Armon Dadgar

Zero Trust Security by Armon Dadgar

Zero trust security is predicated on securing everything based on trusted identities. Machine authentication and authorization, machine-to-machine access, human authentication and authorization, and human-to-machine access are the four foundational categories for identity-driven controls and zero trust security. The transition from traditional on-premises datacenters and environments to dynamic, cloud infrastructure is complex and introduces new challenges for enterprise security.

This shift requires a different approach to security, a different trust model. One that trusts nothing and authenticates and authorizes everything. Because of the highly dynamic environment, organizations talk about a "zero trust" approach to cloud security. What does “zero trust” actually mean and what’s required for you to make it successful?

Attend this session and you’ll learn from Armon Dadgar, HashiCorp founder and CTO how your organization can enable scalable, dynamic security across clouds.

Talk Questions

      
  • Question 114
    How do you prevent Vault from being your single point of failure in your platform, or become a performance bottleneck
  • Question 110
    What's the setup (device, app) you used for the presentation?
  • Question 111
    how donyou managae the Vault credentials to manage DB credentials? (chicken and egg problem)
  • Question 112
    Using temporally credentials is a great aproach, but how do you deal with a 'man in the middle' like attack? Even if you take measures, can we say we achive 100% secure?
  • Question 113
    Aren't we shifting our walls from ouro network to hashicorp system? If the attacker gained access to it we're doomed.
  • Question 115
    within you example, if an attacker would hack the webserver they would still be able to read all information they want. How can we protect against this scenario?
  • Question 117
    How are the credentials that Vault uses to connect to a database protected? Does Vault rotate its own credentials on a regular basis?
  • Question 89
    Do you have plans to launch HCP version of Nomad?