Karl Ots
Head of Cloud Security at EPAM | LinkedIn Instructor and Apress Author
New York City, New York, United States
Actions
Karl Ots is a cloud security leader and author with over 15 years of experience in the technology industry. He is the Head of Cloud Security at EPAM Systems, a global engineering and consulting company, where he leads a team of experts in delivering secure and compliant cloud solutions for Fortune 500 clients across various industries. He has been using and advocating for open source technologies for over 15 years, and covers open source technologies in his Linkedin Learning courses as an instructor.
He is also a prolific author, speaker, and inventor, with publications and awards in the field of cloud and cybersecurity. He holds the community awards for Microsoft Regional Director and Security MVP, as well as the CISSP, CCSP and SABSA SCF certifications.
Badges
Area of Expertise
Topics
Objection! AI Security Mistakes on Trial with Kubeflow and Confidential Computing
Enter the courtroom of cloud-native justice, where the most pressing AI security mistakes are put on trial. From exposed sensitive data to flawed model training and insecure pipelines, the prosecution will lay bare the vulnerabilities threatening AI deployments. But don’t worry—Kubeflow, confidential computing, and other powerful open source projects will take the stand to defend your AI infrastructure. Learn how these technologies work together to enforce robust security guardrails, protect sensitive data, ensure compliance, and mitigate the risks that come with AI operations. This session blends technical depth with courtroom drama to help you identify, understand, and address common AI security mistakes, so you can build secure, scalable AI pipelines with confidence. Join us for a verdict that ensures the protection of your AI workloads!
Kubernetes Security Theatre: How To Get to Drama-Free Deployments
Step into the world of Kubernetes and cloud-native security, where things are not always as they seem. Join us for a theatrical exploration of security theatre – the art of creating an illusion of security in enterprise environments. This session is set to be a dramatic play, where we cast ourselves in the roles of a vigilant enterprise security officer and a savvy Kubernetes practitioner, uncovering the superficial measures that often masquerade as true security.
In this performance, we'll navigate the complex script of enterprise security protocols, distinguishing between mere stage props and the actual, effective security practices. Watch as we demystify the common plot twists in cloud-native security, moving beyond the script to ensure genuine protection.
By the final curtain call, you'll have a deeper understanding of what true security entails in the Kubernetes world, leaving behind the facade of security theatre.
Top 10 Azure security tips from 10 years of securing Azure applications
In the last 10 years, Azure has become one of the most popular cloud platforms for businesses and organizations of all sizes. As the platform has evolved, so has the threat landscape. To understand the present cloud security landscape and predict the future, let's take a trip down the memory lane!
In this session, we will discuss how Azure's security controls have evolved over time. Throughout the session, I will share best practices for securing your Azure infrastructure, applications, and data, so that you can build an architecture that stands the test of time.
Securing Azure Open AI apps in the Enterprise
With the last year bringing us real hands-on experience with Azure OpenAI, and the announcement of OpenAI’s ChatGPT Enterprise. it's time to look at how to properly secure Open AI services in Azure.
In this session, we explore the core security controls for securing usage of OpenAI’s services in an enterprise environment. We cover what controls are available, which are missing, what is their effective coverage, and how to implement them.
Walking out of the session, you will be able to identify and implement security controls that make sense for your organization. You will also be able to identify what is missing and how to mitigate those gaps.
Master the unknown: protect yourself against zero-day cloud vulnerabilities
Congratulations, you've achieved a high level of cloud security maturity and now know how to protect yourself against misconfigurations and manage the ever-present security drift.
But how do you protect against what’s truly unknown, such as Microsoft’s Azure cloud OMIGOD and Amazon Web Service’s SuperGlue vulnerabilities affecting the cloud service provider itself? This is your next challenge in cloud security.
In this session, you will learn through real-life examples about how to assess and protect yourself against cloud service provider vulnerabilities. Specifically, I will walk through 3 distinct examples of recent cloud provider vulnerabilities.
I will provide the audience the tools and mindset on how to evaluate future cloud provider vulnerabilities and rapidly protect yourself against them.
Top pitfalls of Microsoft Azure security and how to avoid them
Did you know that contrary to popular belief, the most common cloud security threats are not outside attacks, but rather misconfigurations? To fully secure public cloud platforms, we need to understand them deeply. This requires both upskilling existing information security office with cloud expertise and shifting the way security responsibilities are spread across the organization.
I have assessed the security hundreds of solutions built on the Microsoft Azure cloud and found that there are some key security pitfalls that are common across all industry verticals and company sizes. In this session, I will share what these security pitfalls are, why do they matter and how to mitigate them.
Lessons learned from enterprise cloud security programs
In the on-premises world, cybersecurity risks were limited to your organization’s network perimeter. In the era of cloud computing, both the impact and likelihood of potential risks are significantly higher. With the corresponding rise of DevOps methodology, security is now the responsibility of everyone who are part of the application development lifecycle, not just security specialists. In this session, I will present my findings on methods and processes to build the cloud security framework that make sense for both your business and your developers. The session is based on real-life experiences from implementing cloud security programs in some of the largest enterprises in the world.
DDD North 2022 Sessionize Event
KCDC 2022 Sessionize Event
IglooConf 2022: Midsummer Sessionize Event
DevSum 2022 Sessionize Event
Global Azure 2022 Sessionize Event
Microsoft Azure + AI Conference Spring 2022 Sessionize Event
Security BSides Dublin 2022 Sessionize Event
DDD 2021 Sessionize Event
Automation + DevOps Summit Sessionize Event
KCDC 2021 Sessionize Event
India Cloud Security Summit , 2021 Sessionize Event
Azure Lowlands Sessionize Event
DDD 2020 Sessionize Event
Experts Live Switzerland 2020 Sessionize Event
Microsoft Techdays 2020 Sessionize Event
IglooConf 2020 Sessionize Event
CloudBrew 2019 - A two-day Microsoft Azure event Sessionize Event
ITCamp 2019 Sessionize Event
Techorama Belgium 2019 Sessionize Event
IglooConf 2019 Sessionize Event
Update Conference Prague 2018 Sessionize Event
CloudBrew 2018 - A two-day Microsoft Azure event Sessionize Event
Intelligent Cloud Conference 2018 Sessionize Event
Azure Saturday 2018 Sessionize Event
TechDays Finland 2018
Navigating in the sea of containers in Azure: when to choose which service and why?
CloudBrew 2017 - A full-day Microsoft Azure event Sessionize Event
TechDays Sweden 2017
Monitoring advanced Azure PaaS workloads in the enterprise - Level: 200
TechDays Netherlands 2017
Building globally scalable media solutions with Azure Media Services
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top