Automated infrastructure security monitoring and defence

Name: Automated infrastructure security monitoring and defence
Start: 2017-02-23T00:00:00Z
Location: Fairmont Hotel, Raffles City Convention Centre, Singapore

Abstract

Monitoring for application attacks and defending them in real-time is crucial. Crunch through all the logs from the various sources (web servers, applications, waf etc.) to gain insights from anomalies in real time. Making the right choices from the attacks can prove to be a nightmare. Even with the solutions already available in the market.

In this training we can see attacks happening in real time using a centralised dashboard. By collecting logs from various sources we will monitor and analyse the attacks. Using data gleaned from the logs, we can apply defensive rules against the attackers. We will be using open source technologies to build this monitoring solution.

Training attendees will receive a comprehensive walk-through E-book, Ansible Playbooks, custom scripts and best practices check-lists.

Date

Thursday, 23 Feb 2017 00:00 UTC

Event

DevSecCon Asia 2017

Location

Fairmont Hotel, Raffles City Convention Centre, Singapore

Tweets

Find out how to monitor for application attacks and defend them in real-time, in our workshop at #DevSecCon Asia https://t.co/Zj696Y9NDE pic.twitter.com/CBxT1sjV8k
— DevSecCon (@devseccon) February 13, 2017

Madhu Akula

Never Ending Learner!

Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, OWASP, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26, 27, 28, 29, 30), BlackHat (2018, 19, 21, 22 & 23), USENIX LISA (2018, 19 & 21), SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018, 19, 22), All Day DevOps (2016, 17, 18, 19, 20, 21 & 22), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18 & 20), Nullcon (2018, 19, 21 & 22), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.