Decorating Multi-Cloud Security Notifications

Spring 2021
Cloud Security Notification Framework (CSNF) is an open source cloud security reporting system that has the support of most of the CSPs. CSNF defines common definitions and syntax of cloud security events/alerts and alarms.  CSNF “decorator” these security events/logs etc so they can be ingested by a large number of tools to drive  new dashboards so security teams may assess their multi-cloud security posture. The CSNF decorator provides translation and log enrichment services to increase multi cloud security visibility and reduce SecOps toil. Its use cases are in security data lakes, SIEM and SOAR (Security Orchestration and Automated Response) security infrastructure. In this session, you will learn about CSNF and see the first CSNF decorator demonstration so you can start your own CSNF journey.
Speakers:

John Willis is an experienced IT management professional with over 40 years of experience. He is currently conducting research on DevOps, DevSecOps, IT risk, modern governance, and audit compliance, as well as Generative AI. In the past, he has held various positions such as Senior Director at RedHat, VP at Docker Inc., Founder of Socketplane (which was later sold to Docker) and Enstratius (which was later sold to Dell), and VP at Opscode. He also founded Gulf Breeze Software, an award-winning IBM business partner specializing in Tivoli technology deployment.

John Willis is also an accomplished author, having written six IBM Redbooks on enterprise systems management and four books for IT Revolution, including the DevOps Handbook and Deming’s Journey to Profound Knowledge. He is working on his latest book, The Operational History of Generative AI.

Security leader focused on making multi-cloud environments a safer place. Enables new and untried technologies, running proof of concepts and designing secure configurations that enable the business to leverage new technology safely. Ensures that the security vision is consistently executed across all phases of the software lifecycle. Promotes patterns for security automation that leverage policy as code to scale security across multiple Cloud’s. Contributor to the open source community.

 

Janet Van is a Product Manager at IBM Cloud and owns the IBM Cloud Security and Compliance Center product. The Security and Compliance Center focuses on providing unified visibility across IBM Cloud and its partners as a cloud security posture management tool for central security and compliance management. Her role as the product focal is to own the product life cycle management across teams (development, design, research, tech sales, support, marketing, etc) and to set the long-term vision, priorities and strategic roadmap for the offering. Alongside, she is also driving overall user experience and quality in the offering and managing the go-to-market activities. Previously, she started her technology career as a software developer within CIO at IBM. During her time within the CIO, she deepened her roles in technical delivery in product offerings supporting IAM and MFA security infrastructure at an enterprise level, globally within IBM. With each new role, she has always strived to explore and broaden her passion working across business and organizations to deliver and improve product and customer experience. Outside of work, Janet is a dog-mom who who enjoys spending time with her heeler pups and hiking state parks across North America.

Related events