Hi, I'm Fraser "zeroXten" Scott.

/(?=.*sec)(?=.*dev)(?=.*ops?)/i

Left and right to change topics, up and down for details.

Background...

Cloud Security @ Capital One

Building, testing and automating security controls in the Cloud.

DevOps @ Burberry

Systems, infrastructure and integrations in the Cloud and on-prem.

SSO, message brokers, CI/CD, Chef, Sensu, Consul, ELK

Infrastructure Engineering @ The Cloud / BSkyB

Wi-Fi ISP network authentication platform, customer-facing services and back-office systems.

Web, DNS, DHCP, RADIUS, Chef, IDS, JBoss

Head of Infrastructure @ Telemetry

Business-critical infrastructure, including a proprietry global self-healing ad delivery network and data processing pipeline.

Web, Data processing, Visualisation, DB, Asterisk, Mail, Kerberos, LDAP

Build Engineer @ McAfee

Secure build environment.

Windows, Linux, UNIX, VMware, AntiVirus

NOC Engineer @ Tiscali

ISP 24/7 Network Operations Centre supporting networking and systems infrastructure.

DWDM, DSLAMs, MSANs, DSL, Huawei, Cisco, FreeBSD, Solaris, Web, DNS, RADIUS, DHCP, VoIP

Interests...

Cloud Security

The challenges of enabling engineers to build elastic and scalable solutions quickly and securely.

DevSecOps / SecDevOps

Automating security and securing the automation.

Threat modelling

Understanding and removing the friction that seems to have limited the adoption of such a fundamentally important process.

BDD for Security

Flipping BDD on its head and writing security stories that are understandable by the business and auditors, as well as being executable, verifiable and measurable.

Coding

Python, Ruby, Bash, Perl, PHP, Go

Projects...

ThreatSpec

https://threatspec.org

Threat Model Game (Alexa Skill)

https://alexa.threatspec.org/

How do I report a vuln?

http://howdoireportavuln.com

GitHub

https://github.com/zeroXten

Talks etc...

OWASP Summit 2017

Ran the BDD for Cloud Security session.

Participated in DevSecOps, security automation and threat modelling sessions.

DevSecCon London 2016

DevOps Exchange London, July 2016

Threatening Behaviour

DevOps Perspecties 4, ca technologies

devops-perspectives-4-ebook.pdf

DevSecCon 2015

BSidesLondon Rookie Track 2014

Contacting me...

Twitter

https://twitter.com/zeroXten

LinkedIn

https://www.linkedin.com/in/zeroxten

IRC

zeroXten on Freenode

Mostly in #dc4420, ##security and ##crypto

Email

fraser [at] 0x10 [dot] co