Videos

Getting Better and Faster Information with Oracle ERP Cloud

7 months ago
Hear how Oracle ERP Cloud is being used by companies across multiple industries as a complete, robust, and agile solution, putting faster and more reliable information at users’ fingertips to inform decisions and drive value.
Towards Measured Boot Out of the Box by Matthew Garrett, CoreOS

Towards Measured Boot Out of the Box by Matthew Garrett, CoreOS

11 months ago
Towards Measured Boot Out of the Box – Matthew Garrett, CoreOS The technology to support measured boot has existed for over a decade, but no mainstream Linux distribution provides it out of the box. Now that we know people are attacking not only the boot chain but the system firmware itself, that’s not good enough. […]
The State of Kernel Self Protection Project by Kees Cook, Google

The State of Kernel Self Protection Project by Kees Cook, Google

11 months ago
The State of Kernel Self Protection Project – Kees Cook, Google Last year the Kernel Self-Protection Project was kicked off to address gaps in Linux’s defensive technologies. With Linux reaching into every corner of modern life, it becomes an ever-increasing target for attackers and much more needs to be done to harden the kernel so […]
Minijail: Running Untrusted Programs Safely by Jorge Lucangeli Obes, Google

Minijail: Running Untrusted Programs Safely by Jorge Lucangeli Obes, Google

11 months ago
Minijail: Running Untrusted Programs Safely – Jorge Lucangeli Obes, Google The Linux kernel provides several sandboxing, containment and privilege-dropping features. Many of these features provide the same functionality, while others compose nicely to create de-privileged running environments for executing untrusted code. In this talk we’ll describe Minijail, a sandboxing and containment tool initially developed for […]
Securing Filesystem Images for Unprivileged Containers by James Bottomley, IBM

Securing Filesystem Images for Unprivileged Containers by James Bottomley, IBM

11 months ago
Securing Filesystem Images for Unprivileged Containers – James Bottomley, IBM User Namespaces are an essential tool of container security because they allow apparently privileged (root) execution within a container, while the executing entity is really unprivileged as the host (linux kernel) sees it. Unfortunately, the current cost of using user namespaces is that filesystem writes […]
AMD x86 Memory Encryption Technologies by David Kaplan, AMD

AMD x86 Memory Encryption Technologies by David Kaplan, AMD

11 months ago
AMD x86 Memory Encryption Technologies – David Kaplan, AMD This presentation will introduce the audience to two new x86 security technologies developed by AMD which utilize new memory encryption hardware to provide new security enhancements. The first feature, Secure Memory Encryption (SME), is designed to protect systems from physical access attacks by encrypting some or […]
Current State of Kernel Audit and Linux Namespaces, Looking Ahead to Containers

Current State of Kernel Audit and Linux Namespaces, Looking Ahead to Containers

11 months ago
Current State of Kernel Audit and Linux Namespaces, Looking Ahead to Containers – Richard Guy Briggs, Red Hat Namespaces have been around since the mount namespace was introduced over a decade ago and audit was introduced a couple of years later. Since then, audit’s relationship with namespaces has evolved to restrict everything to PID and […]
TPM by Jarkko Sakkinen, Intel

TPM by Jarkko Sakkinen, Intel

11 months ago
TPM – Jarkko Sakkinen, Intel About Jarkko Sakkinen Software Engineer, Intel Corp.
Integrity by Mimi Zohar

Integrity by Mimi Zohar

11 months ago
Integrity – Mimi Zohar About Mimi Zohar Software Engineer, IBM
Smack in 2016 by Casey Schaufler, The Smack Project

Smack in 2016 by Casey Schaufler, The Smack Project

11 months ago
Smack in 2016 – Casey Schaufler, The Smack Project Smack in 2016 – The annual Smack update. An overview of the changes to Smack in the past year. About Casey Schaufler Casey Schaufler started programming Unix kernels at the end of the 1970’s, when megabytes were for disc drives and C was still written in […]
On the Way to Safe Containers by Stephane Graber, Canonical

On the Way to Safe Containers by Stephane Graber, Canonical

11 months ago
On the Way to Safe Containers – Stephane Graber, Canonical LXC and now LXD are both container managers with a focus on providing a VM-like, system container experience to their users. Our users therefore expect to be able to do the same things they would in a VM and to have an environment that’s by […]
Design and Implementation of a Security Architecture for Critical Infrastructure

Design and Implementation of a Security Architecture for Critical Infrastructure

11 months ago
Design and Implementation of a Security Architecture for Critical Infrastructure Industrial Control Systems in the Era of Nation State Cyber Warfare – David Safford, GE GE electrical generation and distribution systems provide over 50% of all electrical power used in the world. GE is also a major supplier of critical components in aviation, transportation, and […]