PaaS makes developers (and possibly operations) lives much easier. But what are the security implications of migrating to PaaS? Does PaaS lead to more secure code? What about a more secure deployment? In principal yes, but what are the realities? How many unicorns do you get and just what’s in that pot at the end of the rainbow and what can you do with what you find?
- What to consider when selecting a PaaS solution
- What your responsibilites are when using a PaaS
- How to most effectively deploy an application securely with PaaS
About David Mortman

David Mortman is the Chief Security Architect for Dell Enstratius and a Contributing Analyst at Securosis. Most recently he was the Director of Security and Operations for C3, LLC. Formerly the Chief Information Security Officer for Siebel Systems, Inc., David and his team were responsible for Siebel’s worldwide IT security infrastructure, both internal and external and worked closely with the product groups and the company’s physical security team and led up the product security and privacy efforts. Previously, Mr. Mortman was Manager of IT Security at Network Associates. Before that, Mortman was a Security Engineer for Swiss Bank. Mr. Mortman is a regular speaker at RSA, Blackhat and Defcon. In the past year, he has presented at RSA, Secure360, Sector, Blackhat and Defcon. Mr. Mortman sits on a variety of advisory boards including Qualys, Lookout and Virtuosi amongst others. He holds a BS in Chemistry from the University of Chicago.