2016 BSides Las Vegas OWASP Assimilation Talk

I’m excited to be giving my first ever talk at a security conference at the 2016 BSides Las Vegas Security Conference. The title of the talk is Automating Security with the OWASP Assimilation Project. It’s on August 2nd 2016 at 11 AM.

Here’s what I promised to talk about…

2016 BSides Las Vegas: Automating Security with the OWASP Assimilation Project

IT shops have trouble reliably doing the basics well.

  • 30% of all break-ins come through systems not in inventory, 30% of servers are doing nothing useful,
  • Getting systems hardened is difficult
  • 70% of people who get into compliance with PCI-DSS aren’t in compliance a year later
  • Remediation of known serious patches happens slowly if at all
  • 90% of all sites have suffered from outages of services which aren’t monitored
  • Keeping a suite of helpful tools correctly configured over time is time-consuming and expensive.

Then of course, there’s the problem of demonstrating to upper management that you’re actually making progress against a formidable task. These are the problems the OWASP Assimilation project addresses.

It compares security configuration against best practices, keeps network-facing checksums up to date, provides attack surface visualization, alerts on events, and improves availability through monitoring systems and services. It does all these things with near-zero configuration.

This talk will give an overview of the project and a live demo.

About Alan Robertson

For those of you who don’t know me, I’ve spent over 30 years writing software. Most of that software was tools to help system administrators and developers. I’ve had an active interest in security for most of these years. I’m best known for creating the Linux-HA (now called Pacemaker) project – which improves availability for hundreds of thousands of servers all over the world. I led that project for about 10 years. More recently I’ve cast my eye on a broader set of IT problems – and the Assimilation project is the result. I’m a big believer in automation – and hate manual configuration and having humans do things that computers do much better.

About the OWASP Assimilation Project

The open source Assimilation Project has recently affiliated itself with OWASP to reflect its growing emphasis on security. So the OWASP Assimilation project is the same exact project and code as it’s always been – with a new affiliation and an extra word in the name ;-).

If you’re going to be in Las Vegas and are interested in security from an operational perspective, I highly recommend that you come learn more about the OWASP Assimilation project. The issues we address are important and broad, the technology is unique and really cool, and people have fun at my talks

Date: August 2, 2016
Time: 11:00-11:45
Event: 2016 BSidesLV: Automating Security with the OWASP Assimilation Project
Topic: Automating Security with the OWASP Assimilation Project
Sponsor: BSides Las Vegas
Venue: Tuscany Suites and Casino
+1 702-893-8933
Location: 255 East Flamingo Road
Las Vegas, Nevada 89169
USA
Public: Public
Registration: Click here to register.

SLC DevOpsDays 2016 – Come Get Assimilated!

2016 DevOpsDays SLC 2016 SLC DevOpsDays 2016

In June, I’ll be giving a talk at SLC DevOpsDays 2016 (Salt Lake City) – about the intersection of DevOps and security. This is a challenging space, since security has trouble keeping up with “normal” IT, and one of the common goals of DevOps is greater velocity – more changes faster. At SLC DevOpsDays 2016, I’ll be giving practical how-to talk, where you can learn how to begin securing your systems in 15 minutes, andwill cover two new features I’ve never demonstrated or talked about before – detailed Docker discovery, and subgraph queries. Although I have a blog post on Docker discovery, I haven’t talked about our new canned subgraph queries. They help you understand and visualize how all your servers and networks are related to each other.

2016 DevOpsDays SLC 2016I am excited to be presenting at the 2016 DevOpsDays SLC (Salt Lake City) conference on 14-15 June. This will be a “show me” talk – it’s basically a 30 minute how-to on getting started hardening your servers using Assimilation Cybersecurity. This is quite a bit different from most of my past talks – there’s not enough time for a deep technical overview and good how-to information. Instead it’s concentrated on the kind of practical stuff you can go home and do yourself. What a treat to get to present there this year!

2016 DevOpsDays SLC Assimilation Talk and Demo

Cybersecurity is in the news almost every day. It’s not just getting the attention of the technical folks in the trenches, it’s getting the attention in the boardroom. It’s also an area that the DevOps culture hasn’t spent as much attention on as we have on testing and automation. This talk is about how to make things better and keep them there – showing you how to get started in 15 minutes.

Making your systems more secure is a daunting task – the average system has something like 100 ways it’s out of step with hardening best practices. If you have 1000 systems, that means you have something like 100,000 problems – it’s overwhelming! There’s also understanding your attack surface (the ways an intruder can enter your systems) – how to understand and minimize it. This talk will cover these things:

  • How to know what you need to do to harden your systems
  • How to triage, manage and track the hardening process – and show your boss what great progress you’re making
  • How to keep your systems hardened after you get there
  • How to visualize and understand your attack surface

Be There: Resistance is Futile!

If you miss the talk, you can see a demo on our web site, or a video of one our past technical talks (slides here), and  learn how to do many of the things I will cover in the talk (and more) from these blog posts:

Look forward to seeing you there!

Date: June 14, 2016—June 15, 2016
Event: 2016 DevOpsDays SLC - Security Automation for DevOps
Topic: Security Automation for DevOps
Venue: Church and State
801-860-3372
Location: 370 South 300 East
Salt Lake City 84111
USA
Public: Public
Registration: Click here to register.
More Info: Click here for more information.

Assimilation Talk at the 2016 DevOps Rockies Conference

2016 DevOpsDaysRox 2016 DevOps Rockies Conference

I just got back from the 2016 DevOpsDaysRox conference last week. I’d like to talk a little about my presentation on the Assimilation suite from the cybersecurity perspective, and how what I learned and heard at the conference will influence future Assimilation development – particularly regarding Docker. After the conference, Docker even entered my dreams, morphing into how best to support it in Assimilation. It was a bit surreal, but so was giving my talk – which I’ll explain a bit later in this article.

Last Thursday, I had the privilege of speaking at DevOpsDaysRox (Rockies) at the Fortrust data center in Denver. A bit weird speaking in undeveloped space in a data center, but somehow fitting for a DevOps conference. The talk was about 10 minutes worth of talk (slides on speakerdeck), and about 20 minutes worth of live demonstration. The live demonstration covered some of the same things that I’ve covered in our blog before.

2016 DevOpsDaysRox 2016

I am excited and honored to have been selected to present at the 2016 DevOpsDaysRox (Rockies) conference on 21 April 2016 at 10:45. It will be more demo than talk, and is basically a 30 minute how-to on getting started hardening your servers using Assimilation Cybersecurity. This is quite a bit different from my usual talk – not enough time for a technical overview, but instead it’s concentrated on the kind of practical stuff you can go home and do yourself. Last year, I attended the first-ever DevOpsDays Rockies event, and learned a lot and met a bunch of great people. What a treat to get to present there this year!

2016 DevOpsDaysRox Assimilation Talk and Demo

Cybersecurity is in the news almost every day. It’s not just getting the attention of the technical folks in the trenches, it’s getting the attention in the boardroom. It’s also an area that the DevOps culture hasn’t spent as much attention on as we have on testing and automation. This talk is about how to make things better and keep them there – showing you how to get started in 15 minutes.

Making your systems more secure is a daunting task – the average system has something like 100 ways it’s out of step with hardening best practices. If you have 1000 systems, that means you have something like 100,000 problems – it’s overwhelming! There’s also understanding your attack surface (the ways an intruder can enter your systems) – how to understand and minimize it. This talk will cover these things:

  • How to know what you need to do to harden your systems
  • How to triage, manage and track the hardening process – and show your boss what great progress you’re making
  • How to keep your systems hardened after you get there
  • How to visualize and understand your attack surface

If you miss the talk (the conference is sold out!), you can see a demo on our web site, or a video of one our past technical talks (slides here), and  learn how to do many of the things I will cover in the talk (and more) from these blog posts:

Look forward to seeing you there!

Date: April 21, 2016
Time: 10:45 AM
Event: 2016 DevOpsDaysRox
Topic: Security Automation for DevOps
Venue: Fortrust DataCenter
(866) 420-5818
Location: 4300 Brighton Blvd Denver
Denver, Colorado 80216
USA
Public: Public

DevOpsDaysRox 2016

2016 DevOpsDaysRox 2016 DevOps Rockies Conference

I attended the DevOpsDaysRox (Rockies) conference last year, and it was a great conference – great speakers, interesting people at the conference in a good venue. This year, I’ll be giving a talk at DevOpsDaysRox 2016 – about the intersection of DevOps and security. This is a challenging space, since security has trouble keeping up with “normal” IT, […]

Linux Magazin highlights “Innovative” Assimilation Suite

Picture of Alan Robertson from the German publication Linux Magazin

Back in November of last year, I presented at the Open Source Monitoring Conference (OSMC) – and the talk went really well. Just today I found out we’ve been featured in the German publication Linux Magazin – and they said some very nice things about us in their article about the OSMC. I wrote a bit […]

Assimilating Boulder at the Boulder Linux Users GroupOur founder, Alan Robertson will be Assimilating Boulder – giving a talk on the Assimilation System Management Suite at the Boulder Linux Users Group.

The Assimilation Suite provides continuous IT discovery, monitoring and security. It discovers systems, switches, services, dependencies and detailed configuration information. Our discovery creates and updates a graph-based configuration management database (CMDB)  without setting off security alarms. This CMDB includes services you aren’t monitoring and systems you’ve forgotten about. This is important since about 30% of outsider security breaches come through forgotten systems, and services you’re not monitoring can’t be properly managed. Monitoring is extremely scalable due to its radically distributed architecture. Because discovery informs everything, near zero configuration is required.

This enables straightforward best practice audits (including security audits) without touching every machine. Our graph-based CMDB is natural for visualization and supports interesting queries about root causes and impact analysis. Our future work concentrates on continuous security monitoring – enabling you to easily stay in continual security compliance.

This talk gives an overview of the Assimilation System Management Suite – its capabilities, scalability and architecture, future plans and includes a demo of zero-configuration discovery and monitoring.

Date: December 10, 2015
Time: 6:30
Event: Assimilating Boulder: The Boulder Linux Users Group - December 2015
Topic: Assimilation System Management Suite
Venue: Applied Trust
303-245-4545
Location: 1033 Walnut St - Suite 300
Boulder, CO 80302
USA
Public: Public
Registration: Click here to register.

The 2015 Open Source Monitoring Conference

2015 Open Source Monitoring Conference (OSMC 2015)

I just got an email from Bernd Erk, saying that the 2015 Open Source Monitoring Conference is filling up. From my perspective, that’s a good thing, because we have a great talk and demo to give there and are excited to be speaking there again. From your perspective, this may be a good thing only if you hurry up and register – since this is the only conference we’ve spoken at outside the US this year.

CLUE logo - Colorado Linux Users and Enthusiasts

 

The Colorado Linux Users and Enthusiasts (CLUE) organization is hosting an Assimilation presentation in the Denver Tech Center area. This event is open to the public, and you don’t have to sign up, so just come and join us!

CLUE 2015 Assimilation Abstract

The statistics on system management are alarming – 30% of all break-ins come through systems people have lost track of, 90% of all organizations have failures of services they aren’t monitoring, 80% of all organizations are unable to keep their systems in compliance after getting them there initially, and 30% admit that they rarely start monitoring until after they have a problem, 30% of all systems are doing nothing useful, and admins of larger sites often don’t know the inter-dependencies between systems, services, and switches.

The Assimilation System Management Suite helps IT organizations manage and reduce complexity and transform security compliance from high drama to teachable moments.

More specifically, we accomplish this by creating a detailed graph database and driving audits, monitoring, and security policies from it in a way that requires near-zero configuration, that scales like nothing else, and provides detailed data of what changed and what happened, and how each piece relates to the other to help determine the root cause of an outage.

We find configurations that are inconsistent with security best practices within a few minutes of them being created. This allows rational, adult discussions to take place while everyone still remembers what was done, and why it was done – promoting learning and dramatically lowering stress compared to the typical way finding these issues by an auditor, or an intruder.

This talk will give a demo, and will cover the usage, architecture, and future of the Assimilation project.  It is aimed at system engineers, administrators, IT architects, security professionals, and IT managers. Come learn how you can use the Assimilation Project to get X-ray vision into your infrastructure with near-zero configuration.

Date: October 13, 2015
Time: 6:30 PM
Event: CLUE 2015 Assimilation Presentation
Topic: How to Painlessly Discover What You Don't Know - Before It Bites You Where It Hurts
Sponsor: Colorado Linux Users and Enthusiasts (CLUE)
+1 720-490-9901
Venue: McAfee Inverness office
Location: 10700 E Geddes Ave
Englewood, CO 80112
USA
Public: Public

Be sure and call or email us to get started on your trial!