workloads Mobile Apps & Workloads Compute Storage Network Identity/Security Management/Orchestration/API Interface Turnkey Infrastructure as a Service (IaaS) Block Object 1000+  companies  contributing  to  OpenStack Industry Standard Servers
  4. ©2014 Nebula, Inc. All rights reserved. Key OSSG Projects •

    OpenStack Security Guide (aka “the book”) • OpenStack Security Notes (OSSN) • Threat Modeling & Analysis
  5. ©2014 Nebula, Inc. All rights reserved. Mid-Term Goals • Quality

    work in three key projects • More formal acceptance in community • Increase collaboration with core devs
  6. ©2014 Nebula, Inc. All rights reserved. OpenStack Projects “The Glue”

    Improve available security Document best practices Simplify security compliance Work with builders, ops, users