AppSec Europe 2014: Full Schedule

Welcome to the full schedule of the OWASP AppSec Research EU 2014 conference days

13:50 BST

Barbican: Protect your Secrets at Scale

For sys admins, your servers hold many pieces of sensitive information, whether they are iron, virtual or cloud boxes. These keys to your kingdom need protection but must also also allow for infrastructure at scale. Application Security current best practices talk about key management, key rotation but have little to no practical advice beyond policy and general statements.

This presentation discusses a proposed solution for key management, named Barbican, an open source project that is part of OpenStack. Its goal was to build a secure, Cloud-ready key management solution. Barbican can be used by OpenStack implementors or anyone willing to run a server or two. This talk will walk through the current state of Barbican, its technical architecture, how to use it as an internal or cloud service and demonstrate our current proof of concept implementation.

Speakers

Matt Tesauro

Senior AppSec Engineer, Duo Security

Matt Tesauro is currently a Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security. Prior, he worked full-time for the OWASP Foundation, adding automation and awesome to OWASP projects as the Operations Director. Previously, he was... Read More →

Thursday June 26, 2014 13:50 - 14:40 BST
LAB003

DevOps Track, DevOps

Company 80

AppSec Europe 2014

13:50 BST

Matt Tesauro

Recently Active Attendees