July 20–24, 2015
Portland, OR

Creating a community around cybersecurity best practices

Alan Robertson (Assimilation Systems Limited)
4:10pm–4:50pm Thursday, 07/23/2015
Protect D139/140
Average rating: ***..
(3.50, 2 ratings)
Slides:   1-PDF 

Prerequisite Knowledge

An appreciation of why security is important, and a general idea of how application and platform configuration can affect security.

Description

The cybersecurity community has difficulties working together around breaches, out of legitimate legal and public relations concerns. However, there are fewer difficulties in sharing best practices, but limited support for such activities. This is unsurprising given the inherently sensitive nature of computer security, and the level of paranoia which is inherent in the security world.

The open source Assimilation Project continually collects security-related system and application configuration information; implements a framework for scalably evaluating system and application configurations against best practices in near-real-time; and has experience in creating communities. Our next phase of work involves curating and implementing best practice evaluations, with our keenest interest in best practices for security.

This talk provides a brief overview of basic capabilities of the Assimilation Project, and details our efforts to extend our community to include and embrace a wide variety of security experts. This is so that, as we work together to document best practices, they are translated into code and become available not only as written practices, but also as code. As a result, our community can use the open source Assimilation Project software to ensure that these practices are followed in their data centers, creating a safer world for us all.

Photo of Alan Robertson

Alan Robertson

Assimilation Systems Limited

Alan Robertson founded the Assimilation Project in 2011, which he currently leads. He also founded the highly successful High-Availability Linux (Linux-HA) project in 1998 and led the project for 10 years. Today many people know this industry-leading software as Pacemaker. Alan worked for Bell Labs for 21 years, worked for SuSE for a year, then joined IBM in March 2001, performing a variety of roles mostly associated with Linux and open source. In 2013, he took the plunge to work full-time on the Assimilation Project via Assimilation Systems Limited. Alan is a frequent speaker at open source, Linux, and Unix conferences around the world.