Christian Bauer
Security engineer with a special focus on Cloud security.
Image the following fictitious scenario: you are starting a new job as the first security engineer of a startup with a software-as-a-service (or platform-as-a-service) offering built on top of well known public cloud platforms with cloud-native technology.
Being the first person to tackle security as a full time job, this might seem light a monumental task.
How to quickly get a first overview of the current security posture? Where to start with security improvements? How to prioritize? How to define a security roadmap?
This talk will provide an overview on how to introduce security into a typical cloud based product from the ground up. Short-, medium- and long-term security activities will be discussed, with specific proposals what high impact topics should be addressed in the beginning.
We will cover a broad range, from technical topics, s.a. tooling for security automation, all the way to non-technical topics such as compliance.
Security engineer with a special focus on Cloud security.