Ran Ne'man
Ran Ne'man is a seasoned product development and management executive with over 25 years of experience spanning start-up companies, NASDAQ-traded enterprises, and government agencies. Bringing years of innovation-driven expertise in cloud services built for modern security practices, fraud prevention, identity management, and communication markets, Ran has a successful track record of creating groundbreaking products and guiding them from ideation to large-scale success stories. His skills include managing product lines, strategic accounts, market penetration efforts, and business development.
Sessions
In the words of Werner Vogels, identity management is the core of our systems, and touches every single part of our applications and stacks. Knowing this, plenty of excellent open source tooling has been built over the years to combat the diversity of challenges that arise with managing identity and access for different cloud native environments.
In this talk we’ll take a deep dive on the known challenges in the identity space and how they impact our apps and systems. But don’t panic - as we will share great tips and practices for how to mitigate these risks, and demo how to leverage excellent open source tooling to do so. We have selected five excellent tools that cover the most common risks and stacks in use today, that provide a good baseline for understanding and reducing identity attack surface.
Whether you’re running on AWS, Azure or GCP, or want better visualization and graph of who has permissions to which resources, or even want to manage internal access to resources, the OSS community has you covered. Join us to learn how to level up your identity management with an open source stack.
With virtually everyone in the cloud, exposing infrastructure on public networks––well established as a bad security practice––remains more popular than you would think. In this talk we'll take a look at common types of infrastructure exposure, as it applies to modern cloud native operations.
There are a few popular ways to tackle exposed infrastructure - leveraging a bastion host, while effective, still requires a lot of effort with rotating credentials to avoid the risks of shared static credentials. Other methods include VPN/ZTNA solutions, but these come with a price tag, and while commercial clouds come with built-in capabilities for making public infrastructure private, this all comes with a lot of overhead and complexity. However, this problem is solvable all with open source tooling built for public clouds like AWS or GCP.
In this talk we'll demo with a simple stack how to minimize exposure on public networks, and best practices to ensure your environments remain secure, and accessible.