Loading…
June 26-27, 2024 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
← Back to schedule
Network ACLs Made Easy: Establishing Zero Trust Network Policies in a Few Clicks - Juno Im & Yonghwi Jin, Theori
Thursday June 27, 2024 11:50am - 12:25pm PDT
443
Achieving comprehensive Zero Trust through user/RBAC authentication alone is challenging. Realizing full zero trust often requires network-level access controls, complicating access management across authentication and network ACLs while adhering to least privilege principles. Manually managing numerous ACLs is extremely daunting for security teams, especially in high-traffic environments where network activity makes maintaining proper access controls difficult. We will share a case study on leveraging AWS VPC Flow Logs and Terraform to automate security group configuration without third-party solutions. We demonstrate how to analyze historical network traffic data using a few lines of Rust code to establish and maintain network ACLs. Furthermore, we showcase optimizations to AWS-related Terraform workflows for much faster application of security groups. All tools and scripts developed for this workflow will be released as open-source software.
Speakers
avatar for Juno Im

Juno Im

Mr., Theori
Juno is a staff researcher at XINT. He has 6 years of experience in the cyber security field, brings a expertise in Cloud Security Consulting, Penetration Testing, Security Assessment. Having discovered vulnerabilities for major tech companies like Samsung, Google, Apple, and AWS... Read More →
avatar for Yonghwi Jin

Yonghwi Jin

Staff Researcher, Theori
Yonghwi Jin is a staff researcher in Theori. He is mainly interested in static analysis, DevSecOps automation.
Network ACLs Made Easy Establishing Zero Trust Network Policies in a Few Clicks pdf
Thursday June 27, 2024 11:50am - 12:25pm PDT
443
  IAM + Multi-tenancy + Network Security
  • Content Experience Level Advanced
  • Presentation Slides Attached Yes
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link