Overview
Explore a comprehensive conference talk from BSides Indianapolis 2018 that delves into securing privilege in cloud and DevOps workflows. Learn about the evolving landscape of cybersecurity, the challenges posed by cloud adoption, and effective strategies to mitigate risks. Discover the importance of accountability, SAML 2.0 issues, and the concept of GoldenSAML. Gain insights into securing access keys, managing secrets, and implementing best practices in DevOps environments. Understand the critical distinction between identity and security, and explore the concept of application identity. Acquire knowledge about free tools and resources to enhance your organization's security posture in the rapidly changing digital landscape.
Syllabus
Introduction
The world has changed significantly
More and more breaches occur
The process remains the same
The old way
The cloud makes life easier
Responsibility differences
How to fix it
No Accountability
Create a Strategy
SAML 20 Issues
Cyberark Labs
GoldenSaml
Security Tenants
Access Keys
Secrets
How to Secure
DevOps Tools
Good Practices
Managing Secrets
Orchestration
Processes
Identity vs Security
Application Identity
The Most Important Part
Free Tools
DNA
Cyberark