November 2024 Event: What are configurations anyway? And the wild ways of doing them wrong.
Configuring software can be a complex and often misunderstood task. After working with numerous organizations and an array of technology stacks, one thing is clear: Configuring is hard—not only because server software is intricate, but also due to the various configuration formats and the often confusing locations where these configurations reside.
Join us for this eye-opening session as we dive deep into configuration files and explore the most unintuitive ways configurations are applied. We’ll discuss how overlooked or poorly understood configurations can lead to security risks, with a focus on dangerous defaults that can open up vulnerabilities. Whether you’re a systems admin, a developer, or a security professional, this talk will help you avoid common configuration pitfalls and elevate your software’s security.
Key Topics Covered Will Include:
Why configuring software is more difficult than it seems
Common mistakes and pitfalls in software configuration
Understanding configuration formats and where they reside
The role of configurations in enforcing security controls
Dangerous default settings to watch out for
Why Attend?
Practical Insights: Learn about the most common configuration errors and how to avoid them.
Security Awareness: Discover how misconfigurations can expose your systems to vulnerabilities and what you can do to mitigate these risks.
Real-World Examples: Hear about the wildest and most unintuitive configuration practices that can serve as lessons for your own tech stack.
Actionable Takeaways: Walk away with concrete strategies to improve your configuration management and security posture.
Speaker Biography:
Dr. Albert Heinle is on a mission to combat the global rise in data breaches and misconfigurations. As the co-founder and Chief Technology Officer of CoGuard, Albert brings extensive knowledge to the topic of software configurations. He was also recognized by the OpenAI Cybersecurity Grant Program, a prestigious initiative aimed at enhancing defensive cybersecurity capabilities with AI. He previously held development positions at FLIR Systems, Inc., Aeryon Labs, and Sortable. Dr. Heinle earned his Ph.D. in Computer Science from the University of Waterloo, specializing in Symbolic Computation.
This event promises to raise awareness on an often-overlooked topic: how to configure software correctly and securely. Don’t miss the opportunity to learn from real-world examples and ensure your systems are not at risk due to configuration issues.
Agenda:
5:30 - 6:00 | In-person Networking
5:55 - 6:00 | Virtual Session Starts
6:00 - 6:15 | ISSA Chapter Business
6:15 - 7:00 | Presentation
7:00 - 8:00 | Food & Refreshments