How, and why, do we want to automate security and privacy compliance? This session will dive into how to save time when facing compliance frameworks, whether it be regulatory or customer-driven.

Tired of tracking compliance items in a spreadsheet? Security automation tooling will help alleviate the burden of old-school audit processes. The goal is to gain an understanding of today's tooling that automates privacy compliance and other frameworks.

In this session, participants will...

• Gain an understanding of what our industry has traditionally done in SOC 2 Type II audits and other pertinent frameworks, such as PCI-DSS and ISO 27001.
  • What processes and technologies have been used to keep track of security controls
  • What manual steps had to be taken?
• Learn about new audit tooling to automate security compliance.
  • What tooling exists now?
  • What manual steps are now replaced by automation?
  • What can’t automation replace?
• Learn how 24/7/365 monitoring is utilized to bring higher levels of trust and transparency.
  • What are the benefits of constant monitoring?
  • What are the downfalls of constant monitoring?
  • Gain insight into the future of security compliance framework automation.
    • How does security automation tooling help us with new frameworks?
    • How do we scale our work to fit into multiple compliance frameworks?

Learn the fundamentals of cryptography, including public/private and symmetric encryption, hashing, and digital signatures. Discover which techniques are appropriate for various situations. Review practical real life examples for storing passwords, protecting URL parameters, securely exchanging information with partners, and safely encrypting sensitive information on public web sites. Concepts apply to all platforms, examples will be in C#.