I’m back from last week’s road show, where I was fortunate to meet & mingle with the local communities of Boston and New York. I’m back at it next week in Austin, which will close out this portion of our BeyondCorp road show. I’ll dedicate a newsletter issue to all the meaningful conversations I’ve had visiting a few local communities once I have time to digest. For this week, I want to cover the panel discussion we held in San Francisco a couple weeks ago featuring Marc Rogers from CloudFlare, Patrick Albert from AppDynamics, and Ryan Seekely from Quid.
This week’s newsletter will be brief, as I’m on the road hosting our Boston and New York Meetups. If you’re local and haven’t RSVP’d yet, be sure to do so! As you may know, we held a special event in SF last week, bringing together a panel of experts in the space to discuss their experiences with BeyondCorp in their roles as infrastructure and security leaders. Joining me on stage was Marc Rogers from CloudFlare, Patrick Albert from AppDynamics, and Ryan Seekely from Quid.
As you may know from reading this newsletter, we’ve been taking BeyondCorp on the road, hosting Meetups in cities across the country. It’s been great to see such a high level of interest and intrigue at every stop, and I’ve learned a lot about what people are looking for in a new security model. The road show continues next week in Boston and New York, but first, we have a special event in San Francisco tomorrow.
We brought our BeyondCorp road show to Seattle last week, and I have to say, it was our best one yet! That’s not meant to diminish any other Meetups we’ve held, but rather to reinforce that people all over really care about this, and are curious about the community developments. It was our first event in a new city – a city I haven’t visited in nearly 10 years – yet we managed to pack the room with security practitioners eager to share their thoughts, and discuss what they were working on at their own companies.
As I get closer to 40 (or 10 if you count by my actual birthday), my Monday mornings are usually fueled by lots of coffee, taking an hour or two to get into work mode. I did not have that luxury yesterday, as I awoke to a lively Hacker News thread discussing BeyondCorp. Not surprising, much of the conversation focused on the real world viability outside of Google. Readers of this newsletter know that is a topic near and dear to my heart; an essential milestone to making BeyondCorp a real movement.
We kicked off the BeyondCorp road show in SF last week with a fantastic turnout. A few regulars showed up, but it mostly new faces who were curious as to how the community is taking shape. It’s great to see the interest levels continue to rise as more people look to BeyondCorp as the right security architecture for the cloud. To start the evening, Paul Querna, CTO and co-founder of ScaleFT, shared his off-the-record journey to BeyondCorp.
Well, 2018 sure started out with a bang in the security world! While Meltdown and Spectre are vulnerabilities out of scope with an enterprise security framework like BeyondCorp, there is something to be said for how quickly and effectively the major cloud providers and OS vendors responded. As it turns out, automated environments are not only key for speed, but also security. We often see those forces oppose each other, but in the modern cloud era, they can be fully aligned.
It’s been an action packed couple of weeks approaching the end of the year. After a busy AWS re:Invent in Las Vegas, I ventured to Austin last week to hang with the container crowd at KubeCon. As expected, it was a strong showing of open source community leaders. Unexpected, however, was the snow! I sponsored the first KubeCon with my previous company just a few years ago, and have watched the event grow from a couple hundred people in a room in SF to over 4,000 in a convention center in Austin.
I missed last week’s newsletter, courtesy of being in Vegas for not one, but two concurrent conferences – Gartner IAM Summit and AWS re:Invent. A lot of action between the two, but our most noteworthy activity was hosting a live viewing of Andy Jassy’s main keynote in a Venetian Suite. I’ve been to every re:Invent since 2012 (aka all of them), and have found that the keynote is better watched in comfort rather than squeezing in with the masses that early in the morning.
I had the honor of presenting about BeyondCorp and Zero Trust at the Portland ISSA meeting last week. It’s a topic that has come up amongst the members, and they wanted to hear more about what I’ve learned from speaking with those working on their own implementations. You can view the slides from my talk on Slideshare. Overall, the talk was well received, and the feedback consistent with what I’ve heard from so many – clearly a better architecture than traditional perimeter-based security architectures, but is it feasible?