filmov
tv
Protecting Secrets, Invisible Source Code, and Infrastructure Access Control
Показать описание
Welcome to the OWASP Vancouver chapter Youtube channel. We are located in the beautiful province of British Columbia, on the West Coast of Canada.
Our mission is to enrich Vancouver’s application security community. We hope you can join us in accomplishing that.
Protecting Secrets, Invisible Source Code, and Infrastructure Access Control
The Trouble With Secrets
By: Dylan Ayrey
What are the challenges to moving to a SaaS and cloud native world? I'll give you a hint, it starts with AKIA. The glue holding all our cloud and SaaS providers together are a proliferating pile of API keys that leak out of data like water out of a sieve. I'll be talking about some open source tools you can use to help identify leaky keys, as well as share some techniques that are helpful to find them.
Invisible Source Code
By: Amiran Alavidze
Mul-ti-pass: Managing Your Infrastructure Access
By: Bruce Macdonald
How do you manage access to your most critical resource, your infrastructure? In this presentation I will outline different methods of infrastructure access control. Starting from the basics of certificate management I will summarize some best practices and pitfalls. To finish I will demonstrate some modern solutions that allow for simple auditing and access control.
Speaker Bio: Bruce is a software engineer at Infra. Infra is identity & access management for infrastructure, starting with Kubernetes. We are creating a platform for developers to securely manage access for their entire infrastructure.
Recorded date: Thursday, February 17, 2022
You can find us:
MARS Slack: #owasp-vancouver
Our mission is to enrich Vancouver’s application security community. We hope you can join us in accomplishing that.
Protecting Secrets, Invisible Source Code, and Infrastructure Access Control
The Trouble With Secrets
By: Dylan Ayrey
What are the challenges to moving to a SaaS and cloud native world? I'll give you a hint, it starts with AKIA. The glue holding all our cloud and SaaS providers together are a proliferating pile of API keys that leak out of data like water out of a sieve. I'll be talking about some open source tools you can use to help identify leaky keys, as well as share some techniques that are helpful to find them.
Invisible Source Code
By: Amiran Alavidze
Mul-ti-pass: Managing Your Infrastructure Access
By: Bruce Macdonald
How do you manage access to your most critical resource, your infrastructure? In this presentation I will outline different methods of infrastructure access control. Starting from the basics of certificate management I will summarize some best practices and pitfalls. To finish I will demonstrate some modern solutions that allow for simple auditing and access control.
Speaker Bio: Bruce is a software engineer at Infra. Infra is identity & access management for infrastructure, starting with Kubernetes. We are creating a platform for developers to securely manage access for their entire infrastructure.
Recorded date: Thursday, February 17, 2022
You can find us:
MARS Slack: #owasp-vancouver
1:19:59
0:04:27
0:04:06
0:08:31
0:10:08
0:00:15
0:07:09
0:16:04
0:04:38
0:11:51
0:10:38
0:08:12
0:12:46
0:12:49
0:24:45
0:01:53
0:10:52
0:02:07
0:11:01
0:05:40
0:05:39
0:03:51
0:04:30
0:04:03