Karl Ots

Information & Communications Technology

Azure Cloud DevOps Microsoft Technologies Information Security Azure Security Cloud Security Cloud App Security Cloud Native Security azure paas security Cloud Security Architecture Container Security cyber security

Zürich, Zurich, Switzerland

Karl Ots

Microsoft Regional Director & Azure MVP | Head of Cloud Security at EPAM | Author of Azure Security Handbook

Karl Ots is a cloud and cybersecurity expert, as well as international speaker and trainer, with a broad range of deep Azure expertise. He believes that secure cloud technologies are the key to successful digital transformation. He applies his passion as Head of Cloud Security at EPAM Systems.

Karl has been working with Microsoft Azure since 2011 in a variety of forums ranging from large projects to speaking at largest tech conferences, such as Microsoft Ignite. Karl is a Microsoft Certified Trainer (MCT) and a Certified Information Systems Security Professional (CISSP). He is the author of Azure Security Handbook.

Current sessions

Top public cloud security fails and how to avoid them

Based on hands-on experiences from a large number of cloud application development projects, Karl has compiled a list of top 5 key security pitfalls that are common across all application types and team sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.


Mastering Azure Security

The cloud computing model is ready to mature from the experiments of early adopters and to become the mainstream computing platform of established enterprises. But with over 600 services, hundreds of announcements every year and lack of skilled workforce, taming the beast of cloud security with a traditional approach can seem overwhelming.
Based on a decade of real-life experience securing enterprise applications running on Microsoft Azure, this workshop will get you from "zero to hero" in Azure Security.

This workshop is split into 4 modules: Azure Security Foundations, Access Control in Azure, Azure Key Vault and Azure security best practices.

Learning Objectives
At the end of this session participants will be able to remediate the presented risks by implementing the most effective controls and procedures for securing their Azure environment .
At the end of this session participants will be able to implement identity and encryption controls, as well as Azure Key Vault.
At the end of this session participants will be able to design secure access control solutions for your Azure applications.


Top pitfalls of Microsoft Azure security and how to avoid them

Did you know that contrary to popular belief, the most common cloud security threats are not outside attacks, but rather misconfigurations? To fully secure public cloud platforms, we need to understand them deeply. This requires both upskilling existing information security office with cloud expertise and shifting the way security responsibilities are spread across the organization.

I have assessed the security hundreds of solutions built on the Microsoft Azure cloud and found that there are some key security pitfalls that are common across all industry verticals and company sizes. In this session, I will share what these security pitfalls are, why do they matter and how to mitigate them.


Best practices of building an Azure security policy for the enterprise

The plethora of security controls and guidelines for Azure infrastructure and applications can be overwhelming. In this session, we will present the methodology and processes on how to build the cloud application development security policy that makes sense for your business.

Based on real-life experiences from securing enterprise applications running on Azure for over a decade, I have compiled a list of best practices that will elevate your security posture to the next level.

After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.


Cloud security predictions for the post-pandemic world

Cloud computing is perhaps the largest information technology megatrend of this decade. Furthermore, the global disruptions of the COVID-19 pandemic proved that the hyperscale cloud providers can answer the most unpredictable demand thrown at them.

As demonstrated with the Solorigate supply-chain attacks, taming the beast of cloud security with traditional methods can seem overwhelming. The answer is what I like to call cloud native security.

Based on real-life experiences from implementing cloud security programs in some of the largest enterprises in the world, I will present my top cloud security predictions that make sense for the current cybersecurity climate, your business and your developers.


Lessons learned from enterprise cloud security programs

In the on-premises world, cybersecurity risks were limited to your organization’s network perimeter. In the era of cloud computing, both the impact and likelihood of potential risks are significantly higher. With the corresponding rise of DevOps methodology, security is now the responsibility of everyone who are part of the application development lifecycle, not just security specialists. In this session, I will present my findings on methods and processes to build the cloud security framework that make sense for both your business and your developers. The session is based on real-life experiences from implementing cloud security programs in some of the largest enterprises in the world.


Past and future events

Global Azure Bootcamp Switzerland 2022

9 May 2022
Bern, Switzerland

DDD 2021

27 Nov 2021
Reading, England, United Kingdom

Automation + DevOps Summit

15 Nov - 17 Nov 2021
Nashville, Tennessee, United States

KCDC 2021

15 Sep - 17 Sep 2021
Kansas City, Missouri, United States

India Cloud Security Summit , 2021

27 Aug 2021

Azure Lowlands

28 Jan 2021

DDD 2020

12 Dec 2020

Experts Live Switzerland 2020

29 Sep 2020
Bern, Switzerland

Microsoft Techdays 2020

4 Mar - 5 Mar 2020
Helsinki, Uusimaa, Finland

IglooConf 2020

15 Jan - 16 Jan 2020
Helsinki, Uusimaa, Finland

CloudBrew 2019 - A two-day Microsoft Azure event

12 Dec - 13 Dec 2019
Mechelen, Flanders, Belgium

ITCamp 2019

5 Jun - 6 Jun 2019
Cluj-Napoca, Cluj, Romania

Techorama Belgium 2019

19 May - 21 May 2019
Antwerpen, Flanders, Belgium

Microsoft Techdays 2019

27 Feb - 28 Feb 2019
Helsinki, Uusimaa, Finland

IglooConf 2019

16 Jan - 17 Jan 2019
Helsinki, Uusimaa, Finland

Update Conference Prague 2018

21 Nov - 22 Nov 2018
Prague, Hlavní město Praha, Czechia

CloudBrew 2018 - A two-day Microsoft Azure event

11 Oct - 12 Oct 2018
Mechelen, Flanders, Belgium

Intelligent Cloud Conference 2018

28 May - 29 May 2018
Copenhagen, Capital Region, Denmark

Azure Saturday 2018

25 May 2018
Munich, Bavaria, Germany

TechDays Finland 2018

Navigating in the sea of containers in Azure: when to choose which service and why?
21 Mar - 22 Mar 2018
Helsinki, Uusimaa, Finland

CloudBrew 2017 - A full-day Microsoft Azure event

24 Nov 2017

TechDays Sweden 2017

Monitoring advanced Azure PaaS workloads in the enterprise - Level: 200
25 Oct - 26 Oct 2017
Stockholm, Sweden

TechDays Netherlands 2017

Building globally scalable media solutions with Azure Media Services
12 Oct - 13 Oct 2017
Amsterdam, North Holland, Netherlands