Dave Shackleford is the owner and principal consultant of Voodoo Security, Lead Faculty at IANS, and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security: Protecting Virtualized Environments, as well as the co-author of Hands-On Information Security from Course Technology. Recently Dave co-authored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.
Do you have a question for our experts?
Contributions from Dave Shackleford
- Evaluating security controls for cloud defense
- An introduction to Microsoft Office 365 security
- Storing and managing logs with Amazon CloudTrail
- Cloud encryption key management best practices
- Can tokenization replace encryption in the cloud?
- How to manage, automate firewalls in cloud environments
- Before embracing cloud-based storage, consider access controls
- Evaluating multifactor authentication options in the cloud
- IaaS VM security: Securing instances for in-house deployments
- Big data security in the cloud: Understanding the key challenges
- Cloud stack security: Exploring cloud VM risk scenarios
- What providers won't say about cloud forensics
- Why SOC 2 is emerging to assess cloud provider security
- Use Amazon S3 encryption to secure data in the cloud
- How enterprises can self-manage private cloud security
- Assessing the security of cloud service provider APIs
- To develop secure cloud apps, treat them like Web apps
- Side-channel attacks in the cloud: A cause for concern?
- Prepare for new patching hurdles in cloud environments
- Choosing the right cloud-based DR service