Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

Building Secure Systems sessions

Track host

Arun KejariwalArun Kejariwal Until recently, Arun Kejariwal was a statistical learning principal at Machine Zone (MZ), where he led a team of top-tier researchers and worked on research and development of novel techniques for install and click fraud detection and assessing the efficacy of TV campaigns and optimization of marketing campaigns. In addition, his team built novel methods for bot detection, intrusion detection, and real-time anomaly detection. Previously, Arun worked at Twitter, where he developed and open-sourced techniques for anomaly detection and breakout detection. His research includes the development of practical and statistically rigorous techniques and methodologies to deliver high-performance, availability, and scalability in large-scale distributed clusters. Some of the techniques he helped develop have been presented at international conferences and published in peer-reviewed journals.


Add to your personal schedule
9:00am - 5:00pm Monday, June 10 & Tuesday, June 11
Location: Almaden Ballroom 2
Learn how to use threat modeling as technique to integrate security in the DevOps workflow, introduce "threat modeling as code" and build a security culture in your organization. Read more.
Add to your personal schedule
9:00am12:30pm Tuesday, June 11, 2019
Location: LL21 A/B
Seth Vargo (Google)
Attendees will learn techniques for securing Kubernetes secrets including encryption, KMS plugins, and tools like HashiCorp Vault, and the tradeoffs of each approach to better secure their clusters. Read more.
Add to your personal schedule
1:30pm5:00pm Tuesday, June 11, 2019
Location: LL20 A/B
In this tutorial, you'll learn how to defend your infrastructure against costly DDoS attacks by blacklisting or white listing traffic, load shedding, and analyzing traffic using XDP and eBPF. Read more.
Add to your personal schedule
11:35am12:15pm Wednesday, June 12, 2019
Location: LL21 E/F
Kat Fitzgerald (Uber ATG)
Building and maintaining a secure Kubernetes environment Read more.
Add to your personal schedule
1:25pm2:05pm Wednesday, June 12, 2019
Location: LL21 E/F
Christie Koehler (HashiCorp)
In this presentation, we’ll look at practical public key certificate management with Vault, which uses a dynamic secrets approach. Read more.
Add to your personal schedule
3:50pm4:30pm Wednesday, June 12, 2019
Location: LL21 E/F
Ian Coldwater (Independent)
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? This deep dive and live exploit demo will explain the risks and give you practical advice about how to protect your clusters. Read more.
Add to your personal schedule
4:45pm5:25pm Wednesday, June 12, 2019
Location: LL21 E/F
Shraya Ramani (Buzzfeed)
As BuzzFeed transitioned to microservices it needed to secure a growing number of internal tools. Our first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. The talk will discuss sso, our open-source, homegrown, centralized solution which elegantly solved this problem. Read more.