Tyson Garrett
For over 12 years Tyson has been securing cloud environments either his own at a Packetloop (the first big data security analytics company that was 100% cloud based), or for customers where whilst at AWS where he worked with multiple service teams on helping define the AWS Security Foundational Best Practices standard and the AWS config conformance packs in addition to other control guidance many AWS customers rely on. Now at TrustOnCloud, as well as being CTO, Tyson leads the Azure practice in researching threats and controls for Azure services.
Session
TrustOnCloud delivers comprehensive, continuously updated threat models of cloud services (such as Amazon SageMaker and Google BigQuery), empowering the Citi Threat Modelling team to swiftly assess and onboard cloud services. This approach enables developers within Citi to consume secured cloud services for the applications built on them while not overwhelming them with complicated service configurations and platform controls. Attendees of this talk will come away with approaches to staying up to date with new threats and controls in the cloud, managing this information, and how to make it digestible for developers in a way that will help them think more deeply about the security of their applications.