Latest COVID-19 Information for Purdue University

The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Aaron Shafer - NBC Universal

Students: Fall 2021, unless noted otherwise, sessions will be virtual on Zoom.

Securing SaaS, a Practitioner’s Guide

Sep 15, 2021

Download: Video Icon MP4 Video Size: 518.1MB  
Watch on Youtube Watch on YouTube

Abstract


In this session we will talk about applying appropriate security controls to Software as a Service (SaaS) offerings. While it may seem like the SaaS vendors have most of the responsibility for securing these platforms, there are still a number of threats that customers need to worry about themselves.

During the session we will walk through various types of SaaS solutions, including a few new surprising categories, and will then talk about the nuances of the Shared Responsibility Model (SRM). We will dive into how to assess the threats to our data, users, and connected systems related to the deployment of SaaS solutions by taking a Threat Modeling approach to the problem. Once we’ve compiled our list of risks we will then talk through practical counter measures that can be implemented to mitigate or reduce risk. The session will then wrap up with a discussion of some existing security tooling that can be considered to further strengthen the defenses around these SaaS solutions today.


About the Speaker

Aaron Shafer

Aaron is Vice President & Information Security Officer for NBCUniversal’s Direct-to-Consumer business unit which includes Fandango, Vudu and the company’s new streaming service Peacock.

Aaron has over 20 years of extensive experience in software engineering, architecture, design, network and application security. He has spent the past 12 years in various Cyber Security roles where he has led projects in industries including media, defense, energy, and financial services. He has a bachelor of science from Monmouth University where he studied Computer Science and a Masters in Software Engineering from Penn State.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!