Security Symposium

Overview

Securing your enterprise from the ground up

Join the Security Symposium, where IT security professionals can learn and network with Red Hat® and Intel security experts, partners, and peers to solve security issues together as a community.

The Security Symposium is a full-day event with presentations from experts and a Q&A panel with all speakers. Attendees will learn about hybrid cloud security challenges organizations face and solutions to tackle these challenges.

Why attend

Security teams increasingly find it challenging to keep up with the complexity of changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, Kubernetes, software-defined infrastructure, and cloud technologies. As traditional infrastructure evolves to a mix of bare-metal, virtual, cloud, and container environments, learn how you can maintain security, governance, and compliance, while reducing risk.

During this event, we’ll cover:

Enabling Confidential Computing
Container Security Concepts
Compliance Automation
Secrets Management in dynamic environments
Zero Trust and Supply Chain Security
DevYesOps
And much more

Virtual event details

Time: 10:00 AM - 3:00 PM ET

Date: Wednesday, July 20, 2022

*The link to join virtually will be sent to registrants via email before the event.

Any questions? Please email Infrastructure@redhat.com

This event has ended. For information about the event, or registration for the next event, please contact the event registration service.

Agenda

SESSION	TIME
Welcome Matt Smith, Managing Architect, Northeast Regional Office of Technology, Red Hat	10:00 AM
Enabling Confidential Computing for Red Hat OpenShift® with Intel® Software Guard Extensions (Intel® SGX) Phil King, Cloud Solutions Architect, Intel This session will provide an overview of Confidential Computing and it can be enabled in Red Hat® OpenShift®. with Intel® Software Guard Extensions (Intel® SGX). Confidential computing protects data while in use, using a hardware and software stack based on a CPU root of trust, to isolate sensitive data and code. The session will highlight use cases such as secure enclaves and DevSecOps from partners like Fortanix, Anjuna, and HashiCorp.	10:00 AM – 10:30 AM
Container Security Concepts with Podman and RHEL for Edge Dan Walsh, Senior Distinguished Engineer, Red Hat Podman (Pod Manager) has continued to evolve over the last year with many new features and heightened popularity. This talk will cover the new features including Podman on MAC and Windows, Podman as a service, and new security features added to Podman on RHEL. The talk will also explain key features that make Podman the ideal tool for running Podman containers on RHEL for Edge devices.	10:30 AM – 11:15 AM
From Juggling Acts to Compliance Automation Andrea Hall, Senior Specialist Solutions Architect, Red Hat Memorable cyber attacks and emerging policies highlight the importance of not just ensuring our systems meet our security baselines, but how we ensure our systems remain configured to the required specifications over time. Organizations are challenged by the rapid evolution of cybersecurity compliance requirements and regulatory scrutiny, continuously juggling multiple priorities. To help alleviate these burdens, Red Hat is developing and codifying technical standards to provide solutions that are at the same time turn-key and customizable with compliance automation. In this session, we will be exploring the capabilities Red Hat brings to bare in the compliance space via Ansible, Insights, and Satellite, as well as the direction towards codifying and automating a variety of common industry compliance standards such as the DISA STIG, CIS, PCI-DSS, etc. to provide the following benefits: Visibility and reporting through tools like Red Hat Insights, Red Hat Satellite, and the OpenShift Compliance Operator Automation, remediation, and continued validation through collaboration with the compliance as code community.	11:15 AM – 12:00 PM
Lunch Break	12:00 PM – 12:45 PM
Secrets Management in dynamic environments Uzi Ailon, VP, DevSecOps Solutions, CyberArk This talk will discuss the critical area of Secrets Management in the emerging landscape of dynamic environments. Secrets management – Market, Risks and Trends CyberArk Secrets Manager solution in Red Hat environments Overview Technical description Advantages How to build secrets management program to the enterprise	12:45 PM – 1:30 PM
The Big Bang! Zero Trust AND Supply Chain Security Kirsten Newcomer, Director, Security Product Management, Hybrid Platforms, Red Hat We live in an interconnected world where information is only a tap, swipe, or click away. This degree of access, whether it be from within the largest cities or the most remote locations, is enabled by the adoption of cloud-native technologies which make it easier to deliver solutions for the data center and the edge. These solutions enable increased delivery speeds and accessibility, driving new opportunities for business and personal use alike. However, easier access requires that we pay close attention to securing the applications and data that drive business value. How do you get closer to the end consumer while providing a secure experience for both the operator managing the solution and the end consumer? In this session, attendees will learn key considerations for securing the software supply chain AND for implementing a zero trust deployment. We will cover the types of security controls that should be applied, the tools that can be used, and how to automate safe development and operations.	1:30 PM – 2:15 PM
DevYesOps Dave Sirrine, Principal Solutions Architect, Red Hat With the increasing complexity of modern application project management, security teams are often finding themselves in the position where they have to delay delivery while they try to “play catch up” and understand the risks and exposure of projects. While this may be frustrating to the project teams, it’s equally frustrating for the security teams as they look to apply an ever changing set of regulations and policies. In this session, attendees will learn from the experiences of two of Red Hats technical field resources, Andrew Block and Dave Sirrine, on how to reduce friction and get to “yes” faster by engaging key security stakeholders early and often. Upon completion of this session, attendees will have a fundamental understanding of a typical DevSecOps delivery pipeline, as well as the confidence in understanding the stakeholders that should be including in every step of the delivery process, how to present the information to those stakeholders, and empowered to encourage a “fail early, fail fast, fail loud” method of delivery.	2:15 PM – 2:45 PM
Q&A Panel All speakers	2:45 PM – 3:00 PM

Location / Time

Location:
BlueJeans
Bluejeans
Bluejeans, North Carolina Bluejeans

Time: X:XX a.m. - X:XX p.m.

Speakers

Matt Smith

Matt Smith
Managing Architect, Northeast Regional Office of Technology, Red Hat

As Managing Architect, Matt runs the Northeast Regional Office of Technology, leading teams of I.T. strategists and technical specialists to help Red Hat customers achieve their key business transformation initiatives through open source architectures and technologies. He regularly advises Fortune 100 enterprises across a wide range of industries, on topics such as Digital Transformation, IT Modernization, and the changing landscape of Security and Risk. Matt joined Red Hat in 2013, bringing two decades of IT experience ranging from development and system administration to management, strategy, and architecture. Matt has knowledge in many areas of technology, with a particular interest in Identity & Access Management and Managing the Risk of Change, and greatly enjoys bringing Open Source solutions to the Enterprise.

Dan Walsh

Senior Distinguished Engineer, Red Hat
Daniel Walsh has worked in the computer security field for over 40 years. Dan is a Senior Distinguished Engineer at Red Hat. He joined Red Hat in August 2001. Dan is the lead architect of the Red Hat Container Runtime Engineering team. Dan has been working on container technologies for 17 years. Dan focusess on the CRI-O Container Runtime for Kubernetes, Buildah for building container images, Podman for running and managing containers, containers/storage and containers/image. He has led the SELinux project, concentrating on the application space and policy development. Dan helped develop sVirt, Secure Virtualization as well as the SELinux Sandbox. Dan has a BA in Mathematics from the College of the Holy Cross and a MS in Computer Science from Worcester Polytechnic Institute.
Twitter: rhatdan Blog: danwalsh.livejournal.com Email: dwalsh@redhat.com

Andrea Hall

Senior Specialist Solutions Architect, Red Hat
Andrea Hall is a Senior Specialist Solutions Architect for Red Hat’s North American Public Sector. Before her career at Red Hat, she worked as a cyber intelligence analyst and provided digital forensic services to law enforcement officers. She has an MA in Organizational Leadership from Chapman University and a degree in Social Work. Andrea is currently focused on leading security and compliance initiatives to benefit the public sector and regulated industry.

Kirsten Newcomer

Director, Security Product Management, Hybrid Platforms, Red Hat
Kirsten leads the hybrid platform security product management team. Kirsten works closely with Red Hat’s many security professionals across the Red Hat portfolio of enterprise-ready open source offerings. Kirsten is a diversified software management professional with 20+ years of experience in security, application development and infrastructure solutions. Prior to joining Red Hat, Kirsten provided strategic direction for Black Duck’s open source security and governance solutions.

Uzi Ailon

Vice President, DevSecOps Solutions, CyberArk
With over 25 years of experience in the software engineering industry, 15 of them focused on customers and sales, Uzi bring about vast experience in all aspects of a software development lifecycle, security and devOps, together with a strong understanding of fortune 500 companies’ business objectives.
Uzi, who leads a global team of technical and sales specialists, in the field of security and devOps, speaks regularly at devOps and security events, shares his overview on the market trends, technology, security and how to build secure and efficient processes in global devOps organizations.

Phil King

Technical Solution Specialist, Intel

Phil King is a 21-year Intel veteran and has almost 30 years of experience in Enterprise IT, ranging from PC migration / installation to solution engineering for very large enterprise deployments. More recently, Phil has made security his area of focus, highlighting things like confidential computing and platform trust.

Phil’s certifications and credentials include Intel Product Assurance and Security White Belt & Yellow Belt (HW & SW), Intel Solutions Pro – Cloud Fundamentals, Intel Partner Pro - AI Foundations, CompTIA Network+ Certification. Older certs include Novell CNE, Cisco CCNA/CCDA, and Slackware Linux administration.

Dave Sirrine

Principle Solution Architect, Red Hat
Dave is a Principal Solution Architect with experience across sundry industries and leads the internal Red Hat Global Security Community of Practice where he collaborates closely with many of Red Hat’s security professionals. Dave also brings a broad base of knowledge across multiple technology disciplines developed over 25 years in the IT industry.