Loading…
DevConf.CZ 2019 has ended

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security / IdM [clear filter]
Saturday, January 26
 

1:30pm CET

First steps into security engineering
Experience with security is a useful and even profitable skill for every technical and non-technical employee in IT. Contrary to common stereotypes, security is far more than black hoodies, math and crypto. It's also humans and communication skills.

Attendees of my talk DevConf.CZ 2018 talk and DevConf.IN key note have ask me how to get started. Let me introduce you to diverse areas of info sec and point you to books, online courses, talks, and other resources to get you started.

Speakers
avatar for Christian Heimes

Christian Heimes

Principal Software Engineer, Red Hat
Christian is a long time Python developer from Hamburg/Germany and contributor to several Open Source projects such as the CPython interpreter. In the past years he has helped to keep Python secure, for example as member of the Python security response te



Saturday January 26, 2019 1:30pm - 1:55pm CET
E105

2:30pm CET

Finding vulnerabilities using VMaaS
Looking for a simple way how to find vulnerable packages installed on your RHEL/Fedora systems? Vulnerability Metadata as a Service (VMaaS) is an API microservice that could fulfill this need.

VMaaS works as an repository and CVE metadata aggregator and provides these metadata in a stateless HTTP API. The microservice is deployable as an docker-compose or into an OpenShift environment. There is also a public deployment hosted by Red Hat.

This talk will summarize current state of the service and present a thin client tool to obtain vulnerabilities from the API.

Speakers


Saturday January 26, 2019 2:30pm - 2:55pm CET
E105

3:00pm CET

USBGuard
In this session you will be presented with USB Guard functionality both CLI and GUI.

You will get:

* overall understanding of the concept
* knowledge to configure the service
* CLI how to
* rules structure explanation
* explanation of GUI applet
* hands on experiance

There will be slides presented to lead us through the steps and real examples will be shown.
You are encouraged to bring your laptop and any kind of USB device (mouse, flash stick, yubikey, ...) to try to set it up on your own.

Speakers
avatar for Dalibor Pospisil

Dalibor Pospisil

quality engineer, Red Hat



Saturday January 26, 2019 3:00pm - 3:25pm CET
E105

5:00pm CET

Common Criteria Demystified
What do you feel when you hear the term "Common Criteria"? Do you perceive
it as something complex and scary? It doesn't need to be. After attending
this talk, you will have a clear picture of what Common Criteria is, when,
why and how it is used, why it matters, and what is your role as a
developer in the process of acquiring Common Criteria Certification.
Equipped with this knowledge, you will better appreciate all that goes into
Common Criteria and how it makes products more secure.

Speakers
avatar for Steven Grubb

Steven Grubb

Security Architect, Red Hat
Steve Grubb is a Senior Principal Engineer whose role in Red Hat Engineering is as a Security Architect with a focus on Security Certifications (such as Common Criteriai, SCAP, and FIPS-140) and configuration Guidance (such as DISA STIG, USGCB, and the CIS RHEL Benchmark). He also... Read More →
avatar for Mark Thacker

Mark Thacker

Principal Technical Product Manager, Red Hat
All about open source security, compliance, multi-level security, encryption with a heavy emphasis on what's actually usable.



Saturday January 26, 2019 5:00pm - 5:25pm CET
E105
 
Sunday, January 27
 

10:00am CET

Public Sector: Stories to Getting Started
Hear how open source is changing and affecting governments and institutions across the world. In this talk, we will go beyond stories with how open source is impacting governments and institutions to what is required of open source projects. Some code samples will be provided to show how to meet some of the basic requirements that governments have to be able to use open source software.

Speakers
avatar for Gabriel Alford

Gabriel Alford

Member of the Technical Staff, Office of the Chief Technologist, Red Hat Public Sector, Red Hat
Gabriel Alford is a Member of the Technical Staff, Office of the Chief Technologist in Red Hat's Public Sector where he focuses on developing security automation technologies and security standards. He is also one of the upstream maintainers of the ComplianceAsCode and OpenControl... Read More →
avatar for Shawn Wells

Shawn Wells

Chief Security Strategist, U.S. Public Sector, Red Hat



Sunday January 27, 2019 10:00am - 10:25am CET
E112

12:00pm CET

Red Hat Enterprise Linux Security Technologies Lab
In this lab, you'll learn about the built-in security technologies in Red Hat Enterprise Linux. Specifically, you will do a series of hands on lab exercises on: OpenSCAP, SELinux, Network Bound Disk Encryption, USBGuard, IPsec to encrypt all host to host communication within an enterprise network, audit, Audit Intrusion Detection Environment (AIDE), Red Hat Identity Management, GNU Privacy Guard (GPG) ,and firewalld to dynamically manage firewall rules. Finally, you will make multiple configuration changes to your systems across different versions of Red Hat Enterprise Linux running in your environment, in an automated fashion using Red Hat Ansible Automation, using the Systems Roles feature.

If you want to participate in this hands-on lab, please be sure to bring a laptop to the event with a SSH client and web browser (Firefox with plugins disabled recommended).

Speakers
avatar for Lucy Kerner

Lucy Kerner

Global Security Technical Strategist and Evangelist, Red Hat
Lucy Huh Kerner is currently the Global Security Technical Evangelist and Strategist at Red Hat and helps drive thought leadership and the global go-to-market strategy for Security across the entire Red Hat portfolio. In addition, she helps create and deliver security related technical... Read More →
DK

Daniel Kopeček

Software Engineer, Red Hat, Inc.
avatar for Lukas Vrabec

Lukas Vrabec

Senior Software engineer & SELinux technology evangelist, Red Hat
Lukas Vrabec is a Senior Software engineer & SELinux technology evangelist at Red Hat. He is part of Security Controls team working on SELinux projects focusing especially on security policies. Lukas is author of udica, the tool for generating custom SELinux profiles for containers... Read More →


Sunday January 27, 2019 12:00pm - 1:50pm CET
A112