Sunday, May 21, 2017

A summary of my security sessions and lab at the 2017 Red Hat Summit

Hi everyone! Good times again at Red Hat Summit. This year at the 2017 Red Hat Summit, I presented 1 lab, 1 break out session, and 2 lightning talks all related to Security across Red Hat's products. This year we also had a Red Hat security focused booth at Red Hat Summit as well! Here is a summary of the title and abstract of my sessions and lab. My breakout session was rated in the top 10 of all Summit sessions. I was therefore awarded Top Presenter for this session. Also, our lab at the 2017 Red Hat Summit, which I worked on with 4 other Red Hatters (Patrick Rutledge, Nate Stephany, Kevin Morey, and Will Nix) was rated as the highest rated lab of all the instructor led labs at Red Hat Summit in 2017 with a perfect rating of '5' for both quality and delivery of content from all the surveys from the lab attendees. So we were therefore also awarded Top Presenter(s) for our lab. It was a great year at Summit!

For those of you that missed Red Hat Summit 2017,  you can see details on how to access the slides, doc, and recording as well. 


  • Automating security compliance for physical, virtual, cloud, and container environments with Red Hat CloudForms, Red Hat Satellite, Red Hat Insights, and Ansible Tower by Red Hat
In this talk that I presented at the 2017 Red Hat Summit, you'll learn how to easily provision a security-compliant host and quickly detect and remediate security and compliance issues in physical, virtual, cloud, and container environments. We’ll discuss possible compliance challenges and show how a combination of Red Hat CloudForms, Red Hat Satellite, and Ansible Tower by Red Hat can help you quickly achieve compliance, automate security , and complete remediation. You’ll learn how you can integrate Red Hat CloudForms with Red Hat Satellite and Ansible Tower by Red Hat, as well as use the OpenSCAP integration in Red Hat Satellite, to perform audit scans and remediations at the push of a button on your systems and automate security to ensure compliance against various profiles, such as: 

The U.S. Government Configuration Baseline (USGCB). 
The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG). 
The Centralized Supercomputing Facility (CSCF) baseline. 
The U.S. Government Commercial Cloud Services (C2S) baseline. 
The Certified Cloud and Service Provider (CCSP) baseline. 
Center for Internet Security (CIS) Benchmarks. 
The Payment Card Industry Data Security Standard (PCI DSS) Custom policies. 

You'll also learn how you can use the control and policy engine in Red Hat CloudForms to detect and fix vulnerabilities, such as Shellshock, and learn how to do proactive security and automated risk management with Red Hat Insights. 

The slide deck for this talk can be found here

  • Lab: Proactive security compliance automation with Red Hat CloudForms, Red Hat Satellite, Red Hat Insights, Ansible Tower by Red Hat, and OpenSCAP
In our hands-on lab that was delivered at the 2017 Red Hat Summit, you'll learn how to automate security compliance using a combination of Red Hat CloudForms, Red Hat Satellite, OpenSCAP, Red Hat Insights, and Ansible Tower by Red Hat. Specifically, you'll do a series of exercises to show you how to use Red Hat CloudForms to create control policies, how to automate security scans and remediations using the OpenSCAP integration in Satellite, how to utilize the data provided by Red Hat Insights for security compliance automation, how to use Ansible Tower by Red Hat for automated security remediations, and how to use Red Hat CloudForms as a central place for security compliance automation.


The document for this lab can be found here.  
If you want to try the lab exercises in this lab, our entire lab environment is accessible online in the Red Hat Partner Demo System(RHPDS). Please reach out to your Red Hat account team for access. 

  • Infrastructure Lightning Talk: Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux distribution 
Red Hat isn't just valuable if you need support. In this 2017 Red Hat Summit Infrastructure Lightning Talk, learn why to pick Red Hat Enterprise Linux as your secure operating system foundation.

The slide deck for this talk can be found here.

  • Integration Lightning Talk: Data, Messaging, and Application to Application Security with Red Hat
Can you identify where all of your data is, where it all came from, how it is transported, what application has access to each data set, and what each application does with that data? Are you protecting your data with uniform access control? How do you respond to changing compliance requirements, starting with analyzing the inventory of data stores, access, and application usage? And finally, can you recover from discovering incorrect or inappropriate access, by quickly applying new access control policies or changing what applications do with that data? In this session, learn how a combination of JBoss Data Virtualization, JBoss Fuse, JBoss BRMS, and Red Hat Storage can help you with data protection and help answer these questions.

The slide deck for this talk can be found here.

If you have any questions, feel free to reach out! I'm at lkerner@redhat.com or @LucyCloudBling. 

Talk to you soon!

No comments:

Post a Comment

Security at Red Hat Summit 2018

Security and Red Hat Summit 2018 Join us at Red Hat Summit in San  Francisco this May 8-10, 2018!    We are going to have a great mi...