##About Rootconf Pune:
Rootconf Pune is a conference for:
- DevOps engineers
- Site Reliability Engineers (SRE)
- Security and DevSecOps professionals
- Software engineers
- Network engineers
The Pune edition will cover talks on:
- InfoSec and application security for DevOps programmers
- DNS and TLS 1.3
- SRE and distributed systems
- Containers and scaling
Speakers from Flipkart, Hotstar, Red Hat, Trusting Social, Appsecco, InfraCloud Technologies, among others, will share case studies from their experiences of building security, SRE and Devops in their organizations.
Two workshops will be held before and after Rootconf Pune:
- Full-day Prometheus training workshop on 20 September, conducted by Goutham V, contributor to Prometheus and developer at Grafana Labs. Details about the workshop are available here: https://hasgeek.com/rootconf/2019-prometheus-training-pune/
- Full-day DNS deep dive workshop on 22 September by Ashwin Murali: https://hasgeek.com/rootconf/2019-dns-deep-dive-workshop-pune/
Rootconf Pune will be held on 21 September at St. Laurn Hotel, Koregaon Park, Pune-411001.
##To know more about Rootconf, check out the following resources:
For information about the event, tickets (bulk discounts automatically apply on 5+ and 10+ tickets) and speaking, call Rootconf on 7676332020 or write to email@example.com
Lets talk about fuzzing
Fuzzing ia a software testing technique, which consists of throwing malformed data at an application in an automated way and observing how the application behaves. Fuzzing for security has been a recent trend, with companies like Google doing this on a massive scale. This BoF discusses some of these techniques and how fuzzing is generally useful.
Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. Security engineers have been using fuzzing for quite some time now and it has yeilded excellent results. Google runs a full fledged project called oss-fuzz which aims to fuzz various upstream projects to find and fix security flaws in them. This BoF discusses fuzzing in general, various techniques etc, and talks about how one can get started.
Who should attend: Any one with interest in security
What is expected from participants: Share their stories about finding security flaws either via fuzzing or other techniques.
Key takeaways: Know what fuzzing is, how you can fuzz etc.
I work as a Principal Product Security Engineer with Red Hat. I have been involved with high impact security flaws specially related to SSL/TLS over the last 10 years. I am a part of various upstream security teams and a contributor to Fedora security team. Also i do some security research in my spare time.