Services
Main menu

Services

Services & Competences
Consulting & Enablement
Co-Creation & Acceleration
Development & Technology
Academy
Services

Academy

Academy at the glance
Agile competencies
Academy

Agile competencies

Agile competencies at the glance
Quality as a team approach
Exploring Requirements
Software testing & test automation
Academy

Software testing & test automation

Software testing & test automation at the glance
Exploratory Testing – Deep Dive
Frontend & Backend for Testers
Test automation - Selenide
Test automation - Selenium
Test automation - Cypress
Test automation - Appium
Cloud & DevOps
Academy

Cloud & DevOps

Cloud & DevOps at the glance
Kubernetes 101
Terraform in action
DevOps Training “From Zero to Cloud”
Cybersecurity & access management
Academy

Cybersecurity & access management

Cybersecurity & access management at the glance
OWASP Top 10 & Training Lab
Software development & architecture
Academy

Software development & architecture

Software development & architecture at the glance
Generative AI
Strategic Software Architecture
Tactical Software Architecture
Introduction to advanced Go patterns
First steps with Flamingo
Industries
Main menu

Industries

Industries Overview
Telco
Industries

Telco

Telco at the glance
Telco Trendbook
Fiber expansion
Mobility
Healthcare
Industries

Healthcare

Healthcare at the glance
Digital Experience Management for Healthcare
Healthcare

Digital Experience Management for Healthcare

Digital Experience Management for Healthcare at the glance
DXM Case Study
Bare.ID for Healthcare
Digital catering management
Marketplace
Manufacturing
Public
Fintech
Products
Main menu

Products

All AOE Products
Bare.ID
Searchperience
Flamingo
Clients
Company
Main menu

Company

Company Overview
Our philosophy
Our values & culture
CSR & Sustainability
Insights
Main menu

Insights

Insights Overview
Blog
Insights

Blog

Blog at the glance
2024
Blog

2024

Project managers and product owners: kind of the same thing, right?
Explaining the roles in agile software development – Backend Developer
Explaining the roles in agile software development – Frontend Developer
Launch AOE Careers: Beyond a typical career page
The future of content management
2023
Blog

2023

Explaining the roles in agile software development – Scrum Master
Explaining the roles in agile software development – Product Owner
Generative KI and Large Language Models (LLMs) – A Glimpse into the Future
AOE Technology Radar #7
Most family-friendly employer 2023
AOE in the intrinsify podcast
Cloudland talk: Container Vulnerability Management in Kubernetes
11 tips for a successful cloud migration
Zero Trust - the hard way
AOE Behind the Screens: Backend Developer Fabian
Future-proof IT security concept: What companies should know
AOE Technology Radar #6: What's new?
AOE Behind the Screens: Frontend Developer Klara
Cybersecurity trends: What's important in 2023?
Entscheiderfabrik: AOE, PLANFOX & PlanOrg with „Rethinking the digital patient journey“
DKMS registration: Why we participate
Articles
Events
Insights

Events

Events at the glance
TechTalk Wiesbaden #3
BarCamp RheinMain
ANGA COM
TechTalk Wiesbaden
Cloudland
Marketing Club Mainz Wiesbaden at AOE
SEIBERT MEDIA OpenSpace with Friends
Fuck-up Night
DevOpsCon
Sustainable Future .digital
Girls'Day
Bare.ID: CSK Summit 2023
Usability Testessen
CSR Regio.Net Networking Workshop
TechTalk Wiesbaden
Press
Newsletter
Open Source
Tech Radar
Careers
Contact

Get in touch


We use HubSpot CRM to process and manage contact and information requests. Please accept the "Functional Cookies" and reload the page to load the contact form.

Insights /
Blog /
DevOps & Cloud
Insights / Blog / DevOps & Cloud

DevOpsCon: Zero Trust - the hard way

June 14, 2023
Kevin SchuKevin SchuDirector Cloud & Devops

Kevin Schu and Daniel Pötzinger presented "Zero Trust - the hard way" on the DevOpsCon conference 2023 in Berlin. Please find the video of the talk below.

About the presentation: 

"With digital boundaries disappearing, a new, adapted security concept is of the essence. "Zero Trust" may sound like a harsh principle, but it is exactly the adaptation needed today. This radical security model change is followed by a far-reaching change in infrastructure, processes and, ultimately, culture; and at first glance, this seems like a daunting task.

Having successfully implemented Zero Trust for our customers multiple times, I have some learnings to share: from the initial problems and challenges to the full-scale implementation, from code repository and CI/CD, to service-to-service communication. Besides that, I'll also highlight what to consider, what kind of tools can help, and what the cultural implications are."

Download Presentation Slides

Keynote Video: "Zero Trust - The Hard Way"

See the keynote video below or on YouTube

Keynote table of content

  • 0:18 Keynote Topics and Introduction
  • 1:18 The Equifax hack - and how it could have been avoided
  • 4:48 Security with Zero Trust
  • 7:06 Zero Trust Aspects
  • 7:55 Why it is hard
  • 10:00 Identity & Identity Awareness - Deep Dive
  • 17:33 Device Authentication
  • 18:27 Networking & Firewall
  • 19:48 Application Security - Deep Dive
  • 26:34 Infrastructure Security
  • 29:03 Secure Data Handling
  • 29:53 Secure Development and Delivery
  • 32:32 Security Monitoring
  • 33:05 Organization and Culture
  • 34:27 How Equifax could have avoided the hack
  • 35:08 Summary, Facts and Tipps
  • 37:05 Q&A

Top 5 key takeaways

  1. Never trust, always verify
  2. Strong identity as a base for your zero trust network
  3. Know the standards, how they work, their functions and options
  4. Build apps as if they were public - don't rely on any perimeters around them
  5. Don't stop, keep up - work on continuous improvement

Cloud & DevOps services at AOE

AOE has many years of experience in Enterprise Cloud & DevOps projects. Based on our experience we offer a wide range of Cloud and Devops services:

All info on aoe.com/devops

Related insights

DevOps & Cloud

Cloudland talk: Container Vulnerability Management in Kubernetes

Kevin Schu presented "Container Vulnerability Management in Kubernetes" on the Cloudland conference 2023. Please find the video of the talk and the presentation download. Cloudland: Thursday 22.06.2023 | 16:00 - 16:45 | Stage 1 Content of the presentation: With the increasing adoption of Kubernetes and container technology, the need for effective vulnerability management is also growing. What can such a vulnerability management look like in concrete terms? How do I integrate vulnerability scans into my pipelines? How do I prevent vulnerabilities from being deployed into my Kubernetes environment? How do I keep track of vulnerabilities disclosed at runtime? What processes do I need to establish to address vulnerabilities? I want to share how we manage container vulnerabilities in Kubernetes environments for our customers, what tool we use to do this, and what processes we have established to address prioritization and remediation of identified vulnerabilities. Download Presentation

DevOps & Cloud

11 tips for a successful cloud migration

Cloud migration offers numerous benefits to businesses. For example, significant cost savings can be achieved. Additionally, it has a positive impact on scalability and flexibility, reducing time-to-market while increasing developer productivity. However, before a company embarks on the cloud journey, there are also challenges to overcome. In this article, we provide 11 tips for businesses to successfully navigate their path to the cloud. This article first appeared on Computerweekly: https://www.computerweekly.com/de/meinung/Stairway-to-Cloud