06-13, 09:20–09:40 (US/Pacific), Salon C
TrustOnCloud delivers comprehensive, continuously updated threat models of cloud services (such as Amazon SageMaker and Google BigQuery), empowering the Citi Threat Modelling team to swiftly assess and onboard cloud services. This approach enables developers within Citi to consume secured cloud services for the applications built on them while not overwhelming them with complicated service configurations and platform controls. Attendees of this talk will come away with approaches to staying up to date with new threats and controls in the cloud, managing this information, and how to make it digestible for developers in a way that will help them think more deeply about the security of their applications.
For over 12 years Tyson has been securing cloud environments either his own at a Packetloop (the first big data security analytics company that was 100% cloud based), or for customers where whilst at AWS where he worked with multiple service teams on helping define the AWS Security Foundational Best Practices standard and the AWS config conformance packs in addition to other control guidance many AWS customers rely on. Now at TrustOnCloud, as well as being CTO, Tyson leads the Azure practice in researching threats and controls for Azure services.
Jason Nelson is an executive leader in Financial Services industry.
He spent his 20+ year career practicing information security as a penetration tester, security architect, management, consulting advisor, and many other roles unnamed performed around the world. He has had a passion for information security in many forms which continues to evolve with each year. In the few hours away from information security Jason likes travel with his family to places warmer than Chicago.