basil policy as code platform
play

Basil Policy-as-code Platform Ron Herardian (ISC) East Bay Chapter - PowerPoint PPT Presentation

Oct 03, 2023 •276 likes •466 views

Basil Policy-as-code Platform Ron Herardian (ISC) East Bay Chapter Fall Conference, November 8, 2019 Organic Press Coverage 9 Is every business a software business? Cloud Cloud Native Internet Cloud Cloud Native (Next) 3

  1. Basil Policy-as-code Platform Ron Herardian (ISC) ² East Bay Chapter Fall Conference, November 8, 2019

  2. Organic Press Coverage 9

  3. Is every business a software business? • Cloud • Cloud Native Internet Cloud Cloud Native (Next…) � 3

  4. Cloud Challenges • How are security controls unified? • How are policies enforced? • Who is accountable? � 4

  5. Policy vs. Execution • Policies and procedures not followed • Impacts on application availability / up time • Security incidents • Insider negligence, IP theft, cyberattacks, data breaches • T echnical solutions use 'find and fix’ strategy • The damage is already done � 5

  6. Illusion of Control (lots of things can go wrong) � 6

  7. Basil to the Rescue • Common policy language • Enforce policies before the fact • Make policies smarter (context aware) • Policy traceability / chain of integrity � 7

  8. Actual Control � 8

  9. Use Cases • Application security (via REST APIs) • Automation, e.g., using events such as webhooks • Development and operations (DevSecOps) • Hardware configuration security, e.g., using reverse SSH proxy tunneling • Policy-based information classification • Multi-level data encryption 9

  10. DevSecOps Use Case Machine-to-machine: Application stack or CI/CD Human-to-machine: Systems and environments � 10

  11. Unified Controls / Chain of Integrity � 11

  12. Before and After (DevOps -> DevSecOps) Before After Procedures / workflows Can’t be enforced Automatically enforced Accountability No guarantee Guaranteed Configurations Can be inconsistent Consistent Secrets Accessible, not secure Secure Run code without review Anyone can run code Review enforced Malicious acts Anyone can do damage Attacks prevented � 12

  13. Who Cares? � 13

  14. Technology • Distributed command and control • Control software, systems, data access • Policy programming language • Attribute based access control (ABAC) • Stateful or event-driven • Extendable plugin system • Blockchain data store • Pervasive use of cryptography • Operates under DoD D-DIL conditions 9

  15. Basil Scale-out Architecture � 15

  16. Example Basil Node Deployment � 16

  17. Basil at Scale 9

  18. Ron Herardian, ron@basilsecurity.com, +1 408 766 4487 mobile 13

Recommend

BASIL TRIALS BSIR, Birmingham, 2 November 2017 Introduction Professor Andrew Bradbury BASIL-2

BASIL TRIALS BSIR, Birmingham, 2 November 2017 Introduction Professor Andrew Bradbury BASIL-2

BASIL TRIALS BSIR, Birmingham, 2 November 2017 Introduction Professor Andrew Bradbury BASIL-2 and 3 Chief Investigator BASIL-1 Trial Still the only RCT! NIHR HTA funding 1998 Between 1999 and 2003 452 SLI patients randomised :

832 views • 41 slides
Westat Basil ACASI Using Basil for ACASI at Westat From custom to COTS G J Boris Allan, Peter

Westat Basil ACASI Using Basil for ACASI at Westat From custom to COTS G J Boris Allan, Peter

Westat Basil ACASI Using Basil for ACASI at Westat From custom to COTS G J Boris Allan, Peter Stegehuis, and Rick Dulaney IBUC, September 2013 Westat Basil ACASI Audio Computer-Assisted Self Interviewing (ACASI) is an important data

763 views • 25 slides
BASIL TRIALS Investigators Meeting, VSGBI, Manchester, 23 November 2017 Introduction

BASIL TRIALS Investigators Meeting, VSGBI, Manchester, 23 November 2017 Introduction

BASIL TRIALS Investigators Meeting, VSGBI, Manchester, 23 November 2017 Introduction Professor Andrew Bradbury BASIL-2 and 3 Chief Investigator BASIL-1 Trial Still the only RCT! NIHR HTA funding 1998 Between 1999 and 2003

800 views • 50 slides
Basil Grand Vert Mint Purple Basil Spicy Mint Basil Latino Persil

Basil Grand Vert Mint Purple Basil Spicy Mint Basil Latino Persil

Dill Coriander Basil Grand Vert Mint Purple Basil Spicy Mint Basil Latino Persil Chives Thyme Tomatoes Beef tomatoes Roma Q1 Tomatoes Roma Q2 Tomatoes Cherry Tomatoes Cherry Tomatoes

392 views • 12 slides
How Plants Help People Comenius A Recipe for 21st Century Life 2014 / 2015 March 2014 Basil

How Plants Help People Comenius A Recipe for 21st Century Life 2014 / 2015 March 2014 Basil

How Plants Help People Comenius A Recipe for 21st Century Life 2014 / 2015 March 2014 Basil Basil helps prevent diabetes Basil helps from bronchitis and asthma Basil seeds help to cure flu, fever and cold Rosemary Rosemary is the best herb

409 views • 11 slides
Impressions of Basil Impressions of Basil by Kathleen OReagan, Richard Frey and Karen

Impressions of Basil Impressions of Basil by Kathleen OReagan, Richard Frey and Karen

Impressions of Basil Impressions of Basil by Kathleen OReagan, Richard Frey and Karen Robbins Tracing Methods g Locate a participant using their location Locate a participant using their location information provided at Study

321 views • 7 slides
Basil Sharp and Sam Malafeh Energy Centre & Department of Economics The University of

Basil Sharp and Sam Malafeh Energy Centre & Department of Economics The University of

Basil Sharp and Sam Malafeh Energy Centre & Department of Economics The University of Auckland Outline Focus on electricity Policy Renewables Climate change Property rights RMA Economics Demand, supply

620 views • 18 slides
React Native Platform specific code Native Components Methods React Native provides two ways

React Native Platform specific code Native Components Methods React Native provides two ways

React Native Platform specific code Native Components Methods React Native provides two ways to easily organize your code and separate it by platform: Using the Platform module. Using platform-specific file extensions. Certain

455 views • 28 slides
SMUHSDs New Dress Code Evolution of the New Dress Code Policy Student representatives

SMUHSDs New Dress Code Evolution of the New Dress Code Policy Student representatives

SMUHSDs New Dress Code Evolution of the New Dress Code Policy Student representatives expressed concerns to the Board of Trustees about the inequitable dress code across District schools. Female students felt targeted for the way

191 views • 8 slides
Automated Generation of Platform-Variant Applications from Platform-Independent Models via

Automated Generation of Platform-Variant Applications from Platform-Independent Models via

Automated Generation of Platform-Variant Applications from Platform-Independent Models via Templates Nuno Amlio, Christian Glodt, Frederico Pinto, Pierre Kelsen University of Luxembourg Introduction Manual code development is expensive

243 views • 21 slides
Modeling Code (Platform) Integrated Groundwater/Surface Water Evapotranspiration Rain Model

Modeling Code (Platform) Integrated Groundwater/Surface Water Evapotranspiration Rain Model

Modeling Code (Platform) Integrated Groundwater/Surface Water Evapotranspiration Rain Model (IGSM) code Diversion A comprehensive numerical model that Agriculture simulates various components of the Return hydrologic cycle and their

354 views • 16 slides
Security and the .NET Framework Code Access Security Enforces security policy on code

Security and the .NET Framework Code Access Security Enforces security policy on code

Security and the .NET Framework Code Access Security Enforces security policy on code Regardless of user running the code Regardless of whether the code is in the same application with other code Other code can be more, less, or

695 views • 21 slides
Low-code, GraphQL, Serverless Platform 2019 IMCS June 2019 Courtney Robinson Founder & CEO

Low-code, GraphQL, Serverless Platform 2019 IMCS June 2019 Courtney Robinson Founder & CEO

Low-code, GraphQL, Serverless Platform 2019 IMCS June 2019 Courtney Robinson Founder & CEO of Hypi; Jack of all trades and worse PhD student everso lets skip the hard questions Hypi The Platform & business fluffy stuff The

483 views • 34 slides
80% of Code Red 2 Code Red 2 re-re- Code Red 1 and Code Red 2 Code Red 2 re- cleaned up

80% of Code Red 2 Code Red 2 re-re- Code Red 1 and Code Red 2 Code Red 2 re- cleaned up

Slammer s Bandwidth-Limited Growth 80% of Code Red 2 Code Red 2 re-re- Code Red 1 and Code Red 2 Code Red 2 re- cleaned up due to released Jan 2004 Nimda endemic dies off released with Oct. onset of Blaster (and 2005; not since

450 views • 34 slides
Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project

Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project

Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project Week 5/6 - February 10, 12, 17 1 Privacy Policy, Law and Technology Carnegie Mellon University Spring 2004 Lorrie Cranor

770 views • 38 slides
The Economics of The Economics of Maori Fishing Maori Fishing Basil Sharp Basil Sharp

The Economics of The Economics of Maori Fishing Maori Fishing Basil Sharp Basil Sharp

The Economics of The Economics of Maori Fishing Maori Fishing Basil Sharp Basil Sharp Department of Economics Department of Economics University of Auckland University of Auckland Introduction Introduction Rob McLeod ( Rob

504 views • 13 slides
Discovering and Ranking Web Services with BASIL: A Personalized Approach with Biased Focus James

Discovering and Ranking Web Services with BASIL: A Personalized Approach with Biased Focus James

Discovering and Ranking Web Services with BASIL: A Personalized Approach with Biased Focus James Caverlee , Ling Liu, and Daniel Rocco College of Computing Georgia Institute of Technology ICSOC 2004 Categorization-based Service Discovery

771 views • 28 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 23 March 2006 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

707 views • 69 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 10 March 2005 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

1.16k views • 94 slides
Key Point: The revised policy clarifies that the responsibility for decisions about code status is

Key Point: The revised policy clarifies that the responsibility for decisions about code status is

Resuscitation Orders: Upcoming Policy Changes Key Point: The revised policy clarifies that the responsibility for decisions about code status is shared between clinicians and patients or surrogate decision-makers. A patient (or authorized

528 views • 17 slides
Production Allocation Deployment, from Concept to Operation Author: Martin Basil, BSc, Chartered

Production Allocation Deployment, from Concept to Operation Author: Martin Basil, BSc, Chartered

North Sea Flow Measurement Workshop 22-24 October 2018, Ardoe House Hotel, Aberdeen Production Allocation Deployment, from Concept to Operation Author: Martin Basil, BSc, Chartered Engineer, Consultant, SOLV Limited Co-author: Fiona Tinnion,

374 views • 21 slides
Guidelines on Family Reunification NGO Platform EU Migration and Asylum Policy 19-20 May 2014

Guidelines on Family Reunification NGO Platform EU Migration and Asylum Policy 19-20 May 2014

Guidelines on Family Reunification NGO Platform EU Migration and Asylum Policy 19-20 May 2014 Brussels Communication from the Commission to the European Parliament and the Council on guidance for application of Directive 2003/86/EC on the

504 views • 31 slides
Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien,

Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien,

Platform-independent static binary code analysis using a meta- assembly language Thomas Dullien, Sebastian Porst zynamics GmbH CanSecWest 2009 Overview The REIL Language Abstract Interpretation MonoREIL Results 2 Motivation Bugs are

677 views • 52 slides
Introduction to Citation Management Software Basil Marti Thringer Universitts- und

Introduction to Citation Management Software Basil Marti Thringer Universitts- und

Introduction to Citation Management Software Basil Marti Thringer Universitts- und Landesbibliothek Jena January 2014 1 Content 1. Why citation management? 2. Program selection 3. Market overview / Introduction to EndNote 2

964 views • 50 slides

More recommend