Content from The Boring Security Talk now available

In September I presented The Boring Security Talk at DDD Melbourne, NDC Sydney and the Melbourne Cloud and Datacenter Meetup.

This talk was an ambitious talk and I was attempting to cover a wide range of topics that are not commonly discussed. I really enjoyed putting the talk together and presenting it to everyone.

The NDC session was longer than DDD Melbourne, with some additional content around why items like CI/CD, DNS, Email and package security are so important. There are also some more detailed examples and descriptions.

You can find the slides here:

At the end of the talk, I also provided links to three great resources if you wanted more information:

I want to thank everyone who attended and provided feedback to me afterwards. I also want to congratulate the organisers and volunteers who helped run such great events!

Upcoming Conferences

I'm excited to announce that I'll be presenting a new talk, “The Boring Security Talk” at both DDD Melbourne and NDC Sydney in September.

Don’t let the name fool you, the session will cover how you can protect some of the often-overlooked aspects of your organisation’s security! I'll be talking about dependencies, email, DNS and CI/CD. I'm putting together a session that should interest developers, operations and security teams.

Tickets to DDD Melbourne have already sold out, but tickets are still available to NDC Sydney.

I look forward to seeing everyone at DDD and NDC!

 I'm speaking at NDC Sydney

I'm speaking at NDC Sydney

Presentation: Secure Azure Deployment Patterns

It was a wonderful experience to present at the Azure Global Bootcamp in Melbourne this year. This year I spoke about possible methods or patterns for securing Azure resources. This is an extremely board topic, though I focused on App Services, Virtual Network Endpoints and ARM templates.

You can find the PowerPoint slides to download here or view them via SlideShare.

Azure Automation and DevSecOps Presentation Content

I have had a number of speaking opportunities over the last 2 months, and after each one, I have promised that I would post the slides up here. So, without further ado, you can find the slides for each of the following sessions:

I want to thank all of those who attended, your interest and your questions make all of the challenging work worthwhile. I also want to thank all of the organisers, without your work there simply wouldn’t be any conference for me to present at.

My next presentation will be my Ransomware 0, Admins 1 at Experts Live Australia on the 6th of April.


Readify Dev Breakfast WA

Infrastructure Saturday 2017

CrikeyCon 2017

Presentation: Azure Automation invades your data centre

I recently had the pleasure to present on Azure Automation and hybrid workers to the Melbourne Azure Group. I really want to thank all of those who attended, Chris Padgett for inviting me to present and Microsoft for the use of their facilities.

My presentation, Azure Automation invades your data centre, covered off the ins and outs of Azure Automation and extending its reach to your own data centre with hybrid workers. I also spoke about using web hooks and the Azure Automation Authoring Toolkit.

If you haven’t looked at Azure Automation or hybrid workers, I thoroughly recommend that go and take a look. There are a number of excellent resources out there for you to make a start, including:

You can find the runbooks I used in my presentation up on GitHub, https://github.com/poshsecurity/PoshSecurityAzureAutomation and you can download the slides or view them with SlideShare here.

Kieran Jacobsen