[svlug-announce] SVLUG Sept. 14th meeting: Lars Kurth on Xen-Based Technologies, and Best Practices for Managing Security Vulnerabilities

Rick Moen rick at linuxmafia.com
Tue Sep 12 05:59:49 PDT 2017


WHEN:

Thursday, September 14th, 2017
7 - 8:30pm


   This is the second of _two_ September meetings.  


MAIN PRESENTATION

TOPIC: Xen-Based Technologies, and Best Practices for Managing Security
Vulnerabilities 

PRESENTED BY: Lars Kurth

TOPIC SUMMARY:

A blend of two talks. 

1. We'll cover how the largest production clouds came together through
Xen Project to develop an industry-leading open source security process
to manage software vulnerabilities effectively, how those vendors
collaborated to stop cloud reboots through Live Patching, and how
security and CPU vendors collaborated to protect against 0-day
vulnerabilities and advanced persistent threats using hardware-assisted
virtual machine introspection.  Finally, we'll also detail how you can
use tools such as CVE Details to assess how secure one open source
technology is relative to another, so you don't have to rely solely on
security stories from the technology press. 

The talk will cover how these technologies work, limitations and
challenges remaining, and how they are used in practice, with Xen
Project-based product and installation examples.  We'll also describe how
these technologies affect software vulnerability management processes
and system administrators. 

2. Hypervisors were once seen as purely cloud and server technologies,
but have slowly seeped into embedded space, providing extra layers of
security.  This discussion will showcase how companies from security
vendors to automotive are using open source hypervisors (particularly
Xen Project) to secure embedded systems, what challenges they face, and
how they have overcome it.  We'll also explore what this might mean to
IoT at large, and how to get started securing your embedded system with
a hypervisor-first approach.

ABOUT THE PRESENTER:

Lars Kurth (https://uk.linkedin.com/in/larskurth) is a highly effective,
passionate community manager with strong experience working with open
source communities (Symbian, Symbian DevCo, Eclipse, GNU) and currently
community manager for the Xen Project.  Lars has 9 years' experience
building and leading engineering teams, and a track record of executing
several change programs, affecting 1000 users.  Lars has 20 years'
industry experience in the tools and mobile sector, working at ARM,
Symbian Ltd, Symbian Foundation and Nokia.  He has strong analytical,
communication, influencing, and presentation skills, good knowledge of
marketing and product management and extensive background in C/C++,
Java, and software development practices that he learned working as
community manager, product manager, chief architect, engineering
manager, and software developer.

LOCATION:

 Cavium cafeteria
 2315 N 1st St. (corner of Charcut Ave.)
 north San Jose

 Directions on how to get there are listed at:
 http://www.svlug.org/directions/cavium.php    <--- maps here!

We've tried our very best for these directions to be accurate.
If you have any improvements to make, please let SVLUG's volunteers
know!  webmaster at svlug.org


POST-MEETING GATHERING (if you want):

La Victoria Taqueria, 1415 N 4th St. near Gish Road, San Jose.
Go south 0.7 miles on N. 1st St. under US-101, then turn half-left
onto Matrix Blvd., in 0.3 miles a slight right onto N. 4th Street,
0.5 miles to La Victoria on your right just before Gish Road.


We look forward to seeing you there!





More information about the svlug-announce mailing list