September 2022 Chapter Meeting - Workload Identity, Security, and Governance

This event will be held on-premises, at the Amazon San Diego Tech Hub, and online via Amazon Chime.

TOPIC: Workload Identity, Security, and Governance

DESCRIPTION
The proliferation of DevOps and automated workloads presents the industry with new security challenges such as workload identification, authentication, and authorization. Managing to least privilege and separation of duties for human users is a (mostly) mature domain. Automated workloads typically outnumber human users by 45x in a large, modern enterprise. Understanding the administrative goals of the organization’s automated processes and the credentials used to complete their tasks, as well as the applicable security controls we must design into these systems, is an evolving domain. We will take a look at some recent guidance from NIST (SP-800-161) and how it applies to DevOps environments and the enterprise software supply chain as well as discuss the similarities to Identity Governance and Administration for human users. We can take the learnings from two decades of managing human identities and start to apply those to automated workloads.

SPEAKER: Dennis Mastin CISSP | CCSK - Solutions Architect

Dennis Mastin is a security professional focusing on non-human identities and Secrets Management. He has been in industry for over 30 years as a software engineer, field sales specialist, and consultant. The past two decades, Dennis focused on Identity and Access Management while at Netscape, Sun Microsystems, and Oracle. Currently, Dennis helps CyberArk customers realize the benefits of managing the identity lifecycles of automated workloads in their DevOps environments.

Visit Dennis Mastin on LinkedIn: https://www.linkedin.com/in/dennismastin/

DETAILS:
Date: Thursday, September 15
Time: 12:00 - 1:15 p.m.
Location: On-Premises and Online via Amazon Chime
CPE: 1
Please Note: anyone attending online: in the 2nd half of the presentation, we will share a Google form link in the Amazon Chime chat window. You must complete that form to receive a certificate of attendance from the chapter. If you don’t complete the form, you will need to self-report your CPEs. Because we can’t verify your attendance, we are unable to provide a certificate of attendance. You can take screenshots and a copy of your registration to self-report.

TO ATTEND THE MEETING ONLINE
With the move back to on-premises meetings at the Amazon San Diego Tech Hub (Corp Office), we are switching our online meeting platform from Zoom to Amazon Chime. With this platform, there is no registration required. At the time of the meeting, simply:

• Click here to join: https://chime.aws/1536814305

• Meeting ID: 1536 81 4305

PLEASE NOTE: Anyone attending online: in the 2nd half of the presentation, we will share a Google form link in the Amazon Chime chat window. You must complete that form to receive a certificate of attendance from the chapter. If you don’t complete the form, you will need to self-report your CPEs. Because we can’t verify your attendance, we are unable to provide a certificate of attendance. You can take screenshots and a copy of your registration to self-report.

For additional information about the Amazon Chime platform, please click visit: https://isaca-sd.org/amazon-chime