Chris Farris

Chris Farris has been in the IT field since 1994 primarily focused Linux, networking, and security. For the last 7 years he has focused on public-cloud and public-cloud security for major media companies. He has built and evolved multiple cloud security programs focusing on enabling the broader security team’s objectives of secure design, incident response and vulnerability management. He has developed cloud security standard and baselines to provide risk-based guidance to development and operations teams. As a practitioner, he’s architected and implemented multiple serverless and traditional cloud applications, focused on deployment, security, operations, and financial modeling.

He opines on security and technology on Twitter and at his website

The speaker's profile picture


IR in the Cloud: Don't panic, take a deep breath, you've got this.
Chris Farris

The dangers of the cloud are many. Are you prepared for the email from AWS saying your access keys are in GitHub? Do you know what to do when your bill spikes 500% overnight? What about when GuardDuty tells you your middleware server is engaged in intimate traffic patterns with the Kremlin?

Panic is an appropriate and very human response to all of the above. Or you could attend this talk and we'll talk through a cloud-centric version of Preparation, Identification, Containment, Eradication. Then, if one of these unfortunate events happens to your company, you'll be ready to rise to the occasion and lead your responders to victory.

Room 460 - "Re-Ignite" track