2016 BSides Las Vegas OWASP Assimilation Talk

I’m excited to be giving my first ever talk at a security conference at the 2016 BSides Las Vegas Security Conference. The title of the talk is Automating Security with the OWASP Assimilation Project. It’s on August 2nd 2016 at 11 AM.

Here’s what I promised to talk about…

2016 BSides Las Vegas: Automating Security with the OWASP Assimilation Project

IT shops have trouble reliably doing the basics well.

  • 30% of all break-ins come through systems not in inventory, 30% of servers are doing nothing useful,
  • Getting systems hardened is difficult
  • 70% of people who get into compliance with PCI-DSS aren’t in compliance a year later
  • Remediation of known serious patches happens slowly if at all
  • 90% of all sites have suffered from outages of services which aren’t monitored
  • Keeping a suite of helpful tools correctly configured over time is time-consuming and expensive.

Then of course, there’s the problem of demonstrating to upper management that you’re actually making progress against a formidable task. These are the problems the OWASP Assimilation project addresses.

It compares security configuration against best practices, keeps network-facing checksums up to date, provides attack surface visualization, alerts on events, and improves availability through monitoring systems and services. It does all these things with near-zero configuration.

This talk will give an overview of the project and a live demo.

About Alan Robertson

For those of you who don’t know me, I’ve spent over 30 years writing software. Most of that software was tools to help system administrators and developers. I’ve had an active interest in security for most of these years. I’m best known for creating the Linux-HA (now called Pacemaker) project – which improves availability for hundreds of thousands of servers all over the world. I led that project for about 10 years. More recently I’ve cast my eye on a broader set of IT problems – and the Assimilation project is the result. I’m a big believer in automation – and hate manual configuration and having humans do things that computers do much better.

About the OWASP Assimilation Project

The open source Assimilation Project has recently affiliated itself with OWASP to reflect its growing emphasis on security. So the OWASP Assimilation project is the same exact project and code as it’s always been – with a new affiliation and an extra word in the name ;-).

If you’re going to be in Las Vegas and are interested in security from an operational perspective, I highly recommend that you come learn more about the OWASP Assimilation project. The issues we address are important and broad, the technology is unique and really cool, and people have fun at my talks

Date: August 2, 2016
Time: 11:00-11:45
Event: 2016 BSidesLV: Automating Security with the OWASP Assimilation Project
Topic: Automating Security with the OWASP Assimilation Project
Sponsor: BSides Las Vegas
Venue: Tuscany Suites and Casino
+1 702-893-8933
Location: 255 East Flamingo Road
Las Vegas, Nevada 89169
USA
Public: Public
Registration: Click here to register.

2016 DevOpsDays SLC 2016I am excited to be presenting at the 2016 DevOpsDays SLC (Salt Lake City) conference on 14-15 June. This will be a “show me” talk – it’s basically a 30 minute how-to on getting started hardening your servers using Assimilation Cybersecurity. This is quite a bit different from most of my past talks – there’s not enough time for a deep technical overview and good how-to information. Instead it’s concentrated on the kind of practical stuff you can go home and do yourself. What a treat to get to present there this year!

2016 DevOpsDays SLC Assimilation Talk and Demo

Cybersecurity is in the news almost every day. It’s not just getting the attention of the technical folks in the trenches, it’s getting the attention in the boardroom. It’s also an area that the DevOps culture hasn’t spent as much attention on as we have on testing and automation. This talk is about how to make things better and keep them there – showing you how to get started in 15 minutes.

Making your systems more secure is a daunting task – the average system has something like 100 ways it’s out of step with hardening best practices. If you have 1000 systems, that means you have something like 100,000 problems – it’s overwhelming! There’s also understanding your attack surface (the ways an intruder can enter your systems) – how to understand and minimize it. This talk will cover these things:

  • How to know what you need to do to harden your systems
  • How to triage, manage and track the hardening process – and show your boss what great progress you’re making
  • How to keep your systems hardened after you get there
  • How to visualize and understand your attack surface

Be There: Resistance is Futile!

If you miss the talk, you can see a demo on our web site, or a video of one our past technical talks (slides here), and  learn how to do many of the things I will cover in the talk (and more) from these blog posts:

Look forward to seeing you there!

Date: June 14, 2016—June 15, 2016
Event: 2016 DevOpsDays SLC - Security Automation for DevOps
Topic: Security Automation for DevOps
Venue: Church and State
801-860-3372
Location: 370 South 300 East
Salt Lake City 84111
USA
Public: Public
Registration: Click here to register.
More Info: Click here for more information.

2016 DevOpsDaysRox 2016

I am excited and honored to have been selected to present at the 2016 DevOpsDaysRox (Rockies) conference on 21 April 2016 at 10:45. It will be more demo than talk, and is basically a 30 minute how-to on getting started hardening your servers using Assimilation Cybersecurity. This is quite a bit different from my usual talk – not enough time for a technical overview, but instead it’s concentrated on the kind of practical stuff you can go home and do yourself. Last year, I attended the first-ever DevOpsDays Rockies event, and learned a lot and met a bunch of great people. What a treat to get to present there this year!

2016 DevOpsDaysRox Assimilation Talk and Demo

Cybersecurity is in the news almost every day. It’s not just getting the attention of the technical folks in the trenches, it’s getting the attention in the boardroom. It’s also an area that the DevOps culture hasn’t spent as much attention on as we have on testing and automation. This talk is about how to make things better and keep them there – showing you how to get started in 15 minutes.

Making your systems more secure is a daunting task – the average system has something like 100 ways it’s out of step with hardening best practices. If you have 1000 systems, that means you have something like 100,000 problems – it’s overwhelming! There’s also understanding your attack surface (the ways an intruder can enter your systems) – how to understand and minimize it. This talk will cover these things:

  • How to know what you need to do to harden your systems
  • How to triage, manage and track the hardening process – and show your boss what great progress you’re making
  • How to keep your systems hardened after you get there
  • How to visualize and understand your attack surface

If you miss the talk (the conference is sold out!), you can see a demo on our web site, or a video of one our past technical talks (slides here), and  learn how to do many of the things I will cover in the talk (and more) from these blog posts:

Look forward to seeing you there!

Date: April 21, 2016
Time: 10:45 AM
Event: 2016 DevOpsDaysRox
Topic: Security Automation for DevOps
Venue: Fortrust DataCenter
(866) 420-5818
Location: 4300 Brighton Blvd Denver
Denver, Colorado 80216
USA
Public: Public

Assimilating Boulder at the Boulder Linux Users GroupOur founder, Alan Robertson will be Assimilating Boulder – giving a talk on the Assimilation System Management Suite at the Boulder Linux Users Group.

The Assimilation Suite provides continuous IT discovery, monitoring and security. It discovers systems, switches, services, dependencies and detailed configuration information. Our discovery creates and updates a graph-based configuration management database (CMDB)  without setting off security alarms. This CMDB includes services you aren’t monitoring and systems you’ve forgotten about. This is important since about 30% of outsider security breaches come through forgotten systems, and services you’re not monitoring can’t be properly managed. Monitoring is extremely scalable due to its radically distributed architecture. Because discovery informs everything, near zero configuration is required.

This enables straightforward best practice audits (including security audits) without touching every machine. Our graph-based CMDB is natural for visualization and supports interesting queries about root causes and impact analysis. Our future work concentrates on continuous security monitoring – enabling you to easily stay in continual security compliance.

This talk gives an overview of the Assimilation System Management Suite – its capabilities, scalability and architecture, future plans and includes a demo of zero-configuration discovery and monitoring.

Date: December 10, 2015
Time: 6:30
Event: Assimilating Boulder: The Boulder Linux Users Group - December 2015
Topic: Assimilation System Management Suite
Venue: Applied Trust
303-245-4545
Location: 1033 Walnut St - Suite 300
Boulder, CO 80302
USA
Public: Public
Registration: Click here to register.

2015 Assimilation Hackathon at the OSMC

Businesswoman drawing colorful business ideas on wall - good for Assimilation hackathons I think ;-)There will be an Assimilation Hackathon in Nürnberg, Germany associated with the Open Source Monitoring Conference.

We will likely be working on some of the items in our Trello Issues/Features/Bugs board. My guess is that most of the work we’ll be doing will come from the external integration or discovery agents columns from that board. The integrations tend to be bigger chunks of work, and the discovery agents tend to be smaller chunks of work – much smaller in some cases.

Although I’m not going to limit what people work on, here below are a few of my favorite Assimilation Hackathon integrations.

Suggested Assimilation Hackathon External Integrations

Suggested Assimilation Hackathon Discovery Agents

How We’ll Organize the Assimilation Hackahon

Here’s how to participate:

  1. Email AlanR@AssimilationSystems and tell him you want to join the Hackathon.
  2. Read the Contributing to the project page, and sign the contributor agreement before submitting completed work. Paper copies will be available if you’re physically present for the Hackathon.
  3. Connect your IRC client to the #assimilation channel on irc.freenode.net
  4. AlanR will then add you to the Trello board. Once you sign the contributior agreement, Alan will add you to the Assimilation github project as a project member.
  5. Pick an item you want to work on. Suggestions are in the External Integrations and Discovery Agents columns.
  6. Drag and drop that item to the Nürnberg Hackathon Projects column, and add yourself as a member  to the Trello card, so we can tell who’s working on it.
  7. Fork the github repository.
  8. Do your work, test it…
  9. When it’s done, submit a pull request. Pull requests without contributor agreements will be cheerfully ignored.
  10. When all is done, Alan buys beer for everyone who participated!
Date: November 19, 2015
Time: 0900-1700
Event: 2015 Assimilation Hackathon
Topic: Assimilation Hackathon
Sponsor: Netways
+49 911 92885-0
Venue: Holiday Inn Nürnberg
+49 (911) 24250-0
Location: Engelhardsgasse 12
Nürnberg 90402
Germany
Public: Public
Registration: Click here to register.
More Info: Click here for more information.

CLUE logo - Colorado Linux Users and Enthusiasts

 

The Colorado Linux Users and Enthusiasts (CLUE) organization is hosting an Assimilation presentation in the Denver Tech Center area. This event is open to the public, and you don’t have to sign up, so just come and join us!

CLUE 2015 Assimilation Abstract

The statistics on system management are alarming – 30% of all break-ins come through systems people have lost track of, 90% of all organizations have failures of services they aren’t monitoring, 80% of all organizations are unable to keep their systems in compliance after getting them there initially, and 30% admit that they rarely start monitoring until after they have a problem, 30% of all systems are doing nothing useful, and admins of larger sites often don’t know the inter-dependencies between systems, services, and switches.

The Assimilation System Management Suite helps IT organizations manage and reduce complexity and transform security compliance from high drama to teachable moments.

More specifically, we accomplish this by creating a detailed graph database and driving audits, monitoring, and security policies from it in a way that requires near-zero configuration, that scales like nothing else, and provides detailed data of what changed and what happened, and how each piece relates to the other to help determine the root cause of an outage.

We find configurations that are inconsistent with security best practices within a few minutes of them being created. This allows rational, adult discussions to take place while everyone still remembers what was done, and why it was done – promoting learning and dramatically lowering stress compared to the typical way finding these issues by an auditor, or an intruder.

This talk will give a demo, and will cover the usage, architecture, and future of the Assimilation project.  It is aimed at system engineers, administrators, IT architects, security professionals, and IT managers. Come learn how you can use the Assimilation Project to get X-ray vision into your infrastructure with near-zero configuration.

Date: October 13, 2015
Time: 6:30 PM
Event: CLUE 2015 Assimilation Presentation
Topic: How to Painlessly Discover What You Don't Know - Before It Bites You Where It Hurts
Sponsor: Colorado Linux Users and Enthusiasts (CLUE)
+1 720-490-9901
Venue: McAfee Inverness office
Location: 10700 E Geddes Ave
Englewood, CO 80112
USA
Public: Public

Be sure and call or email us to get started on your trial!

NCAR logo - NCAR does not sponsor the Assimilation ProjectThe University Center for Atmospheric Research (UCAR) /  (National Center for Atmospheric Research (NCAR) communities are hosting an Assimilation technical talk in Boulder, Colorado. This event is open to the public, no need to register, so come on by!

NCAR Assimilation Abstract

The statistics on system management are alarming – 30% of all break-ins come through systems people have lost track of, 90% of all organizations have failures of services they aren’t monitoring, 80% of all organizations are unable to keep their systems in compliance after getting them there initially, and 30% admit that they rarely start monitoring until after they have a problem, 30% of all systems are doing nothing useful, and admins of larger sites often don’t know the inter-dependencies between systems, services, and switches.

The Assimilation System Management Suite helps IT organizations manage and reduce complexity and transform security compliance from high drama to teachable moments.

More specifically, we accomplish this by creating a detailed graph database and driving audits, monitoring, and security policies from it in a way that requires near-zero configuration, that scales like nothing else, and provides detailed data of what changed and what happened, and how each piece relates to the other to help determine the root cause of an outage.

We find configurations that are inconsistent with security best practices within a few minutes of them being created. This allows rational, adult discussions to take place while everyone still remembers what was done, and why it was done – promoting learning and dramatically lowering stress compared to the typical way finding these issues by an auditor, or an intruder.

This talk will give a demo, and will cover the usage, architecture, and future of the Assimilation project.  It is aimed at system engineers, administrators, IT architects, security professionals, and IT managers. Come learn how you can use the Assimilation Project to get X-ray vision into your infrastructure with near-zero configuration.

Date: October 8, 2015
Time: 03:00 PM
Event: Assimilation Systems Management presentation for NCAR
Topic: How to Painlessly Discover What You Don't Know - Before It Bites You Where It Hurts
Sponsor: University Center for Atmospheric Research - Davide Del Vento
Venue: NCAR Mesa Lab, Main Seminar Room
303-497-1000
Location: Mesa Lab, Main Seminar Room NCAR, 1850 Table Mesa Drive
Boulder, CO 80305
USA
Public: Public
More Info: Click here for more information.

Come learn about the Assimilation Suite - and contact us to set up a trial

DOSUG logoOur CTO will be giving an overview of the Assimilation software at the September 2015 Denver Open Source User’s Group (DOSUG) meeting. The event starts at 5:30 PM with food and networking, and the talk will start around 6 PM.

DOSUG Talk Abstract

The statistics on system management are alarming – 30% of all break-ins come through systems people have lost track of, 90% of all organizations have failures of services they aren’t monitoring, 80% of all organizations are unable to keep their systems in compliance after getting them there initially, and 30% admit that they rarely start monitoring until after they have a problem, 30% of all systems are doing nothing useful, and admins of larger sites often don’t know the inter-dependencies between systems, services, and switches.

The Assimilation System Management Suite helps IT organizations manage and reduce complexity and transform security compliance from high drama to teachable moments.

More specifically, we accomplish this by creating a detailed graph database and driving audits, monitoring, and security policies from it in a way that scales like nothing else, and providing detailed data of what changed and what happened, and each piece relates to the other to help determine the root cause of an outage.

We find configurations that are inconsistent with security best practices within a few minutes of them being created. This allows rational, adult discussions to take place while everyone still remembers what was done, and why it was done – promoting learning and dramatically lowering stress compared to the typical way finding these issues by an auditor, or an intruder.

This talk will give a demo, and will cover the usage, architecture, and future of the Assimilation project.

Date: September 1, 2015
Time: 17:30-19:30
Event: DOSUG: Assimilation Overview - 2015
Topic: Assimilation System Management Overview
Sponsor: Denver Open Source User's Group
Venue: Innovation Pavilion
(720) 414 - 2157
Location: 9200 E Mineral Ave
Centennial, CO 80112
USA
Public: Public
Registration: Click here to register.
Ohio Linux Fest

Our founder, Alan Robertson, is excited to announce he will be giving a keynote address at the Ohio Linux Fest on October 2nd, 2015. In addition, he’ll be giving a session talk on the Assimilation System Management Suite on October 3rd 2015.  Here’s an overview of the Assimilation talk.

Ohio Linux Fest Session Talk

How to Painlessly Discover What You Don’t Know – Before It Bites You Where It Hurts

The statistics on system management are alarming – 30% of all break-ins come through systems people have lost track of, 90% of all organizations have failures of services they aren’t monitoring, 80% of all organizations are unable to keep their systems in compliance after getting them there initially, and 30% admit that they rarely start monitoring until after they have a problem, 30% of all systems are doing nothing useful, and admins of larger sites often don’t know the inter-dependencies between systems, services, and switches.

The Assimilation System Management Suite helps you deal with these problems by creating a detailed graph database and driving audits, monitoring, and security policies from it in a way that scales like nothing else, and providing detailed data of what changed and what happened, and each piece relates to the other to help determine the root cause of an outage. This talk will give a demo, and will cover the usage, architecture, and future of the Assimilation project.

This talk is aimed at moderately experienced to advanced system engineers, administrators, IT architects, security professionals, and IT managers. Come learn how you can use the Assimilation Project to get X-ray vision into your infrastructure with near-zero configuration. If you are a security expert, you have the opportunity to contribute to and benefit from our set of best practice security rules.

Date: October 2, 2015—October 2, 2015
Event: Ohio Linux Fest Keynote and Session Presentations
Topic: How to Painlessly Discover What You Don't Know - Before It Bites You Where It Hurts
Sponsor: The Ohio LinuxFest Corporation
800-902-9003
Venue: Greater Columbus Convention Center
(614) 827-2500
Location: 400 North High Street
Columbus, OH 43215
USA
Public: Public

Sign up to our blog to get a copy of the slides from this talk.

Security: OSCON 2015 talk on our creation of a security best practices community.The cybersecurity / infosec community has difficulties working together around breaches out of legal and public relations concerns, but can share best practices. The open source Assimilation Project compares system configurations against best practices in near-real-time. Our talk at OSCON 2015 talk gives an overview of the Assimilation System Management Suite, and outlines our efforts to include more security experts in our community and translate the results into open source code, creating “Security Best Practices As Code”.

Get a 20% discount signing up for OSCON 2015 using discount code ALANR20.

For a little more detail on the approach that we’ll cover in our OSCON 2015 talk, see our blog post announcing the IT Best Practices Community.

We’ll also have a BOF on Thursday evening at 7 PM in room E145. Be there or be square!!

Date: July 23, 2015—July 23, 2015
Time: 16:10-16:50
Event: OSCON 2015 talk + BOF on Assimilation (security emphasis)
Topic: Creating A Community Around Cybersecurity Best Practices
Sponsor: O'Reilly
Venue: Oregon Convention Center
503.235.2250
Location: 777 NE Martin Luther King, Jr. Blvd.
Portland, Oregon 97232
USA
Public: Public
Registration: Click here to register.

Email AlanR@AssimilationSystems.com for more information about the Assimilation software.