In-Person Event

Red Hat Defense in Depth

Noviembre 13, 2018Herndon, VAHyatt Regency Dulles

SECURING THE MODERN ENTERPRISE USING OPEN SOURCE

Join Defense in Depth 2018, where cybersecurity professionals can learn and network alongside Red Hat and Intel security experts, partners, and industry peers. No one can solve IT security issues alone. Solving problems together as a community is the future of technology.

 

WHAT TO EXPECT

Defense in Depth is an annual event that brings together industry experts with depth of knowledge of the latest upstream and enterprise security developments. Participants will be able to choose their own adventure mixing interactive talks and hands on labs throughout the day.

 

WHO SHOULD ATTEND

Defense in Depth was created specifically for security practitioners familiar with open source software.

 

AGENDA

8:00 a.m. - 9:00 a.m.Registration Check In and Breakfast
9:00 a.m. - 9:30 a.m.Welcome and Keynote
9:45 a.m. - 3:00 p.m.Talk Tracks and Labs

Date: Tuesday, November 13, 2018

Time: 8:00 a.m. – 3:00 p.m. EST

Location:
Hyatt Regency Dulles
2300 Dulles Corner Blvd
Herndon, VA 20171

If you have any questions, please send us an email.

Red Hat Enterprise Linux Security Roadmap

Mark Thacker, Principal Product Technology Manager, Red Hat

Security has never been a more important topic. Red Hat has been a leader in open source security for decades, incorporating open standards and supporting security technologies throughout all of our products.

In this session, we’ll discuss the future of Red Hat security, including how new technologies can help you respond to security requirements in DevSecOps, compliance, virtualization, hybrid cloud deployments, privacy, containers and management. We will also discuss hardware root of trust technologies, the latest security vulnerability responses and the changing security compliance landscape.

By the end of this session, you’ll understand Red Hat’s future security plans, how they may affect you, and how you can help us shape the future of security.

Securing Kubernetes Clusters

John Osborne, Solutions Architect, Red Hat

From federal agencies to unicorns, running Kubernetes clusters has become the de-facto way to optimize IT workloads on-premise and in public cloud. Yet securing these workloads can be challenging as there are many attack surfaces that need to be protected. This talk will discuss the multi-layered approach that Red Hat believes is paramount to securing a Kuberntes cluster and what it actually means to be secure-by-default. This talk will also cover recommended best practices and introduce emerging container isolation technologies such as gAdvisor and kata containers.

Automated Security & Compliance for Hybrid Environments

Lucy Kerner, Security Evangelist and Strategist, Red Hat

Maintaining visibility, control, and security, and ensuring governance and compliance remains paramount, but it becomes more difficult and time consuming in a hybrid infrastructure consisting of physical, virtual, cloud, and container environments. In this session, you’ll learn how a combination of Red Hat's Management Portfolio and OpenSCAP can help you with these challenges in your hybrid infrastructure by automating security and compliance. Specifically, in your hybrid infrastructure, you’ll learn how to easily provision a security-compliant host, how to quickly detect and remediate security and compliance issues, how to ensure governance and control in an automated way, how to do proactive security and automated risk management, how to perform audit scans and remediations on your systems, and how to automate security to ensure compliance against regulatory or custom profiles.

Why We Are Still Losing the InfoSec Battle and How do we get Back in the Race?

Steve Orrin, Federal Chief Technologist, Intel Corporation

In the current security paradigm, security teams are losing to threat actors and falling further behind. We need novel approaches to reducing the threat curve by integrating solutions across cyber threat intelligence and analytics, continuous monitoring, automation, and information sharing. Analytics and Machine Learning have had a transformative impact on threat intelligence. It’s a paradigm-shifting improvement as-is, and its impact can be further augmented by the application of foundational security hygiene, continuous monitoring, information sharing, and automation. These key elements working in concert will change the security landscape from its current gradual pace to a much more rapid rate of improvement and risk reduction. The session will highlight strategies, innovations and illustrate how we as a community must come together to meet the evolving threats and risks to organizations, users and our data.

Secure Tactical Edge Computing

Donny Davis, US Army Solution Architect

As edge computing begins to roll out on your network, the one question that needs to be in the forefront is how to secure the capability.

Secure Tactical edge computing is an emerging market, and Red Hat has answers. Come learn how to secure your edge computing devices with Red Hat Openstack

Next Generation Tools for Container Technology and Security

Dan Walsh, Consulting Software Engineer, Red Hat

This talk will introduce new ways of running OCI Compliant containers from container registries like docker.io, quay.io, and artifactory.

Understand why breaking up the monolithic container daemon into a series of smaller runtime tools, we can greatly increase the security of using different types of containers.

Hear what OpenShift/Kubernetes needs to run a container?

During this session the following topics will be introduced:

  • CRI-O a new container runtime dedicated to OpenShift/Kubernetes.
  • Buildah a new way of building OCI Container Images
  • Podman a new way of testing, managing and working with containers from the CLI.
  • Skopeo a mechanism for managing/moving container images between container registries and between different types of container storage.

Each section will also explain security benefits from using the new tools.

Deploying SELinux Successfully in Production Environments

Alex Jacocks, Sr. Solutions Architect, Red Hat
Lukas Vrabec, Software Engineer, Red Hat

The following talk contains an overview of Security Enhanced Linux Technology, which is part of Red Hat Enterprise Linux. I'll introduce the concept of Reactive and Proactive security and when and how Proactive security can help to mitigate damage, after successful exploitation of systems. After that, these principles will be described using a demo with real examples of exploits. Then we'll look at SELinux security policy, how it works and what SELinux rules look like. Containers security using SELinux will be also explained and described, using real examples.

Meltdowns, Ghosts, and Shadows - The New Normal

CRob, Product Security Assurance Lead, Red Hat

Join Red Hat Product Security as we talk about the last year in computer vulnerabilities that was highlighted by a string of microprocessor flaws that captured the world's attention. We will talk about the series of issues that started off with Spectre & Meltdown that was unveiled to the public on January 3rd, 2018 and continue on through the subsequent issues the culminated in the August 14, 2018 release of L1TF/Foreshadow.

Attendees will come away with a better technical understanding of the speculative execution CPU vulnerabilities, understanding how Red Hat and the computer industry has and continues to react to these flaws, and understand the risks and trade-offs of the mitigations.

Offensive and Defensive Security with Ansible

Lucy Kerner, Security Evangelist and Strategist, Red Hat

Ansible is a leading automation tool for the system administrator, but how can you use it as a way of managing enterprise security postures? As defensive technologies improve their ability to identify unusual processes and binaries on their endpoints, attackers also adjust their techniques, becoming more creative in order to stay under the radar. In this session, we will talk about why you would want to use Ansible for both offensive and defensive security, provide examples of how to use Ansible for both offensive and defensive security, review examples of Ansible security integrations across the Red Hat Portfolio, and review real Red Hat customer examples of Ansible security automation implementations.

Automated Security & Compliance for Hybrid Environments

Lucy Kerner, Security Evangelist and Strategist, Red Hat

Maintaining visibility, control, and security, and ensuring governance and compliance remains paramount, but it becomes more difficult and time consuming in a hybrid infrastructure consisting of physical, virtual, cloud, and container environments. In this session, you’ll learn how a combination of Red Hat's Management Portfolio and OpenSCAP can help you with these challenges in your hybrid infrastructure by automating security and compliance. Specifically, in your hybrid infrastructure, you’ll learn how to easily provision a security-compliant host, how to quickly detect and remediate security and compliance issues, how to ensure governance and control in an automated way, how to do proactive security and automated risk management, how to perform audit scans and remediations on your systems, and how to automate security to ensure compliance against regulatory or custom profiles.

Red Hat Enterprise Linux Security Technologies Lab

Lucy Kerner, Security Evangelist and Strategist, Red Hat
Lukas Vrabec, Software Engineer Security Technologies, Red Hat

In this lab, you'll learn about the built-in security technologies in Red Hat Enterprise Linux.

Specifically, you will use OpenSCAP to scan and remediate against vulnerabilities and configuration security baselines. You will then block possible attacks from vulnerabilities using Security-Enhanced Linux (SELinux) and use Network Bound Disk Encryption to securely decrypt your encrypted boot volumes unattended. You will also use USBGuard to implement basic whitelisting and blacklisting to define which USB devices are and are not authorized and how a USB device may interact with your system. You will also learn how to deploy opportunistic IPsec to encrypt all host to host communication within an enterprise network. Throughout your investigation of the security issues in your systems, you will utilize the improved audit logs and learn how to use the Audit Intrusion Detection Environment (AIDE). You will also learn how to create a single sign-on environment for all your linux servers using Red Hat Identity Management and learn about GNU Privacy Guard (GPG) which can be used to identify yourself and encrypt your communications. You will also have a chance to learn how to use firewalld to dynamically manage firewall rules. Finally, you will make multiple configuration changes to your systems across different versions of Red Hat Enterprise Linux running in your environment, in an automated fashion using Red Hat Ansible Automation, using the Systems Roles feature.

Ansible: Automation and Security as Code Lab

Alex Jacocks, Alex Jacocks, Senior Solutions Architect, Red Hat

Build playbooks to build in security, empower junior staff and offload senior staff, and automate your most tedious tasks!

What you will learn:

  • Running ad-hoc commands
  • Writing a playbook
  • Install and configure Ansible Tower
  • Templates and Security.

Overview

Today is meant for anyone who has any exposure to Ansible, whether you have used it or not. We are going to start with a short overview (yes, slideware) and then we’ll get into the lab as soon as possible. That is where we will spend most of our time. Your Responsibilities Have a discussion. This will be boring if it’s just us up here talking for over 4 hours. Participate. We are going to cut you loose with Ansible here in just a little while. Have questions. Have opinions. Hopefully you have your laptop with you. If not, please find a shoulder-surfing buddy. See? Not only can we dig into Ansible but you can make a new friend!

Container Security Lab

Matthew Miller, Senior Solution Architect, Red Hat

Learn how to scan, secure and leverage properties in the Linux kernel like seccomp, namespaces, ccgroups to secure your docker containers.

What you will learn:

  • Cockpit
  • CGroups
  • Namespaces
  • Seccomp
  • SELinux

Overview

Today is meant for anyone who has any exposure to Containers, whether you have used them or not. We are going to start with a short overview (yes, slideware) and then we’ll get into the lab as soon as possible. That is where we will spend most of our time.

Securing Your Software Supply Chain with DevSecOps

Manny Evangelista, Solutions Architect, Red Hat
Mike Surbey, Solutions Architect, Red Hat

What you will learn:

  • A tiny bit of Jenkins
  • Automating the development process
  • Trusted Software Supply Chain

Agenda

  • Introductions and Agenda
  • Familiarization with the Environment
  • Setting the Context

Overview

In this workshop, you'll be building a Secure Software Factory for a Java based website leveraging several containerized tools such as Gogs, Nexus, Jenkins, Sonarqube, and Che hosted on the OpenShift Container Platform

OpenShift Security Lab

Brad Sollar, Solutions Architect, Red Hat
Jonathan Van Meter, Solutions Architect

Learn about secrets and how to Secure your microservices and containers by using and extending Linux scanning features, SCC, Seccomp and the security API.

What you will learn:

  • SELinux
  • Openshift deployment
  • SCC
  • Seccomp
  • Security API
  • Overview

    Today is meant for anyone who has any exposure to Containers, whether you have used them or not. We are going to start with a short overview (yes, slideware) and then we’ll get into the lab as soon as possible. That is where we will spend most of our time.