Jabez Abraham
Senior Cyber Security Cloud Architect
As a Senior Cyber Security Cloud Architect at Paige.ai, Jabez is passionate about cloud computing. He thrives on solving problems when leveraging native cloud services for building secure and supportable solutions. At Paige.ai, he helps in defining the strategies, roadmaps, and solutions to embrace the value of the public cloud as well as ensure the protection of Paige.ai infrastructure, applications, and data for Cloud Native, Hybrid, and inter-cloud deployments. He has spent an extensive amount of time working through the various aspects of adoption while embracing a #Cloudbydefault approach. Jabez also leads organizational transformation in Cloud and Security Domains.
Presentations
As more and more companies embrace the Cloud, many are restricted by pre-cloud policies and requirements; especially when dealing with sensitive data such as PCI, PHI, SPI/PII etc. This makes it hard or not cost effective to enable the migration to the Cloud. With the challenges of a dynamic competition, many are forced to adapt to the Cloud and end up spending excessive operational dollars or compromising on critical components and limiting their effectiveness in leveraging native Cloud services. In this talk we will walk through some of the patterns to consider when moving to the Cloud specifically from a compliance and regulatory requirements perspective.
The agenda will cover topics such as:
• Building a Business Case
• Classifying the requirements (Business, Customer, Industry, Data Sovereignty)
• Lift and Ship vs building for the Cloud
• Baking in a Time Factor for setting expectations
• Managing Security, Usability and Cost
• Building re-usable Architecture patterns
• Lessons learnt from the constantly evolving landscape of AWS
• Thoughts on meeting Compliance requirements and passing an Audit
With the maturity of the Public Cloud platforms, the possibility of being able to provision nearly unlimited amount of capacity is lucrative. Enterprises are either in the process of evaluating, moving or in full adoption of the Cloud using various well-known or lesser-known vendors. With this disruptive shift in computing, there is a deeply coupled challenge of enabling users to the full potential of the “Usability and Feature-rich” aspects of the Cloud (managed services, micro-services, independent scaling, etc.) against the “Security requirements” from compliance and internal security teams, many of them which are catered to on-premises type installations. With this also comes the underlying risk of visibility and the need to adopt to the changing cloud trends, reduced time to market, failing fast etc. There is no explicit privacy in a shared Cloud infrastructure; with the rise of Ransomware, scares such as Meltdown, S3 bucket leakage etc. organizations cannot afford to tread lightly in this space. With serverless, there is even more ambiguity on how each service interacts within itself or with external services such as IaaS, PaaS; and how they can make sure they mitigate risks such as MITM, replay attacks etc. This talk will focus on a broad range of topics including, OWASP top 10, Secure Code Reviews, WAF, IP Filtering, JWT tokens within micro-services, session management, encryption at REST and field level encryption.
The focus of this session will be on dealing with serverless architecture, beginning with securing workloads from conception to moving all the way to monitoring in the end state. It will cover end to end at all stages of the lifecycle pertinent to the below zones.
• Development
• Pre-Deployment
• Post-Deployment
• Production Live
• Post-Mortem
The agenda will cover topics such as:
- Serverless Environment and Security
- Demo
- Ephemeral Development
- Making the Move to the Cloud
- Key Design Principles
- Sample Architecture walkthrough for Securing it
- Hybrid Dependencies and Best Practices
- Final Thoughts