[Owasp-dallas] Tune in to Austin OWASP Chapter meeting tomorrow Remotely!
david.hughes at owasp.org
Mon Sep 23 15:32:47 UTC 2013
OWASP Austin September Chapter Meeting- September 24th
*Title:* Bridging the gap between development cloud networks and our
corporate identity management strategy. Oh and adding
visibility/credibility to our IT shop.
*Abstract:* As I began my new job at Bazaarvoice a year or so ago I
started to notice some shifty authentication mechanisms within our cloud
deployed internal tools. Tools used by our developers and implementation
engineers to carry out their day-to-day jobs. Authentication mechanisms
ranged from none to CIDR but had no real security behind them. Knowing
that simply pointing out this risk would not be enough to enact change,
I began to work with our Systems Administrator on a possible solution to
use our enterprise directory as an identity provider. We immediately
realized that since our cloud environment has absolutely no visibility
into our corporate network -- for obvious reasons -- we had a tougher
What followed was a series of iterations on a proof of concept to stand
up a federated authentication mechanism. One that would scale could be
easily configured and would take up little management time.
This abstract hints at the eventual solution, come hear all about how we
solved this issue and raised awareness and visibility of our corporate
*Presenters:* Jay Paz, Staff Security Engineer Justine Reneau, Senior
*When:* Tuesday, September 24th from 11:30am to 1:00pm
*Webinar Registration Link:*https://www3.gotomeeting.com/register/433937510
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Dallas