© Mapbox, © OpenStreetMap

Speaker

Karl Ots

Karl Ots

Head of Cloud Security at EPAM | Author of Azure Security Handbook | RD & MVP

Zürich, Switzerland

Karl Ots is a cloud and cybersecurity expert, as well as international speaker and trainer, with a broad range of deep Azure expertise. He believes that secure cloud technologies are the key to successful digital transformation. He applies his passion as Head of Cloud Security at EPAM Systems.

Karl has been working with Microsoft Azure since 2011 in a variety of forums ranging from large projects to speaking at largest tech conferences, such as Microsoft Ignite. Karl is a Microsoft Certified Trainer (MCT) and a Certified Information Systems Security Professional (CISSP). He is the author of Azure Security Handbook.

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Cloud Security

Master the unknown: protect yourself against zero-day cloud vulnerabilities

Congratulations, you've achieved a high level of cloud security maturity and now know how to protect yourself against misconfigurations and manage the ever-present security drift.

But how do you protect against what’s truly unknown, such as Microsoft’s Azure cloud OMIGOD and Amazon Web Service’s SuperGlue vulnerabilities affecting the cloud service provider itself? This is your next challenge in cloud security.

In this session, you will learn through real-life examples about how to assess and protect yourself against cloud service provider vulnerabilities. Specifically, I will walk through 3 distinct examples of recent cloud provider vulnerabilities.

I will provide the audience the tools and mindset on how to evaluate future cloud provider vulnerabilities and rapidly protect yourself against them.

Top public cloud security fails and how to avoid them

Based on hands-on experiences from a large number of cloud application development projects, Karl has compiled a list of top 5 key security pitfalls that are common across all application types and team sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.

Top pitfalls of Microsoft Azure security and how to avoid them

Did you know that contrary to popular belief, the most common cloud security threats are not outside attacks, but rather misconfigurations? To fully secure public cloud platforms, we need to understand them deeply. This requires both upskilling existing information security office with cloud expertise and shifting the way security responsibilities are spread across the organization.

I have assessed the security hundreds of solutions built on the Microsoft Azure cloud and found that there are some key security pitfalls that are common across all industry verticals and company sizes. In this session, I will share what these security pitfalls are, why do they matter and how to mitigate them.

Cloud security predictions for the post-pandemic world

Cloud computing is perhaps the largest information technology megatrend of this decade. Furthermore, the global disruptions of the COVID-19 pandemic proved that the hyperscale cloud providers can answer the most unpredictable demand thrown at them.

As demonstrated with the Solorigate supply-chain attacks, taming the beast of cloud security with traditional methods can seem overwhelming. The answer is what I like to call cloud native security.

Based on real-life experiences from implementing cloud security programs in some of the largest enterprises in the world, I will present my top cloud security predictions that make sense for the current cybersecurity climate, your business and your developers.

Lessons learned from enterprise cloud security programs

In the on-premises world, cybersecurity risks were limited to your organization’s network perimeter. In the era of cloud computing, both the impact and likelihood of potential risks are significantly higher. With the corresponding rise of DevOps methodology, security is now the responsibility of everyone who are part of the application development lifecycle, not just security specialists. In this session, I will present my findings on methods and processes to build the cloud security framework that make sense for both your business and your developers. The session is based on real-life experiences from implementing cloud security programs in some of the largest enterprises in the world.

DDD North 2022

December 2022 Kingston upon Hull, United Kingdom

KCDC 2022

August 2022 Kansas City, Missouri, United States

IglooConf 2022: Midsummer

June 2022 Helsinki, Finland

DevSum 2022

May 2022 Stockholm, Sweden

Microsoft Azure + AI Conference Spring 2022

April 2022 Las Vegas, Nevada, United States

Security BSides Dublin 2022

March 2022 Dublin, Ireland

DDD 2021

November 2021 Reading, United Kingdom

Automation + DevOps Summit

November 2021 Nashville, Tennessee, United States

KCDC 2021

September 2021 Kansas City, Missouri, United States

India Cloud Security Summit , 2021

August 2021

Azure Lowlands

January 2021

DDD 2020

December 2020

Experts Live Switzerland 2020

September 2020 Bern, Switzerland

Microsoft Techdays 2020

March 2020 Helsinki, Finland

IglooConf 2020

January 2020 Helsinki, Finland

CloudBrew 2019 - A two-day Microsoft Azure event

December 2019 Mechelen, Belgium

ITCamp 2019

June 2019 Cluj-Napoca, Romania

Techorama Belgium 2019

May 2019 Antwerpen, Belgium

Microsoft Techdays 2019

February 2019 Helsinki, Finland

IglooConf 2019

January 2019 Helsinki, Finland

Update Conference Prague 2018

November 2018 Prague, Czechia

CloudBrew 2018 - A two-day Microsoft Azure event

October 2018 Mechelen, Belgium

Intelligent Cloud Conference 2018

May 2018 Copenhagen, Denmark

Azure Saturday 2018

May 2018 Munich, Germany

TechDays Finland 2018

Navigating in the sea of containers in Azure: when to choose which service and why?

March 2018 Helsinki, Finland

TechDays Sweden 2017

Monitoring advanced Azure PaaS workloads in the enterprise - Level: 200

October 2017 Stockholm, Sweden

TechDays Netherlands 2017

Building globally scalable media solutions with Azure Media Services

October 2017 Amsterdam, Netherlands

Karl Ots

Head of Cloud Security at EPAM | Author of Azure Security Handbook | RD & MVP

Zürich, Switzerland