Security, identity and access management (IAM), and organizational policies are the foundation for building a trusted and controlled cloud environment. In this session, we'll discuss how Google Cloud's infrastructure, apps, and services, including our latest security innovations in the areas of platform security, access controls, data security, visibility, and transparency combine to deliver the most secure, trusted cloud.

Whether you are a consumer or provider of cloud services, the legal implications of cloud computing are ever changing, complex, and different in every jurisdiction. Due to risks engaged, It can have a significant impact on costs and profit. There are wide variety of strategic and operational matters to consider and this session focus on the same.

SecOps or Security Operations is changing enterprise IT the same way how DevOps transformed enterprise Dev. By leveraging Cloud Native Services such as Serverless (Cloud functions, Lambda), Container runtimes (Docker) and Container schedulers (Kubernetes) we can bring in near real time detection and blocking of security attacks, analyse incidents and even remediate potential security holes before they become a problem. This talk is to give you a simple framework to build a SecOps stack using Google Cloud Platform as an example. A version of this talk was presented as a workshop at NULLCON X 2019 with all the code, configuration etc. released under an open source license. https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows

Like the way we as good guys know the value of privileged users, bad guys also know this. Time to extra focus on protecting your privileged users. This session will explore the design considerations for your privileged landscape as a security professional, administrator, auditor or line-of-business leader.

Many organization uses cloud compute power to get insight from the Data. One of the concerns is Security. In this session we'll discuss about the how Azure secure your data which is used by Hadoop on Azure aka HDInsight to process it. We'll focus on different aspect of security and it's implementation. This session is targeted to technical audience.

Hands on security review of AWS Cloud: - Discuss on common AWS security issues (Common issues, Top concerns etc) - Walk through some AWS Abuse alerts - Security Review: Vulnerability Assessment and Configuration Audits of AWS using Open Source and Commercial Tools - AWS Guard Duty & Trusted Advisor Reports This session is targeted to technical audience.