BeyondCorp Weekly 13
Ivan Dwyer - March 28, 2017
As promised last week, I have videos to share. First, I will shamelessly plug my own talk during the BeyondCorpSF Meetup held at Heavybit Industries earlier this month. The key theme was how Zero Trust is changing our notion of Identity & Access, and what this means from a broader market perspective. Have a watch. http://www.heavybit.com/library/blog/beyondcorp-meetup-google-security-for-everyone-else/ For a more technical deep dive, Evan Gilman and Doug Barth gave a talk about network design at last week’s SREcon.
BeyondCorp Weekly 12
Ivan Dwyer - March 21, 2017
The video from last week’s BeyondCorpSF Meetup is still in post-production, so it’ll be in next week’s newsletter. Until then, I wanted to take a brief moment to share a thought on the community. It was only a few month ago that BeyondCorp was only barely known outside of Google as a couple of research papers. Now it’s capturing the attention of IT & Security professionals from all sorts of organizations across the globe.
BeyondCorp Weekly 11
Ivan Dwyer - March 14, 2017
Last week was the Google Cloud Next conference in San Francisco, which just by eyeballing, I’d say was 10x the size as it was last year. They are clearly investing heavily into their Cloud business, making a strong play for the Enterprise. As mentioned in last week’s newsletter, Google has hinted about commercializing components of BeyondCorp, which they now have with their Cloud Identity-Aware Proxy. It’s my view that this is part of their play in the Identity governance space more than anything, competing with Microsoft and Active Directory.
BeyondCorp Weekly 10
Ivan Dwyer - March 7, 2017
This week is the Google Cloud Next conference, which has grown in scope substantially since last year. While the focus is certainly centered on their cloud computing services, there may be some talk of BeyondCorp as they’ve continued to promote their security posture – internally and externally. They’ve hinted at commercializing components of the BeyondCorp architecture to drive enterprises to Google Cloud and G Suite during recent events, but to what degree remains to be seen.
BeyondCorp Weekly 9
Ivan Dwyer - February 28, 2017
To say that last week was an eventful one in the InfoSec world would be quite the understatement. I mean who could have thought that a verified SHA-1 collision would be the second biggest news item of the day! Without getting too into it (and assuming I don’t need to tell you what happened with CloudFlare), building software at web scale is hard. Troy Hunt said it best in his article, Pragmatic thoughts on #CloudBleed - “Even the best has bugs and whilst we should continue striving to improve it, we’ve also come to expect that it will occasionally go wrong in spectacular fashion.
BeyondCorp Weekly 8
Ivan Dwyer - February 22, 2017
This past week, SF was dominated by the RSA Conference, where thousands of security professionals were met by hundreds of vendors. As mentioned in last week’s newsletter, I chose to spend most of my time at a nearby Google Cloud event, which was more focused and personal than anything found at the main conference. I wrote up a quick blog post about the event, highlighting the Identity & Access panel that took place with members of ScaleFT, Duo, Okta, and Ping.
BeyondCorp Weekly 7
Ivan Dwyer - February 14, 2017
It’s RSA week here in San Francisco (and Valentine’s Day), which means surge pricing is in full effect. To fully grasp the scope of the conference, check out the website OneLogin built just to track all the RSA parties. Kudos to anyone who attempts to make an appearance at all of these. My original intention was to spend the first day of RSA at the Cloud Security Alliance Summit, but by the time I arrived at 9:30, they weren’t letting anyone else in.
BeyondCorp Weekly 6
Ivan Dwyer - February 7, 2017
Good morning everyone, or I should say boa tarde as I write this newsletter from Sao Paulo, Brazil. As promised from last week, I wrote a more expansive post on the Usenix Enigma conference - Closing the Gap Between Security and Usability. It was a top-notch event all around, capped off with the second BeyondCorpSF Happy Hour that brought together a solid group of folks eager to share their own thoughts on the future of Zero Trust security architectures.
BeyondCorp Weekly 5
Ivan Dwyer - January 31, 2017
Good morning. I’m here at the Usenix Enigma conference in Oakland, which has brought together a strong and diverse set of folks across academia and business. It’s been very informative so far, with two more full days of sessions to go. A key theme throughout has been how best to present security best practices to people in a usable and encouraging way. On that topic, there was a great fireside chat between Parisa Tabriz from Google and Alex Stamos from Facebook.
BeyondCorp Weekly 4
Ivan Dwyer - January 24, 2017
If you recall from last week, Google released a detailed whitepaper about their infrastructure security. Expanding on the topic, I wrote up another post to talk about their practices in context of BeyondCorp – Google’s Infrastructure Security Design Revealed. I’d be interested in hearing your take, so feel free to drop me a note. Now it goes without saying that it’s been an interesting week of news. Staying on track because we all have work to do, here’s another handful of relevant articles that caught my attention this week.
