Build Systems that Drive Business
Sep 30–Oct 1, 2018: Training
Oct 1–3, 2018: Tutorials & Conference
New York, NY

Building Secure Systems sessions

Security can no longer be a bolt-on at the end of projects. This track explores how to incorporate security best practices into your system architecture from the ground up into every layer of your applications.

Track host

Erik St. MartinErik St. Martin (Microsoft) curiosity of computers began in his early childhood years playing on a family member's Macintosh SE. He was too young to understand the world of programming then, but it was enough to peak his interest. In his teen years the internet became very popular and he was infatuated with the concept of building my own websites, and like all teenage computer geeks the thrill of "learning to hack". He cut his teeth building his own websites and learned to program by modifying open-source forum software in Perl and PHP, and running his own Counter-Strike servers. Before he knew it I was being offered money to program as a profession. He has been in the open-source and Linux world ever since.

11:35am–12:15pm Wednesday, October 3, 2018
A programmer's guide to secure connections
Location: Gramercy Level: Beginner
Secondary topics:  Resilient, Performant & Secure Distributed Systems
Liz Rice (Aqua Security)
Average rating: *****
(5.00, 1 rating)
Beyond looking out for a little green padlock in the browser bar, what do you need to know about secure connections as a programmer? What do people mean by terms like authentication, verifying a certificate, or signing a message? Join Liz Rice as she demystifies HTTPS, TLS, X.509, and more. Read more.
1:30pm–2:10pm Wednesday, October 3, 2018
Modern security best practices for microservices and distributed systems
Location: Gramercy Level: Intermediate
Secondary topics:  Resilient, Performant & Secure Distributed Systems
Seth Vargo (Google)
Average rating: ****.
(4.00, 2 ratings)
Seth Vargo outlines the key principles for securing microservices and distributed systems in the modern world, where applications run in cloud or hybrid cloud infrastructure. Read more.
2:25pm–3:05pm Wednesday, October 3, 2018
Faster is safer: Security in the enterprise
Location: Gramercy Level: Beginner
Secondary topics:  Resilient, Performant & Secure Distributed Systems
Molly Crowther (Pivotal)
Average rating: *****
(5.00, 1 rating)
Molly Crowther demonstrates how the enterprise can use cloud platforms to make security move at the pace of business—not the other way around. Read more.
3:50pm–4:30pm Wednesday, October 3, 2018
Securing serverless by breaking in
Location: Gramercy Level: Beginner
Secondary topics:  Resilient, Performant & Secure Distributed Systems
Guy Podjarny (Snyk)
Average rating: *****
(5.00, 1 rating)
Serverless shuffles security priorities, naturally mitigating certain risks while elevating others, as this live hacking session vividly demonstrates. Guy Podjarny breaks into a vulnerable demo serverless app while explaining each security mistake, its impact, and how it can be avoided. You'll leave knowing why you need to keep your functions secure and how to do it yourself. Read more.
4:45pm–5:25pm Wednesday, October 3, 2018
Ship of fools: Shoring up Kubernetes security
Location: Gramercy Level: Intermediate
Secondary topics:  Resilient, Performant & Secure Distributed Systems
Ian Coldwater (Heroku)
Ian Coldwater offers practical advice about securing your Kubernetes clusters, from an attacker’s perspective. Read more.