Decorating Multi-Cloud Security Notifications

Spring 2021
Cloud Security Notification Framework (CSNF) is an open source cloud security reporting system that has the support of most of the CSPs. CSNF defines common definitions and syntax of cloud security events/alerts and alarms.  CSNF “decorator” these security events/logs etc so they can be ingested by a large number of tools to drive  new dashboards so security teams may assess their multi-cloud security posture. The CSNF decorator provides translation and log enrichment services to increase multi cloud security visibility and reduce SecOps toil. Its use cases are in security data lakes, SIEM and SOAR (Security Orchestration and Automated Response) security infrastructure. In this session, you will learn about CSNF and see the first CSNF decorator demonstration so you can start your own CSNF journey.

John Willis is currently  a Distinguished Researcher at Kosli. He is researching DevOps, DevSecOps, IT risk, modern governance, and audit compliance

Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Chef and Canonical. John was one of the earliest cloud evangelists and is considered one of the founders of the DevOps movement. John is the author of 7 IBM Redbooks. He is also the co-author of the “DevOps Handbook” and “Beyond the Phoenix Project” along with author Gene Kim.

Security leader focused on making multi-cloud environments a safer place. Enables new and untried technologies, running proof of concepts and designing secure configurations that enable the business to leverage new technology safely. Ensures that the security vision is consistently executed across all phases of the software lifecycle. Promotes patterns for security automation that leverage policy as code to scale security across multiple Cloud’s. Contributor to the open source community.


Janet Van is a Product Manager at IBM Cloud and owns the IBM Cloud Security and Compliance Center product. The Security and Compliance Center focuses on providing unified visibility across IBM Cloud and its partners as a cloud security posture management tool for central security and compliance management. Her role as the product focal is to own the product life cycle management across teams (development, design, research, tech sales, support, marketing, etc) and to set the long-term vision, priorities and strategic roadmap for the offering. Alongside, she is also driving overall user experience and quality in the offering and managing the go-to-market activities. Previously, she started her technology career as a software developer within CIO at IBM. During her time within the CIO, she deepened her roles in technical delivery in product offerings supporting IAM and MFA security infrastructure at an enterprise level, globally within IBM. With each new role, she has always strived to explore and broaden her passion working across business and organizations to deliver and improve product and customer experience. Outside of work, Janet is a dog-mom who who enjoys spending time with her heeler pups and hiking state parks across North America.

Related events