Appsecco brings security training session back to Black Hat USA

Appsecco has announced that it will be running two sessions of its popular automated cloud security defence training at the information security event Black Hat USA 2019, which provides four days of technical trainings (3rd – 6th August) followed by a two-day conference (7th – 8th August).

Taking place over the first four days of the event, on 3rd and 4th August and then again on 5th and 6th August , Appsecco’s training session, 'Automated Defense Using Cloud Services for AWS, Azure & GCP' has been designed to help delegates understand how simple cloud services can be utilised to set-up lightweight systems for automated security defence.

With the big three IAAS Cloud Providers (AWS, Azure & GCP) each offering something slightly different, as part of this hands-on training Appsecco’s security experts will not only cover what the essential components of an automated security defence set-up should be, but also how to implement them across each provider.

Attendees will also learn how to defend their cloud infrastructure using Serverless technologies and ElasticStack. ElasticStack collects, analyses, logs and triggers alerts based on a configured rule-set, while Serverless drives the defence to perform automated blocking and is configured based on the use case and type of attacks. The current Serverless solution works on AWS, Azure and GCP and can be extended for other providers and custom solutions such as in-house firewalls and IPS.

Appsecco’s Automation and Security Expert, Madhu Akula, will be hosting the workshop. He is an active member of the international security, devops and cloud native communities. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (26, 24), BlackHat USA 2018, USENIX LISA 2018, Appsec EU 2018, All Day DevOps (2016, 2017, 2018), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2018, 2017), Nullcon 2019, SACON 2019, Serverless Summit, null and many others.

Madhu's research has identified vulnerabilities in over 200 companies and organisations including Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible.

Colleague and Appsecco co-founder, Gwilym Lewis, said: “We’re thrilled to be bringing our cutting-edge, industry-leading security training back to Black Hat USA for a second year. Day one starts by setting the stage for automated defence by tackling centralised monitoring and alerting systems, followed by a focus on day two on advancing the set-up by adding Serverless stack to defend against the infrastructure based on near real-time alerts to match DevOps speed.”