Rootconf 2018

Rootconf 2018

On scaling infrastructure and operations

About Rootconf 2018 and who should attend:

Rootconf is India’s best conference on DevOps, SRE and IT infrastructure. Rootconf attracts systems and operations engineers to share real-world knowledge about building reliable systems.

The 2018 edition is a single track conference. Day 1 – 10 May – features talks on security. Colin Charles (chief evangelist at Percona Foundation), Pukhraj Singh (former national cybersecurity manager at UIDAI), Shamim Reza (open source enthusiast), Alisha Gurung (network engineer at Bhutan Telecom) and Derick Thomas (former network engineer at VSNL and Airtel Bharti) will touch on important aspects of infrastructure, database, network and enterprise security.

Day 2 – 11 May – is filled with case studies and stories about legacy code, immutable infrastructure, root-cause analysis, handling dependencies and monitoring. Talks from Exotel, Kayako, Intuit, Helpshift, Digital Ocean, among others, will help you evaluate DevOps tools and architecture patterns.

If you are a:

  1. DevOps programmer
  2. Systems engineer
  3. Architect
  4. VP of engineering
  5. IT manager

you should attend Rootconf.

Birds Of Feather (BOF) sessions at Rootconf 2018 will cover the following topics:

  1. DevSec Ops
  2. Microservices - tooling, architecture, costs and culture
  3. Mistakes that startups make when planning infrastructure
  4. Handling technical debt
  5. How to plan a container strategy for your organization
  6. Evaluating AWS for scale
  7. Future of DevOps

Rootconf is a conference for practitioners, by practitioners.

The call for proposals is closed. If you are interested in speaking at Rootconf events in 2018, submit a proposal here: rootconf.talkfunnel.com/rootconf-round-the-year-2018/

Venue:

NIMHANS Convention Centre, Lakkasandra, Hombegowda Nagar, Bengaluru, Karnataka 560029.

Schedule, event details and tickets: https://rootconf.in/2018

For more information about Rootconf, sponsorships, outstation events, contact support@hasgeek.com or call 7676332020.

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

A. S. M. Shamim Reza

@shamimreza

Hunting the Evil of your Infrastructure

Submitted Mar 26, 2018

Hunt. No its not Ethan Hunt of Mission Impossible. Its threat hunting I am going to talk and yah Its real time manual, I repeat manual activities of human being who are responsible to take care of your infrastructure. No, they dont have to be the expert of everything or they dont have to have several years of experience. But yes, they do need to have experience on how these infrastructure works.

Here, we will discuss how we will find out the Evil; the vulnerabilities; of your infrastructure. How it can be done. There are some talks that it can be done by automating things, like creating tools that fits your need or Talking with companies who have their best products which can work great.

I will say NO. Threat hunting must need human interaction, who knows what services, OSs, applications are running, what sort of network infrastructure do you have. How they relate to each other. The person need to have analytical abilities who can think beyond, who can find out the missed things of the infrastructure monitoring system.

Threat hunting process can be different based on the infrastructure and obviously the Needs. Proper planing, preparation, expertise, experience and execution is very important. You just cant buy some tools and put some highly paid expert at your SOC and sit back and say you are doing great by hunting down the vulnerabilities.

You need to follow some standards and Yes obviously you have to be Innovative. Doing the same steps and same procedure again and again wont give you the result.

We will learn here, what to hunt for and how often we have to do it. What tools we can use for our need not for our want. How the person have to be for this sort of responsibilities. And so on.

Threat hunting is not an easy task but not that complex too. To secure the most valuable things of earth, the Information, we have to be proactive not reactive. And this should be our goal to Hunt down the Evil.

Outline

It will have Hypothesis based case studies.

Requirements

Those who are working and also interested at Security track.

Speaker bio

I am an Open-source software enthusiast, system solution architect and Linux system expert with over 10 years of extensive experience; right now working on Linux OS developments from the scratch.

I am also an Information Security professional with over 8 years of diverse Information Security experience; from the evolving enterprise needs of large and complex organizations to the development of large public web properties, and protecting their applications, data and infrastructure from attack.

I believe sharing my experience to the community will help secure the infrastructure.

Slides

https://www.slideshare.net/sohagshamim/hunting-the-evil-of-your-infrastructure

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more