Building Secure Systems sessions
Arun Kejariwal Until recently, Arun Kejariwal was a statistical learning principal at Machine Zone (MZ), where he led a team of top-tier researchers and worked on research and development of novel techniques for install and click fraud detection and assessing the efficacy of TV campaigns and optimization of marketing campaigns. In addition, his team built novel methods for bot detection, intrusion detection, and real-time anomaly detection. Previously, Arun worked at Twitter, where he developed and open-sourced techniques for anomaly detection and breakout detection. His research includes the development of practical and statistically rigorous techniques and methodologies to deliver high-performance, availability, and scalability in large-scale distributed clusters. Some of the techniques he helped develop have been presented at international conferences and published in peer-reviewed journals.
9:00am - 5:00pm Monday, June 10 & Tuesday, June 11
Location: Almaden Ballroom 2
Learn how to use threat modeling as technique to integrate security in the DevOps workflow, introduce "threat modeling as code" and build a security culture in your organization.
9:00am–12:30pm Tuesday, June 11, 2019
Attendees will learn techniques for securing Kubernetes secrets including encryption, KMS plugins, and tools like HashiCorp Vault, and the tradeoffs of each approach to better secure their clusters.
1:30pm–5:00pm Tuesday, June 11, 2019
In this tutorial, you'll learn how to defend your infrastructure against costly DDoS attacks by blacklisting or white listing traffic, load shedding, and analyzing traffic using XDP and eBPF.
11:35am–12:15pm Wednesday, June 12, 2019
Building and maintaining a secure Kubernetes environment
1:25pm–2:05pm Wednesday, June 12, 2019
In this presentation, we’ll look at practical public key certificate management with Vault, which uses a dynamic secrets approach.
3:50pm–4:30pm Wednesday, June 12, 2019
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? This deep dive and live exploit demo will explain the risks and give you practical advice about how to protect your clusters.
4:45pm–5:25pm Wednesday, June 12, 2019
As BuzzFeed transitioned to microservices it needed to secure a growing number of internal tools. Our first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. The talk will discuss sso, our open-source, homegrown, centralized solution which elegantly solved this problem.