• Incident Response in the Public Cloud

    by RSAC Contributor on April 21, 2017

    Leading image

    By Alex Maestretti Description: We held a session to discuss the unique challenges of conducting incident response in the public cloud. We had a great mix of attendees at the P2P session on Incident Response in the public cloud, including practitioners from cloud native companies as well as those from mature organizations just starting to move out of the datacenter. We started the conversation with some war stories on incidents that the audience had worked, and the discussion highlighted several…

  • Leveraging DevOps for AppSec in Retail

    by Ed Moyle on April 20, 2017

    Application development is in a period of transition; it seems everyone is moving to faster-cycle development paradigms like DevOps and Agile while new release and deployment paradigms like application containers (Docker), platform as a service (PaaS) and microservices simultaneously gain traction. That change is happening everywhere, but in a retail context, there are special considerations that…

  • Wearables: Security of Things

    by RSAC Contributor on April 19, 2017

    By Marc Bown In this session, we discussed wearable security, taking into account considerations and constraints unique to wearables and IoT devices. In this session, we used Fitbit’s architecture and experience to frame a discussion around wearable security challenges and best practices. We explored threats that wearable devices face and considered how the unique constraints of wearable devices…

  • Security Sourcing: Peers Discuss What Functions to Outsource at RSAC 2017

    by RSAC Contributor on April 18, 2017

    By Kevin Fuller The Peer2Peer session "To Source or Not to Source. Is That Really the Question?" was very well-attended by security leaders across many verticals, offering a range of experience with regards to sourcing their security programs. Attendees shared what functions they have outsourced to a trusted third party, how they came to those decisions, and what their experience was in those…

  • Retailing Another Threat Landscape Story

    by Dan Holden on April 17, 2017

    It’s no secret to anyone that retail has suffered its share of breaches over the last few years. To some, our industry became a cautionary tale, and to others, our headlines underscored the simple truth that a breach can happen to any company. While the fervent media coverage has somewhat died down, a retailer’s day-to-day offense and defense is in continual evolution according to the ebbs and…

  • Strategies on Surviving DDoS Attacks

    by RSAC Contributor on April 14, 2017

    By Amol Sarwate Recap on DDoS attack strategies at RSA Conference USA 2017 peer-to-peer session At RSA Conference this year I had the opportunity to host a peer-to-peer session on how to survive IoT botnet-based DDoS attacks, and exchange ideas with some of the brightest minds in the security world. In this blog I am sharing some of the ideas that surfaced during that discussion. We kicked off the…

  • John Willis on Breaking Bad Equilibrium in DevOps

    by Mark Miller on April 13, 2017

    This is a review of John Willis’ session at DevOps Connect: DevSecOps at RSAC 2017 Definition: Equilibrium - when all competing influences in a system are balanced. In everyday life, we often refer to it as balance - achieving a work-life balance, balancing risk and reward or debt and income. However we say it, achieving equilibrium is key to success in your personal and professional life. …

  • Metric Madness: Measuring Success

    by RSAC Contributor on April 12, 2017

    By Tyler Reguly Metrics for Managing and Understanding Patch Fatigue was ultimately a conversation on how businesses can measure success in their Vulnerability and Patch Management strategies. This year, at RSAC 2017, I hosted a Peer-2-Peer session on Metrics for Managing and Understanding Patch Fatigue. I saw this as an extension of my RSAC 2015 P2P on vulnerability and risk scoring. In 2015, I had…

  • Wild Frontier is Right!

    by RSAC Contributor on April 11, 2017

    By David Levine In the moderated Peer2Peer session “Securing IoT: Tech’s latest Wild Frontier” we had a full room and great representation providing different viewpoints ranging from those involved in manufacturing, setting standards, government and those charged with managing and securing IoT. Most importantly we had some great dialog and certainly could have spent hours -- make that many, many, …

  • Japan Looks to Join the Global Data Community

    by Sam Pfeifle on April 10, 2017

    While the island may have an historical reputation for isolationism, Japan is unquestionably a world economic power. It is the third largest economy in the world, by raw gross domestic product, and generates more than six percent of the world’s economic activity. However, to maintain that status, Japan understands that it needs to modernize its treatment of personal data. Thus, Japan in 2015…

  • Implementing SecDevOps in Regulated Industries

    by RSAC Contributor on April 7, 2017

    Striking the Proper Balance When Dealing with the Inevitable Move to DevOps & Meeting Regulatory and Compliance Requirements By Dan Cornell In addition to my RSAC-TV presentation on Effective Application Security Testing for DevOps, I had the opportunity to run a Peer2Peer session at RSAC 2017 on Implementing SecDevOps in Regulated Industries. I proposed this session topic because, although there is…

Are you interested in contributing to the RSA Conference blog?  Download our 2017 Editorial Calendar for more info. 

This document was retrieved from on Sun, 23 Apr 2017 15:39:01 -0400.
© 2017 EMC Corporation. All rights reserved.