Security Symposium
Active defense for a Hybrid Cloud centric approach

Join the Security Symposium, where cybersecurity professionals can learn and network with Red Hat® security experts, partners, and industry peers to solve IT security issues together as a community.

The Security Symposium is a half-day event with industry experts where attendees can discuss hybrid cloud security challenges organizations face and solutions to tackle these challenges. 


Why attend:

Security teams increasingly find it challenging to keep up with the complexity of changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, Kubernetes, software-defined infrastructure, and cloud technologies.

As traditional infrastructure evolves to a mix of bare-metal, virtual, cloud, and container environments, learn how you can maintain security, governance, and compliance, while reducing risk.


Who should Attend:

ITDMs, IT Operations leaders, IT Ops/System administrators, Enterprise Architects, Developers, Dev(Sec)Ops professionals, CISOs, and security professionals focused on securing their organization’s infrastructure and applications. 


Time (CEST)


11:00 - 11:45 Keynote: Tackling security in the world of containers , hybrid cloud, and DevSecOps
Lucy Kerner, Director, Security Global Strategy and Evangelism, Red Hat
11:45 - 12:30 Discussing security challenges in a cloud-native world with BP and AT&T
Rupesh Chokshi, Vice President, AT&T Cybersecurity
Paul Costall, Head of Application Engineering Services, BP
Hosted by: Lucy Kerner, Director, Security Global Strategy and Evangelism, Red Hat
Dave Sirrine, Solution Architect, Red Hat
BP & AT&T will share lessons learned on how they tackle hybrid cloud security, DevSecOps, and people & process challenges
12:30 - 13:00 Implementing a secure hybrid cloud using security and compliance automation
Lucy Kerner, Director, Security Global Strategy and Evangelism, Red Hat
Security becomes more time consuming and complex in a hybrid cloud as additional workloads are deployed as physical hosts, virtual machines and containers, across increasing numbers of on-premise and cloud environments. This session will cover how a combination of Ansible and Red Hat technologies can help simplify and improve security and compliance in the hybrid cloud at scale.
13:00 - 13:30 Data security in hybrid cloud
Mark Thacker, Product Manager, Red Hat
Uday Boppana, Sr. Product Manager, Red Hat

Data security, from secure foundation provided by RHEL which Red Hat storage is built on top of to provide data security for hybrid cloud across the stack

13:30 - 14:00 Securing containers and Kubernetes in hybrid cloud
Kirsten Newcomer, Director, Cloud and DevSecOps Strategy, Red Hat
Wei Dang, Sr. Director Product Management, Red Hat

How to secure containers and Kubernetes in hybrid cloud to build, run, and deploy containerized applications securely across the entire container lifecycle

14:00 - 14:30 Demystifying DevSecOps practices and tooling in container environments
Dave Meurer, Principal Solution Architect, Security Partners, Red Hat
Neil Carpenter, Solution Architect, Red Hat

How do you build containerized apps more securely with RH and Partners

14:30 - 15:00 Deep Dive Demo: Protecting cloud-native applications with Red Hat Advanced Cluster Security for Kubernetes.
Chris Porter, Director of Solutions Architecture, Red Hat

How do you adapt security practices for a containerized hybrid cloud environment? Workloads are temporary. Traditional security tools often don’t work for cloud-native technologies. Security needs to be declarative, built-in, and automated. Apps need to be natively more secure. Security needs to shift left in the application life cycle. But how do you put DevSecOps principles into practice?

15:00 - 15:30 Maintaining compliance and governance in hybrid cloud
Jason Burrell, OpenShift Security Lead, Red Hat
Umoja Thomas, Compliance Manager, Red Hat

How to maintain compliance and governance in hybrid cloud with real life examples from OpenShift Dedicated SRE security and cloud compliance teams

15:30 Closing


Date: July 13, 2021
Time: 11:00 AM - 3:30 PM (GMT+02:00) Brussels, Copenhagen, Madrid, Paris

(Registration opens 30 minutes earlier)

If you have any question, send us an email.

Session abstracts

Presenter(s): Red Hat Open Innovation Labs and Red Hat Consulting Services

Abstract: Red Hat Open Innovation Labs and Red Hat Consulting Services share lessons learned on how they helped customers tackle hybrid cloud security, DevSecOps, and people & process challenges.

Presenter(s): Uday Boppana + Mark Thacker

Abstract: Data security practices and assumptions are challenged when moving your workloads to the hybrid cloud. Are you aware of what they may be? In this overview session, we will explore these challenges as we look at data at rest, in motion and in use within the hybrid cloud. We’ll explore the topics of access control, confidentiality and integrity of data and what may differ in a hybrid cloud use case. Finally, we’ll discuss how the Red Hat product portfolio can help you to address some of these challenges as well as what are future areas of development.

Presenter(s): Kirsten Newcomer+ Wei Lien Dang

Abstract: Containers and Kubernetes introduce both security challenges and advantages. One of the security advantages of containers and Kubernetes is they can be treated as immutable – what’s running should never be patched or changed but rather destroyed and recreated from a common template when new updates are needed.

Simultaneously, the distributed nature of containerized applications across hybrid environments can make it challenging to monitor and investigate which running workloads might have vulnerabilities, may be misconfigured, or pose the greatest risks to your organization.v In this session, we will discuss some of the security challenges you’re likely to encounter when using containers and Kubernetes, especially in production and at scale. We will also show you how to get the most out of the security capabilities built into Red Hat OpenShift and how to get started with integrating security into each phase of the container lifecycle -build, deploy, and run - by helping you:

- build security into your infrastructure and software development pipeline
- configure platform and workload deployments following security best practices
- protect infrastructure and workloads from threats at runtime

Presenter(s): Dave Meurer + Neil Carpenter

Abstract: Like DevOps, DevSecOps is composed of equal parts culture and process as well as tooling. DevSecOps is founded on the idea that security is a shared responsibility across the engineering and security teams.

The tools and processes the teams use to protect containerized applications must imbue DevSecOps principles by implementing security earlier in the container life cycle, integrating and automating security into existing developer workflows, and empowering developers as security users.

In this session, we will discuss how you can leverage Red Hat and its partner ecosystem to integrate DevSecOps principles in order to build, deploy, and secure containerized applications. You will learn about the tools and processes that will help you:

- Integrate and automate security for containers
- Enable developers to implement security controls
- Secure your pipelines and software supply chain
- Enhance collaboration between security and developer teams

Presenter(s): Jason Burrell + Umoja Thomas

Abstract: In this session, Red Hat’s Site Reliability Engineering(SRE)-Platform Security and Service Delivery Compliance teams will discuss how we work to maintain, expand, and mature our compliance efforts for Red Hat’s OpenShift as-a-Service platforms.

Specific topics we will cover include:

- Challenges with existing security and compliance technical debt
- Challenge with new technologies and older compliance requirements
- Differing and (sometimes) conflicting scope and requirements for certifications
- Maturing the vulnerability management life-cycle
- Applying experience to filter noise
- Adapting to changing demands of users
- Maintaining risk while reducing friction