Virtual Event

Security Symposium

On-demand

Overview

Join the Security Symposium, where cybersecurity professionals can learn and network with Red Hat® security experts, partners, and industry peers to solve IT security issues together as a community.

The Security Symposium is a half-day event with industry experts where attendees can discuss hybrid cloud security challenges organizations face and solutions to tackle these challenges. 

WHY ATTEND

Security teams increasingly find it challenging to keep up with the complexity of changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, Kubernetes, software-defined infrastructure, and cloud technologies. As traditional infrastructure evolves to a mix of bare-metal, virtual, cloud, and container environments, learn how you can maintain security, governance, and compliance, while reducing risk.

Virtual event details

Time: Now available on-demand

Date: Aired on July 13, 2021

Any questions? Please email infrastructure@redhat.com

*Available on-demand until one year after event date.

Agenda

Time Session
11:00 a.m. - 11:45 a.m.
Keynote: Tackling security in the world of containers, hybrid cloud, and DevSecOps
Speaker: Lucy Kerner, Director, Security Global Strategy and Evangelism, Red Hat
11:45 a.m. - 12:30 p.m.
Customer Panel: Tackling security challenges in a cloud-native world with BP and AT&T
Speaker(s): Rupesh Chokshi, Vice President, AT&T Cybersecurity
Paul Costall, Head of Application Engineering Services, BP
 
Hosted by: Lucy Kerner, Director, Security Global Strategy and Evangelism, Red Hat
Dave Sirrine, Solution Architect, Red Hat
12:45 p.m. - 1:15 p.m.
Data security in hybrid cloud
Speakers: Mark Thacker, Product Manager, Red Hat  + Uday Boppana, Sr. Product Manager, Red Hat
 
Data security, from secure foundation provided by RHEL which Red Hat storage is built on top of to provide data security for hybrid cloud across the stack
1:30 p.m. - 2:00 p.m.
Securing containers and Kubernetes in hybrid cloud
Speakers: Kirsten Newcomer, Director, Cloud and DevSecOps Strategy, Red Hat + Wei Dang, Sr. Director Product Management, Red Hat
 
How to secure containers and Kubernetes in hybrid cloud to build, run, and deploy containerized applications securely across the entire container lifecycle
2:15 p.m. - 2:45 p.m.
Demystifying DevSecOps practices and tooling in container environments
Speakers: Dave Meurer, Principal Solution Architect, Security Partners, Red Hat + Neil Carpenter, Solution Architect, Red Hat
 
How do you build containerized apps more securely with RH and Partners
3:00 p.m. - 3:30 p.m.
Maintaining compliance and governance in hybrid cloud
Speakers: Jason Burrell, OpenShift Security Lead, Red Hat + Umoja Thomas, Compliance Manager, Red Hat
 
How to maintain compliance and governance in hybrid cloud with real life examples from OpenShift Dedicated SRE security and cloud compliance teams
3:30 p.m. Closing

Location / Time


Location
BlueJeans
Bluejeans
Bluejeans, North Carolina  Bluejeans


Time: X:XX a.m. - X:XX p.m.

Speakers

Hear from our experts

Session abstracts

 

Tackling security in the world of containers, hybrid cloud, and DevSecOps

Presenter(s): Lucy Kerner

Abstract: Security teams are increasingly finding it challenging to keep up with the changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, kubernetes, software-defined infrastructure, and cloud technologies. As traditional infrastructure evolves to a mix of bare metal, virtual, cloud, and container environments, how do you approach security, governance, compliance and reduce risk amid this growing complexity?

Traditional perimeter-based network security does not work in this new world of containers and hybrid cloud. Security teams must rethink their approach to security in this new world with automation and DevSecOps, where security is built-in, continuously addressed, and continuously monitored across the entire application lifecycle, infrastructure lifecycle, and supply chain.

In this keynote, we'll discuss some prescriptive steps you can take to tackle security successfully in this new environment and how Red Hat can help.

 

 

Data security in hybrid cloud

Presenter(s): Uday Boppana + Mark Thacker

Abstract: Data security practices and assumptions are challenged when moving your workloads to the hybrid cloud. Are you aware of what they may be? In this overview session, we will explore these challenges as we look at data at rest, in motion and in use within the hybrid cloud. We’ll explore the topics of access control, confidentiality and integrity of data and what may differ in a hybrid cloud use case. Finally, we’ll discuss how the Red Hat product portfolio can help you to address some of these challenges as well as what are future areas of development.

 

 

Securing containers and Kubernetes in hybrid cloud

Presenter(s): Kirsten Newcomer+ Wei Lien Dang

Abstract: Containers and Kubernetes introduce both security challenges and advantages. One of the security advantages of containers and Kubernetes is they can be treated as immutable – what’s running should never be patched or changed but rather destroyed and recreated from a common template when new updates are needed.

Simultaneously, the distributed nature of containerized applications across hybrid environments can make it challenging to monitor and investigate which running workloads might have vulnerabilities, may be misconfigured, or pose the greatest risks to your organization.

In this session, we will discuss some of the security challenges you’re likely to encounter when using containers and Kubernetes, especially in production and at scale. We will also show you how to get the most out of the security capabilities built into Red Hat OpenShift and how to get started with integrating security into each phase of the container lifecycle -build, deploy, and run - by helping you:

  • build security into your infrastructure and software development pipeline
  • configure platform and workload deployments following security best practices
  • protect infrastructure and workloads from threats at runtime

 

 

Demystifying DevSecOps practices and tooling in container environments

Presenter(s): Dave Meurer + Neil Carpenter

Abstract: Like DevOps, DevSecOps is composed of equal parts culture and process as well as tooling. DevSecOps is founded on the idea that security is a shared responsibility across the engineering and security teams. 

The tools and processes the teams use to protect containerized applications must imbue DevSecOps principles by implementing security earlier in the container life cycle, integrating and automating security into existing developer workflows, and empowering developers as security users.

In this session, we will discuss how you can leverage Red Hat and its partner ecosystem to integrate DevSecOps principles in order to build, deploy, and secure containerized applications. You will learn about the tools and processes that will help you:

  • Integrate and automate security for containers
  • Enable developers to implement security controls
  • Secure your pipelines and software supply chain
  • Enhance collaboration between security and developer teams

 

 

Maintaining compliance and governance in hybrid cloud 

Presenter(s): Jason Burrell  + Umoja Thomas

Abstract: In this session, Red Hat’s Site Reliability Engineering(SRE)-Platform Security and Service Delivery Compliance teams will discuss how we work to maintain, expand, and mature our compliance efforts for Red Hat’s OpenShift as-a-Service platforms.

Specific topics we will cover include:

  • Challenges with existing security and compliance technical debt
  • Challenge with new technologies and older compliance requirements 
  • Differing and (sometimes) conflicting scope and requirements for certifications
  • Maturing the vulnerability management life-cycle
  • Applying experience to filter noise
  • Adapting to changing demands of users
  • Maintaining risk while reducing friction