Rhett Greenhagen and Rob Ragan to Give Opening Keynote Presentation at CanSecWest

Date & Time: March 18-20, 2020, 12:00PM - 1:00PM
Location: Sheraton Wall Centre Hotel, Vancouver, British Columbia, Canada
Speaker: Rob Ragan and Rhett Greenhagen

Bishop Fox's own Rob Ragan, Principal Security Researcher, and Rhett Greenhagen, Senior Security Associate, will be delivering the opening keynote presentation at CanSecWest 2020.

In their keynote “Funneling Trust: Designing Better Database Access” Rob and Rhett will demonstrate how to protect data in Amazon Web Services (AWS) for engineers that are new to cloud security, the latest techniques, and the ever-changing features and functionality of AWS.

CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. CanSecWest gives preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices.

Download the Presentation

See more details on the presentation below.

Funneling Trust: Designing Better Database Access


The features and functionality of AWS are always changing. Seeing demonstrations of how to protect data will help engineers new to cloud security understand the latest techniques.


As modern applications collect larger datasets, the task of protecting the integrity and confidentiality of our records also increases in complexity. Protecting that data starts with considering its classification and building security zone modeling into the architecture to establish and secure trust boundaries.

Let’s examine the do’s and don’ts of cloud-based preventative controls to better understand what can go wrong and what will help engineers correct those wrongs. Security design patterns and anti-patterns for IAM, infrastructure hardening, encryption, and tokenization should all be factored into security requirements during design and then properly evaluated once in implementation. If the high availability (five-nines) of data access in large-scale applications is also a priority, consider exploring DoS protection.

By building smart to limit the points of interaction between users, the application, and the database, we can maintain our security objectives even as our datasets scale. Examples in this talk will come from AWS and other cloud integrations for securing sensitive data.
Topics:Speaking Engagements


Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com


Subscribe to Updates