Hadoop and distributed data projects are popping up quickly. Is there anything new here that needs attention beyond the traditional relational database security controls? What are the risks and technology challenges that come with this new technology?
The security configuration information right now is scattered, inconsistent and confusing. This presentation will clarify the fear and confusion around the terminology and features of Hadoop.
You will see that there are very few new concerns, they are just turning up in new and interesting places. We will discuss encryption at rest, program-to-program authentication and the challenges that come with really large data sets.
Be ready for Hadoop and the accompanying tools with a checklist of security controls and pointers to quality free and commercial tools.
- You can build a Hadoop security baseline
- You can verify Hadoop encryption and SSL/TLS use.
- You can expand current policy to encompass Hadoop.
About Robert Sullivan
Bob Sullivan is a security program leader and instructor. After programming for years in C, C++ and Java he started his career in IT Security.
Last year Bob had the chance to update security tools during a build pipeline upgrade. Bob has contributed to the OWASP WebGoat and Zed Attack Proxy (ZAP) projects. He has good experience in all phases of the software development lifecycle and most of the security domains.
He’s been educated at Wisconsin/Madison and St. Thomas/St. Paul and holds CISM, CISA, CISSP and CCSP certifications.