Benjamin Toews, TweetApplication Security Engineer at GitHub
Biography: Benjamin ToewsBen Toews is an application security engineer at GitHub. He works on security features in addition to identifying and fixing security vulnerabilities in GitHub.com. Prior to GitHub, Ben worked in software development as well as in security consulting, performing application and network pentests.
When your company is in the cloud, security means enabling two-factor authentication on your Gmail account. It means taking the time properly configure and harden your AWS services. It means staying up all night, wondering when everyone else will apply the latest OpenSSL patch. It means worrying not only about the vulnerabilities in your code, but vulnerabilities in the code of all the companies you rely on.
There are many unique security challenges facing cloud service providers as well as the consumers of those services. In this talk I will explore case studies of where security has failed in the cloud, how it could have succeeded, as well as generalizations about securely implementing and using cloud services.