Speaking Session: ISC2 Congress 2021
In this session, Josh Stella, Fugue Co-Founder and CEO will walk through pen testing your cloud security posture - what it looks like, how to approach it in-house, and how to evaluate vendors to ensure they understand cloud misconfiguration and how to exploit it. This session will provide security professionals with a framework for approaching pen testing cloud environments and feature real-world misconfiguration exploits and actionable information you can use to begin incorporating your cloud attack surface in your pen testing plan.
Developing an Infrastructure as Code Security Strategy
Whether your organization is using IaC at scale or you’re just getting started, IaC security strategy is the key to effective implementation. In this Cloud Security Masterclass, Josh Stella will walk through a strategic framework for thinking critically about your unique use case and how to build your IaC security approach. Specifically, Josh will cover: Defining success criteria and why the developer experience is so critical in achieving your goals quickly. Selecting a policy as code framework among open source options (e.g., Open Policy Agent) and proprietary vendor offerings Aligning all cloud stakeholders (developers, DevOps, security, compliance) with an IaC security approach where everyone works together.