Whether you want to build the software, run it, grow the community or just learn more about it, there will be content, workshops and design sessions for you to attend at the OpenStack Summit, Oct 15-18 in San Diego. Stick around Friday for the first OpenStack service day, a 1/2 day beach cleanup.

Register now! openstacksummitfall2012.eventbrite.com
Back To Schedule
Thursday, October 18 • 9:50am - 10:30am
Delivering Secure OpenStack IaaS for SaaS Products

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

For many of the same reasons that software-as-a-service is catching on with enterprise buyers, delivering web services on top of infrastructure-as-a-service architectures is appealing to the SaaS developers. Operational agility, lower CapEx, and a broad array of tools and services are on tap that make both public and private IaaS clouds a great platform to build on.  But how do you do this securely, especially in the public cloud where you have no access to the network or hypervisor your servers are running in?

Furthermore, for many SaaS providers, the person charged with security considerations isn’t a CSO or IT specialist, but rather, a “DevOps” guru – someone with their hands in both development and operations. While the traditional security professional is focused on compliance and security rules, this new crop is more concerned with continuous development and high availability.

In this session, CloudPassage Chief Evangelist, Andrew Hay, will break down the top security considerations that are specific to the cloud and offer practical steps for securing cloud-based application development. He’ll also address the following:

  • Why perimeter-centric and hypervisor-based security doesn’t work in the cloud
  • Which components of cloud security are the customer’s responsibility and which belong to the service providers
  • Which layers of security are the must-haves for those just getting started
  • Why the cloud server itself has to be self-defending (i.e. if you put a server out into the cloud, usually it’s being attacked within 30 minutes)

avatar for Andrew Hay

Andrew Hay

Chief Evangelist, CloudPassage, Inc.
Andrew Hay is the Chief Evangelist at CloudPassage, Inc. where he serves as the public face of the company and its cloud server security product portfolio. Prior to joining CloudPassage, Andrew served as a Senior Security Analyst for 451 Research's Enterprise Security Practice (ESP... Read More →

Thursday October 18, 2012 9:50am - 10:30am PDT
Manchester E

Attendees (0)