Deploying Your ...Whatever More Securely With Linux
The lazy human's guide to publishing without getting owned
Presented by:

Michael McKeirnan
Michael is currently a Security Consultant working at Deja vu Security in Seattle. By day he's a mild-mannered hacker, consulting for startups and fortune 100 companies alike by identifying complex weaknesses in everything from web apps, to server BMCs, to hypervisors. But by night, he takes to the streets as a rogue developer creating security tools that have been described as "fine, I guess" by experts in the field.
Have you ever wanted to know how a pentester thinks your ...whatever is supposed to be deployed to the Internet securely? Come find out! We'll discuss a variety of Linux-focused deployment techniques designed to reduce attack surface and enhance the overall security of your deployment. Specific attention will be given to containerized deployments such as docker and runc, fully virtualized deployments using KVM/qemu, and fascinating hybrids between them such as runq. We'll also cover some best practices for hardening deployment Linux boxes such as implementing mandatory access control and using the magic of system call filtering to reduce the exposure inherent to running that ancient PHP application the sales team still needs for some reason. We'll wrap up with a quick chat about threat modeling; after all your ultimate goal is to deploy your thing - not build cyber Fort Knox. The ultimate goal? Learn to determine for yourself which set of technologies you need to run your shiny new python application, or REST API, or wordpress, or whatever else - and still be confident you won't get a bad case of the Kremlins on your server.
- Date:
- 2019 April 28 - 13:45
- Duration:
- 45 min
- Room:
- CC-235
- Conference:
- LinuxFest Northwest 2019
- Language:
- Track:
- Security
- Difficulty:
- Medium
- Monitoring PostgreSQL - Part 1
- Start Time:
- 2019 April 28 13:45
- Room:
- HC-103 Postgres
- "Just don't buy it"
- Start Time:
- 2019 April 28 13:45
- Room:
- G-103
- ByStar Autonomous Content Collaborative-Authorship, Generation, Publication, and Distribution Software And Services
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-236
- Linux Gaming - The Dark Ages, Today, And Beyond
- Start Time:
- 2019 April 28 13:45
- Room:
- HC-108
- Automation with Node-RED
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-208
- Linux Timestamps: Where have all the files gone, long-time passing?
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-200
- OpenZFS: Best Filesystem for every OS
- Start Time:
- 2019 April 28 13:45
- Room:
- HC-104 Jupiter
- Deploying Your ...Whatever More Securely With Linux
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-235
- sudo apt install Happiness
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-115
- Evolution of Wireless Testing with Linux
- Start Time:
- 2019 April 28 13:45
- Room:
- CC-114