SIGS Special Interest Group
4th Cloud Security Forum

Save the DateClick on the .ics file to save the date

Target Audience Cloud/Cloud Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in Cloud Security

From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in this topic in their daily job) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 4 CPE (Continuing Professional Education) for attending this SIGS forum. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free park places available.
Train: railway station Zurich Airport – take the hotel shuttle

Date of Event 19th November 2019 (12th September will not take place!!!)
Further planned date for 2020 will follow
Language English
Participation Costs Fr. 55.— per participants
Organization, presentations, beverages and apéro riche included

 
Agenda

 

1:30 – 2:00 pm Registration & Coffee
2:00 – 2:45 pm Martin Suess, Security Engineer at Google

Everyone is moving their workloads into one or the other cloud or is at least considering it
I walk through the different “levels” of migrations and attempt to provide a comprehensive and cloud provider independent overview of the relevant security aspects to consider. In particular:

  • why a lift and shift approach should only be the first step
  • what changes and challenges a “true” cloud approach brings
2:45 – 3:30 pm Borna Cisar, Head of Cloud Security at Avantec AG

MYTHBUSTERS – Cloud Security Edition (Roundtable)
We’ll explore the limits of cloud-native security solutions, offered by the cloud providers. The question is how to close those gaps and meet your requirements, especially in multi- and hybrid cloud environments.

We’ll talk about network and application visibility, continuous compliance and other API-based approaches. And in addition we’ll discuss the merits of some of those methods in an interactive manner.

3:30 – 4:15 pm Break
4:15 – 5:15 pm Workshop I
by Antonio Barresi, Mitgründer und CEO xorlab AG – a spin-off company of ETH Zurich

Evaluating Defense Capabilities of Email Cloud Services
In the course of Cloud adoption, many companies are migrating to services like Office 365 and, in this context, are reevaluating their email security. In this workshop, we will look at the features, strengths and weaknesses of email cloud services and at resulting security implications. We will provide a simple framework for deciding if the cloud service provides enough security, when extending defenses makes sense and when it does not.

5:15 – 6:15 pm Workshop II
by Daniel Michel, Security Consultant and Michael Hess, Penetration Tester at Redguard AG

Auditing cloud environments based on shared responsibilities
Penetration testing a cloud deployment is no easy task due to its shared responsibility model. During this workshop we will analyze the impact of shared responsibilities in a cloud environment and outline its common pitfalls.

Further you will learn about an efficient approach to audit cloud infrastructure and benefit from practical guidance based on our experiences of penetration testing various cloud environments and solutions.

6:15 – open end Apéro Riche and Networking (therefore reserve as well the evening!)
The speakers will be onsite for Q&A.

 

The Sponsor of this event is:

Main Sponsor

Registration

This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share to use it with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.