Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Agenda

-
Day 1: Interactive Training with Envoy & ISTIO

In this session we’ll showcase a real-life deployment implementing Zero Trust Architecture, by deploying and describing the Platform One stack. This training will demonstrate how and why to use these tools to solve the challenges of security, observability, networking, and multi-cloud. We’ll walk through a real Platform One deployment showcasing the use of Istio, Kubernetes, and other tools to build in-app and user-level security permissions, encryption in transit, enhanced identity and access controls, and provide runtime observability required to achieve a zero trust platform in practice. Throughout, you’ll have experts in the room to answer questions.

Familiarity with KubernetesIstio or service mesh, and Platform One will be helpful for attendees.

Topics include:

Traffic management and resilient communication between services

Policy enforcement and rate limiting

Telemetry, monitoring, and reporting

Securing communication between microservices

Canary deployment

Secure compute and runtime controls with a service mesh

Cluster management

Deploying a service mesh across heterogeneous, multi-cloud enterprise environments

See More
-
Opening Remarks
Speaker(s)
Michaela Iorga

Dr. Michaela Iorga serves as senior security technical lead for cloud computing with the National Institute of Standards and Technology (NIST), Computer Security Division. She also leads the Open Security Controls Assessment Language (OSCAL) project and chairs the NIST Cloud Computing Public Security and Forensics Working Groups.

Zack Butcher

Zack works as a Founding Engineer at Tetrate and has helped in a variety of roles across the company - currently he’s Head of Product. At Tetrate he works with some of the largest enterprises in the world to adopt Envoy and Istio. Before Tetrate, Zack was one of the earliest engineers on the Istio project at Google, and currently sits in his second term as a community elected representative on the project’s Steering Committee.

-
Keynote: Zero Trust the Hard Way
Speaker(s)
  • Kelsey Hightower, Principal Engineer, Google
-
How to Use SASE and CASCE to Connect and Secure Distributed Applications and Users
Speaker(s)
Joe Skourpa

Joe Skorupa is a Distinguished VP Analyst on the Gartner for General Managers team where he advises senior leaders at technology and service providers. Mr. Skorupa covers strategic matters such as product plans, go-to-market/positioning, partnerships and M&A. Mr. Skorupa also advises end users on network architectures, and technology acquisition. His area of focus is disruptive market forces, whether technology, business model or broader geopolitical, economic or social factors.

-
Transitioning to Engineering-based Cybersecurity: SP 800-160 and Applying Design Principles to Develop Trustworthy Secure Systems
Speaker(s)
Ron Ross

Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include computer security, systems security engineering, trustworthy systems, and security risk management. Dr. Ross currently leads the NIST Systems Security Engineering Project which includes the development of standards and guidelines for the federal government, contractors, and United States critical infrastructure. 

-
Break
-
External Authorization: A Deep Dive on SP 800-204B (Attribute-based Access Control for Microservices-based Applications using a Service Mesh)
Speaker(s)
Zack Butcher

Zack works as a Founding Engineer at Tetrate and has helped in a variety of roles across the company - currently he’s Head of Product. At Tetrate he works with some of the largest enterprises in the world to adopt Envoy and Istio. Before Tetrate, Zack was one of the earliest engineers on the Istio project at Google, and currently sits in his second term as a community elected representative on the project’s Steering Committee.

-
SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh
Speaker(s)
Ramaswamy Chandramouli

Dr. Ramaswamy Chandramouli is a Senior Computer Scientist at the Computer Security Division at NIST for over 24 years. His publications span diverse areas such as RBAC, Model-based Security Testing, Smart Card Interface & Test Specifications, DNS & Email Security, ABAC, Security Guidance for Hypervisor, Container and Service Mesh deployments and DevSecOps. He is the co-author of 3 Technical books, 30 NIST publications, 37 peer-reviewed conference and journal publications. 

-
Platform One: Successes with Istio, DevSecOps, and ZTA
Speaker(s)
Gabriel Scarberry

A native of a rural town in southern West Virginia, Gabe Scarberry enlisted into the Air Force in 2003 into his career field of choice, Computer Networking and Cryptographic Systems. In August of 2020, Gabe transitioned to civilian life as a systems engineer with Platform One where he enables software factories for the Department of Defense providing combat capability to the warfighter. 

Christopher Rice

Christopher Rice is an Enterprise and IT Architect with over 15 years of leadership experience in designing innovative business solutions for private/public sector clients. He is currently working as a Solutions Architect at Red Hat. Working 19 years in the IT industry, he is highly skilled in advanced Linux concepts, cloud computing, automation, and virtualization.

-
Lunch
-
Lunch Time Breakout Rooms (Parallel Tracks)

Networking Rooms

Bring your lunch and discuss your concerns and aspirations around these new and emerging technologies with experts in each field.

Mesh and Runtime Security

Hosted By: Ignasi Barrera

DevSecOps

Hosted By: Adam Zwickey

Multi-Cloud Challenges (ZTA)

Hosted By: Zack Butcher

Continuous Assessment/Continuous ATO

Hosted By: Christopher Rice

NIST Movies Entertainment Room

Enjoy your lunch during a showing some Emmy-Award short movies. 

See More
-
Keynote: Leadership in Turbulent Times
Speaker(s)
  • André Mendes, Chief Information Officer, Department of Commerce
André Mendes

André Mendes was appointed Chief Information Officer for the Department of Commerce in August of 2019.There, he has overall responsibility and oversight of all technology systems at the United States Department of Commerce (DOC) and its associated Bureaus (FY2020 Budget $3.8B).Before, Mr. Mendes was responsible for all global technology platforms and systems for the International Trade Administration (ITA), the DOC bureau that manages global trade issues for the United States of America.

-
Continuous ATO with Open Security Controls Assessment Language (OSCAL)
Speaker(s)
Michaela Iorga

Dr. Michaela Iorga serves as senior security technical lead for cloud computing with the National Institute of Standards and Technology (NIST), Computer Security Division. She also leads the Open Security Controls Assessment Language (OSCAL) project and chairs the NIST Cloud Computing Public Security and Forensics Working Groups.

-
Break
-
Service Mesh as the Security Kernel for Zero Trust Platforms
Speaker(s)
Ignasi Barerra

Ignasi has been building hybrid and multi-cloud platforms for more than nine years. He is a long-term open source contributor. In 2015 he became a Member of the Apache Software Foundation, where he helps with community development activities and the promotion of open source. He joined Tetrate as a founding engineer. He works on service mesh with a special focus on multi-cloud security and the research of new access control technologies for large distributed systems.

-
BLOSS@M (Blockchain-based Secure Software Assets Management) & NGAC for Smart Contracts
Speaker(s)
Joshua Roberts

Joshua Roberts is a computer scientist at NIST.  He started as an intern in 2013 and has been working on NGAC ever since.  He is currently the lead engineer on NIST’s reference implementations and other NGAC focused projects.  Under a CRADA agreement with Tetrate, Josh has contributed to their NGAC implementation.

-
Panel: ZTA in Practice
Moderator(s)
Adam Zwickey

Adam is an engineering leader at Tetrate. Prior to Tetrate, Adam worked as a Field Principal for VMware’s Modern Application Platform business unit. His focus for nearly the past decade has been helping Global 2000 companies modernize their infrastructure platforms and adopt cloud native application architectures. In the past Adam has presented on service mesh and modern application development at various conferences such as SpringOne, KubeCon and NIST DevSecOps.

Speaker(s)
Aradhna Chetal

Aradhna serves as a Senior Director Executive- Cloud Security at TIAA, a financial services company, she is responsible for the cloud security vision, strategy, standards, security patterns for a multi-cloud hybrid enterprise and engineer security solutions to support the vision. She has worked in various Cybersecurity leadership roles at JP Morgan Chase, Boeing Company, Microsoft & T-Mobile.

Alex Schulman

Alex Shulman-Peleg, PhD, is a Managing Director leading the Cloud Cybersecurity consulting services of Ernst & Young in the Americas where she supports multiple clients in their secure enablement of public clouds and container technologies, addressing the involved risk, cybersecurity and regulatory requirements. She holds PhD, MSc and BSc degrees in Computer Science from Tel-Aviv University and has multiple patents and more than 30 scientific publications having thousands of citations.

  • Robert Wood, CISO, Centers for Medicare and Medicaid Serivces, HHS
Robert Wood

Robert Wood is the Chief Information Security Officer (CISO) for the Centers for Medicare and Medicaid Services (CMS). He leads enterprise cyber security, compliance, privacy, and counter intelligence functions at CMS and ensures the Agency complies with secure IT requirements while encouraging innovation. Prior to CMS, Mr. Wood built and managed several security programs in the technology sector, and was formerly a Principal Consultant for Cigital. 

Vishwas Manral

Vishwas is the head of CNAPP and Chief Technologist at McAfee Enterprise + FireEye. He joined McAfee Enterprise when his company NanoSec was acquired in 2019. He is also the founder of Ionos Networks and LiveReach Media. He is also a co-Chair of Serverless Security at CSA and has led multiple efforts on creating technologies, having authored over 30 requests for comments (RFC) and standards in the networking and security space, including such technologies as IPsec and DVPN.

Quint Van Deman

Quint Van Deman is a Principal within the Office of the CISO, AWS Security. In this role, he increases the scope and impact of the AWS CISO externally through customer executive engagement and outreach, guiding secure cloud adoption patterns, practices, and culture. Internally, he focuses on providing influence and guidance to AWS service teams as they solve customer security challenges and uphold AWS security standards. 

-
Closing Remarks
Speaker(s)
Matthew Scholl headshot

Matthew Scholl is the Chief of the Computer Security Division in the Information Technology Laboratory at the National Institute of Standards and Technology (NIST). His responsibilities include cryptographic standards used by the U.S. Government and internationally, Cybersecurity Research and Development at NIST, and Cybersecurity Standards and Guidelines for Federal Agency Security Programs.