February 23–26, 2020
Please log in
Please log in

A journey for security in a multifactor auth system for a whole nation

Juan Saavedra (Octobot)
1:15pm2:05pm Wednesday, February 26, 2020
Location: Beekman Parlor
Secondary topics:  Best Practice, Case Study, Overview
Average rating: ****.
(4.33, 3 ratings)

Who is this presentation for?

  • Software engineers, vice presidents of engineering, CTOs, and CISOs




One of the main challenges facing e-government initiatives is to safely perform an accessible authentication of users as citizens, which can provide both public and private entities with the necessary personal and security information in an open and standard fashion to enable more digital interactions. In the process of building a multifactor auth system for all Uruguayan citizens, the government found three critical features necessary to reach a successful solution: security, reliability, and usability.

Juan Saavedra outlines the Agile development of a REST application deployed on OpenShift and Kubernetes and details how the pursuit of security by design impacted the development process, the architectural design, and DevOps practices for the project, where you’ll learn about secure software architecture and development practices, as well as managing security and usability. He recaps outcomes effective enough to be recommended for broad usage in web software development to improve overall security. He reviews how the government managed and balanced interactions between security, usability, and reliability, as well as what lessons can be extracted regarding successfully making improvements that are mutually beneficial from an overall perspective.

Prerequisite knowledge

  • Familiarity with web software development and basic knowledge of security principles

What you'll learn

  • Discover security practices in Agile software development and architecture
  • See examples of improvements in security through usability
Photo of Juan Saavedra

Juan Saavedra


Juan Saavedra is the cofounder and vice president of technology at Octobot, where he oversees technical proposal and execution of outstanding digital products for several verticals, both at home and abroad. With a degree in software engineering, he used to enjoy his spare time being an instructor in computer architecture and networks, where he went too much full stack. He’s the father of one and a football (soccer) fan, and he rarely thinks a beer has too much hops.

  • IBM
  • LaunchDarkly
  • LightStep
  • Red Hat
  • ThoughtWorks
  • Auth0
  • Check Point Software
  • Contentful
  • Contrast Security
  • Datadog
  • Diamanti
  • Octobot.io
  • Optimizely
  • Perforce
  • Robin.io
  • SmartBear
  • Tidelift
  • WhiteSource
  • Synopsys
  • AxonIQ
  • Codefresh
  • CodeStream
  • Hello2morrow
  • LogRocket
  • Rookout
  • Solo.io
  • CNN
  • Boundless Notions, LLC

Contact us


For conference registration information and customer service


For more information on community discounts and trade opportunities with O’Reilly conferences

Become a sponsor

For information on exhibiting or sponsoring a conference


For media/analyst press inquires