Cross posting a talk I'll be giving at OWASP (Open Web Application Security Project) since it is all about cloud computing.
Desription: We'll be demonstrating how virtualized web app security controls (WAF, anti-DDoS, IDS/IPS, etc) can be "injected" into a cloud environment using service chains within a private clouds layer 2 networking using advanced software defined networking (SDN) tools. This allows controls to be seamlessly added/removed without changing any of the layer 3 networking (IP addresses or gateways). This is a presentation version of a lab I held at the OpenStack Summit and the O'Reilly Security Conference. The full lab is available on GitHub for those that want to dive in further.
Bio: John Studarus is an independent cloud security advisor bringing new cyber security products to market and helping companies overcome security and compliance issues moving into the cloud. He's a CISSP, SANS GSNA, AWS & OpenStack certified, and a graduate of UCSD and Carnegie Mellon University. In his free tie, he runs the San Diego OpenStack user group.
https://www.meetup.com/Open-Web-Application-Security-Project-San-Diego-OWASP-SD/events/237826814/
