Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

Building Secure Systems sessions

Track host

Arun KejariwalArun Kejariwal Until recently, Arun Kejariwal was a statistical learning principal at Machine Zone (MZ), where he led a team of top-tier researchers and worked on research and development of novel techniques for install and click fraud detection and assessing the efficacy of TV campaigns and optimization of marketing campaigns. In addition, his team built novel methods for bot detection, intrusion detection, and real-time anomaly detection. Previously, Arun worked at Twitter, where he developed and open-sourced techniques for anomaly detection and breakout detection. His research includes the development of practical and statistically rigorous techniques and methodologies to deliver high-performance, availability, and scalability in large-scale distributed clusters. Some of the techniques he helped develop have been presented at international conferences and published in peer-reviewed journals.


Add to your personal schedule
9:00am - 5:00pm Monday, June 10 & Tuesday, June 11
Location: Almaden Ballroom 2
Average rating: ****.
(4.67, 6 ratings)
Sebastien Deleersnyder teaches you how to use threat modeling to integrate security in the DevOps workflow, introduces threat modeling as code, and shows you how to build a security culture in your organization. Read more.
Add to your personal schedule
9:00am12:30pm Tuesday, June 11, 2019
Location: LL21 A/B
Seth Vargo (Google)
Average rating: ****.
(4.78, 9 ratings)
By default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Seth Vargo shares techniques for securing Kubernetes secrets, including encryption, KMS plug-ins, and tools like HashiCorp Vault and the trade-offs of each approach to better secure their clusters. Read more.
Add to your personal schedule
1:30pm5:00pm Tuesday, June 11, 2019
Location: 230 A
Average rating: ****.
(4.50, 2 ratings)
Christian Saide shows you how to defend your infrastructure against costly DDoS attacks by blacklisting or white-listing traffic, load-shedding, and analyzing traffic using XDP and eBPF. Read more.
Add to your personal schedule
11:35am12:15pm Wednesday, June 12, 2019
Location: LL21 E/F
Kat Fitzgerald (Uber ATG)
Average rating: ****.
(4.93, 15 ratings)
Kat Fitzgerald walks you through building and maintaining a secure Kubernetes environment. Read more.
Add to your personal schedule
1:25pm2:05pm Wednesday, June 12, 2019
Location: LL21 E/F
Aaron Rinehart (Verica)
Average rating: ***..
(3.33, 3 ratings)
Chaos engineering allows security incident response teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown. Join Aaron Rinehart to explore the hidden costs of security incidents, learn a new technique for uncovering system weaknesses in systems security, and more. Read more.
Add to your personal schedule
3:50pm4:30pm Wednesday, June 12, 2019
Location: LL21 E/F
Ian Coldwater (Heroku)
Average rating: ****.
(4.83, 6 ratings)
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? Ian Coldwater takes a deep dive into the exploit to explain the risks and gives you practical advice about how to protect your clusters. Read more.
Add to your personal schedule
4:45pm5:25pm Wednesday, June 12, 2019
Location: LL21 E/F
Shraya Ramani (Buzzfeed)
Average rating: ****.
(4.00, 1 rating)
As BuzzFeed transitioned to microservices, it needed to secure a growing number of internal tools. BuzzFeed's first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. Shraya Ramani discusses SSO, BuzzFeed's open source, homegrown, centralized solution which elegantly solved this problem. Read more.