Eric Chiang Security Engineer, Google
Eric is an Engineer on Google’s Enterprise Infrastructure Protection team, where he builds systems to scale internal security processes. He’s previously worked on Linux fleet security at Google, upstream Kubernetes, and Cloud authentication systems.
Discussion: Detection & Response Block
This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.
Hosted panel discussion and Q&A.
Talk: The road to BeyondCorp is paved with good intentions
Talks will be streamed on YouTube and Twitch for free.
The Zero Trust mandate is nigh and with it, debates of industry readiness, product pitches, and the question as old as time: what is a BeyondCorp? Is it time to re-architect our infrastructure from the ground up or start buying the latest security tools?
BeyondCorp is Google’s initial implementation of a zero trust architecture, and is still the guiding star for many organizations. In a zero trust architecture, every request to access an application is a policy decision, based on the user, device, and application. The BeyondCorp whitepapers explain what Google built, and some of the organizational challenges, but don’t lay out a step by step guide to getting there, or how you know you’re on the right track.
In this talk, Maya and Eric will fill in the gaps. They will provide insight into BeyondCorp fundamentals, including requirements for user identities, controls and measurements for devices across platforms, and how to construct access policies. Then, they’ll get into common misconceptions and what you might need to tackle as you continue your journey. You’ll come away with a roadmap for your organization to get to a mature zero trust architecture, and what the industry can do better to support zero trust principles.