Michele Leroux Bustamante
President at Solliance, Cloud / Security Architect, Microsoft RD
San Diego, California, United States
Actions
Michele Leroux Bustamante is President and co-founder at Solliance (solliance.net), co-founder of PolicyServer (a Solliance Product), a Cloud / Microservices and Security architect, and a Microsoft Regional Director since 2003. Michele is recognized in many fields including software architecture and design, identity and access management, cloud and microservices architectures, security and compliance, and DevOps. During the past 25 years, Michele has held senior executive positions at several organizations, assembled and led high performing teams, and drove delivery and customer success at scale. Michele provides technical and business leadership at Solliance - and shares learnings through workshops, presentations and keynotes. Michele has been published regularly during her entire career including the best-selling book ''Learning WCF'' (O'Reilly 2007) and Developing Microsoft Azure Solutions 2nd Ed. (MS Press 2017). @michelebusta
Links
Area of Expertise
Topics
You are not excused! How to avoid security blind spots on the way to production.
We live in an ever evolving landscape for cyber threats creating security risk for your production systems. Mitigating these risks requires participation throughout all stages from development through production delivery - and by every role including architects, developers QA and DevOps engineers, product owners and leadership. No one is excused! This session will cover examples of common mistakes or missed opportunities that can lead to vulnerabilities in production - and ways to do better throughout the development lifecycle.
Delivering on Identity Solutions - practical guidance and pitfalls to avoid
Identity is a critical part to any solution - whether that solution is deployed on premises or to a cloud provider. The challenge most organizations have is lack of deep expertise with identity protocols, authentication techniques and standards, associated use cases and solution design, user management and user self-service lifecycles and the recommended best practices and necessary threat modeling to deliver a solution to production. Even when using a hosted identity provider, you are not excused from understanding how applications integrate with that provider and participate in the holistic solution, and you typically also need to build significant custom work around the user lifecycle which should also follow recommended best practices that aren’t always obvious. In this session, Michele will share recommended best practices for identity solution design and delivery, drawing examples from experience with actual customer solutions with varying requirements. The goal is to educate you on common and practical ways to approach the identity solution design while adhering to recommended best practices. You’ll get an overview of critical protocol flows, the evolving preference for SPA / BFF patterns for application integration, the challenges that arise when you let identity become “too custom” and how this impacts your choice of identity platform framework or vendor.
Securing Azure Resources for Enterprise Solutions
Delivering solutions to Azure may involve a variety of architecture patterns involving Azure resources. This session will walk you through a number of real world solutions and in doing so discuss security best practices for the overall solution in Azure including how to handle securing critical Azure resources. While covering several reference architectures for Azure solutions, this session will review best practices for securing Azure resources within a solution including SQL PaaS or Cosmos data back-ends; messaging with Service Bus, Event Hubs, and Event Grid; Key Vault; Storage; Azure Container Registry; and applications deployed with app services, containers or Azure Kubernetes Service (AKS). In addition to covering security related to specific Azure resources, the session will cover network security practices and using private link endpoints. The goal is to give you a breadth of understanding as to typical security requirements to meet compliance and security controls in an enterprise solution.
Afternoon Keynote: You Are Not Excused! How to Avoid Security Blind Spots
We live in an ever evolving landscape for cyber threats creating security risk for your production systems. Mitigating these risks requires participation throughout all stages from development through production delivery - and by every role including architects, developers QA and DevOps engineers, product owners and leadership. No one is excused! This keynote will cover common mistakes or missed opportunities that lead to vulnerability in production, and ways to do better.
Delivering Secure Enterprise Azure Solutions - in a day
This workshop will explore how to deliver secure enterprise solutions to Azure while sharing real world experiences that cover topologies from simpler architectures, to more complex architectures involving hybrid cloud and on premise solutions. Drawing from diverse experiences helping customers deliver and operate Azure production solutions, Michele and Jim will take you through a journey through a series of Azure solution architecture blueprints and best practices including how to select the appropriate Azure resources for compute and hosting, API delivery, networking and routing, data storage and messaging - while also covering how to best secure those resources, and ensure they are designed for high availability and disaster recovery. The goal of the workshop is to help you understand the best use of Azure resources, how to secure them appropriately, and understand the challenges that enterprises may face while planning for Azure delivery.
Security Tips for Azure Enterprise Solutions
Delivering solutions to Azure may involve a variety of architecture patterns involving your applications, APIs data and associated Azure resources that comprise the solution. This session will use reference architectures to illustrate the security considerations to protect your Azure resources and data, how to achieve Zero Trust, and why it matters. Topics covered will include specific security recommendations for types Azure resources and related network security practices. The goal is to give you a breadth of understanding as to typical security requirements to meet compliance and security controls in an enterprise solution.
Michele Leroux Bustamante
President at Solliance, Cloud / Security Architect, Microsoft RD
San Diego, California, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top