| PRESENTERS: | Robert Zigweid, Director of Services for IOActive, and David Baker, Chief Security Officer for Okta |
| PRESENTATION: | Cloud Security Through Threat Modeling |
| CONFERENCE: | Cloud Security Alliance Congress |
| LOCATION: | The Rosen Centre Hotel, Orlando, Florida, USA |
| DATE & TIME: | Thursday December 5, 2013 at 10:15am |
| INFO: | http://www.cloudsecuritycongress.com |
One of the most effective tools developers can implement in their security development lifecycle programs is threat modeling. Robert and David will discuss how effective threat modeling techniques enable developers to uncover security vulnerabilities before code is even written. Together they will reveal how threat modeling also applies to cloud environments. Whether building a hybrid model, purely commodity cloud, or Virtual Private Cloud (VPC) environment, threat modeling helps identify the attack surface area and likely threat vectors. Finally, they will explain to attendees that threat modeling allows developers and operations personnel to address vulnerabilities as enterprises migrate to the cloud.
About Robert Zigweid
As IOActive’s Director of Services, Robert Zigweid has extensive experience working with multinational ecommerce companies and online retailers helping them with PCI and PA-DSS engagements. Zigweid’s field work uniquely positions him to discover and solve compliance, network, and application problems that threaten companies’ business goals and assets. In addition, he also excels at threat modeling architecture systems assessment.
About David Baker
David Baker is the Chief Security Officer at Okta. As CSO, David is responsible for the security of Okta’s service, helping the company focus on customer success by solving the security challenges enterprises face as they evolve operations into the cloud. He brings to the company more than 20 years of information and security architecture experience. Before joining the company, he served as vice president of services at IOActive, where he managed the technical staff, provided consulting services to the company’s Fortune Global 500 customers and was responsible for ensuring complete customer satisfaction. Prior to IOActive, Baker held a variety of engineering and security leadership roles at VANTOS, WebEx, LoudCloud and NASA’s Ames Research Center.
About Cloud Security Alliance Congress
The CSA Congress is the industry’s premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering best practices and practical solutions for remaining secure in the cloud, CSA Congress will focus on emerging areas of growth and concern in cloud security, including standardization, transparency of controls, mobile computing, Big Data in the cloud and innovation.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established pedigree in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment through to semiconductor reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA and Asia Pac regions. Visit www.ioactive.com for more information.
-###-