Presented by:

A350830bcc7ba1b7727f97f30ab04853

Michael McKeirnan

from Deja vu Security

Michael is currently a Security Consultant working at Deja vu Security in Seattle. By day he's a mild-mannered hacker, consulting for startups and fortune 100 companies alike by identifying complex weaknesses in everything from web apps, to server BMCs, to hypervisors. But by night, he takes to the streets as a rogue developer creating security tools that have been described as "fine, I guess" by experts in the field.

Have you ever wanted to know how a pentester thinks your ...whatever is supposed to be deployed to the Internet securely? Come find out! We'll discuss a variety of Linux-focused deployment techniques designed to reduce attack surface and enhance the overall security of your deployment. Specific attention will be given to containerized deployments such as docker and runc, fully virtualized deployments using KVM/qemu, and fascinating hybrids between them such as runq. We'll also cover some best practices for hardening deployment Linux boxes such as implementing mandatory access control and using the magic of system call filtering to reduce the exposure inherent to running that ancient PHP application the sales team still needs for some reason. We'll wrap up with a quick chat about threat modeling; after all your ultimate goal is to deploy your thing - not build cyber Fort Knox. The ultimate goal? Learn to determine for yourself which set of technologies you need to run your shiny new python application, or REST API, or wordpress, or whatever else - and still be confident you won't get a bad case of the Kremlins on your server.

Date:
2019 April 28 - 13:45
Duration:
45 min
Room:
CC-235
Conference:
LinuxFest Northwest 2019
Language:
Track:
Security
Difficulty:
Medium

Happening at the same time:

  1. Monitoring PostgreSQL - Part 1
  2. Start Time:
    2019 April 28 13:45

    Room:
    HC-103 Postgres

  3. "Just don't buy it"
  4. Start Time:
    2019 April 28 13:45

    Room:
    G-103

  5. ByStar Autonomous Content Collaborative-Authorship, Generation, Publication, and Distribution Software And Services
  6. Start Time:
    2019 April 28 13:45

    Room:
    CC-236

  7. Linux Gaming - The Dark Ages, Today, And Beyond
  8. Start Time:
    2019 April 28 13:45

    Room:
    HC-108

  9. Automation with Node-RED
  10. Start Time:
    2019 April 28 13:45

    Room:
    CC-208

  11. Linux Timestamps: Where have all the files gone, long-time passing?
  12. Start Time:
    2019 April 28 13:45

    Room:
    CC-200

  13. OpenZFS: Best Filesystem for every OS
  14. Start Time:
    2019 April 28 13:45

    Room:
    HC-104 Jupiter

  15. Deploying Your ...Whatever More Securely With Linux
  16. Start Time:
    2019 April 28 13:45

    Room:
    CC-235

  17. sudo apt install Happiness
  18. Start Time:
    2019 April 28 13:45

    Room:
    CC-115

  19. Evolution of Wireless Testing with Linux
  20. Start Time:
    2019 April 28 13:45

    Room:
    CC-114