BEGIN:VCALENDAR VERSION:2.0 PRODID:-//HasGeek//NONSGML Funnel//EN DESCRIPTION:On infrastructure security\, DevOps and distributed systems. NAME:Rootconf 2019 REFRESH-INTERVAL;VALUE=DURATION:PT12H SUMMARY:Rootconf 2019 TIMEZONE-ID:Asia/Kolkata X-PUBLISHED-TTL:PT12H X-WR-CALDESC:On infrastructure security\, DevOps and distributed systems. X-WR-CALNAME:Rootconf 2019 X-WR-TIMEZONE:Asia/Kolkata BEGIN:VEVENT SUMMARY:Check-in and breakfast (at food court) DTSTART;VALUE=DATE-TIME:20190621T031500Z DTEND;VALUE=DATE-TIME:20190621T040000Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/UQMNmaPgFiKJzqYfMmiS3b@hasgeek.com CREATED;VALUE=DATE-TIME:20181005T080743Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T071816Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Check-in and breakfast (at food court) in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Check-in and breakfast (at food court) DTSTART;VALUE=DATE-TIME:20190621T031500Z DTEND;VALUE=DATE-TIME:20190621T035000Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/GETKZ7JgVigMi3kCpGhn7a@hasgeek.com CREATED;VALUE=DATE-TIME:20181005T074438Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T071811Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Check-in and breakfast (at food court) in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Introduction to Rootconf 2019 edition\; what to expect from the co nference DTSTART;VALUE=DATE-TIME:20190621T035000Z DTEND;VALUE=DATE-TIME:20190621T040000Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/WnGtTq5xnVjQKhmiJUJRH3@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T062845Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T062850Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Introduction to Rootconf 2019 edition\; what to expect from th e conference in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Learnings from running my Home Server (and why you should run one too) DTSTART;VALUE=DATE-TIME:20190621T040000Z DTEND;VALUE=DATE-TIME:20190621T043500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/9AMm9wQmn83u1nAfj51qNC@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Intermediate CREATED;VALUE=DATE-TIME:20190327T102629Z DESCRIPTION:This talk will cover the important bits:\n\n1. A brief overvie w of my homeserver setup\n i. What all Hardware is involved\n ii. What a ll services are running\n iii. Networking and how to route traffic to you r home.\n2. Infrastructure Setup\n i. Terraform Configuration\n ii. Serv ice Configuration\n iii. Running a Kubernetes Cluster\n iv. Security\n3. Q&A GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/learnings-from-running-my-h ome-server-and-why-you-should-run-one-too-9AMm9wQmn83u1nAfj51qNC BEGIN:VALARM ACTION:display DESCRIPTION:Learnings from running my Home Server (and why you should run one too) in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Building reproducible Python applications for secured environments DTSTART;VALUE=DATE-TIME:20190621T043500Z DTEND;VALUE=DATE-TIME:20190621T050500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/5yoALPa3wgwGkcgYzqJm8c@hasgeek.com CATEGORIES:Intermediate CREATED;VALUE=DATE-TIME:20190327T103850Z DESCRIPTION:* Introduction - 1 minute\n* Why all of these painful steps? 2 minutes\n* SecureDrop client desktop tools and their dependency on other upstream projects (or think about an application structutre and standard d eployment strategy)- 3 minutes\n* Updating dependencies or do we read all updates? - 2 minutes\n* Development environment and using pipenv + tools t o create `requirements.txt` wtih hashes only for source - 3 minutes\n* Str ucture of a static HTML based private package index - 4 minutes\n* GPG sig ned list of already built wheels + syncing them locally - 2 minute\n* Runn ing python3 setup.py sdist to create the release tarball + a step before t o have a requirements..txt with only binary hashes from our list of wheels . - 5 minutes\n* Final Debinan packaging script (for automation) which doe s double verification of the wheel hashes. - 3 minutes\n* Reproducible De bian package as end product - 2 minutes\n* Possibility in the RPM land - 1 minute\n* QA/feedback GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/building-reproducible-pytho n-applications-for-secured-environments-5yoALPa3wgwGkcgYzqJm8c BEGIN:VALARM ACTION:display DESCRIPTION:Building reproducible Python applications for secured environm ents in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Tutorial: Shooting the trouble down to the Wireshark Lua plugin DTSTART;VALUE=DATE-TIME:20190621T043500Z DTEND;VALUE=DATE-TIME:20190621T060500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/DhGAm4evqNH2xWBXo444uq@hasgeek.com CATEGORIES:Intermediate,Workshop CREATED;VALUE=DATE-TIME:20190327T104323Z DESCRIPTION:* Objectives\n* Lua and Wireshark Lua\n* Usage and Example\n* Debugging and Linting\n* Literate Programming\n* Markdown Structure\n* lit 2lua\n* Protocol Dissection Pattern\n* Dissector Table\n* Wireshark User I nterface\n* Info\, Message and Heartbeat Protocol\n* Hot key Report\n* Tes ting\n* Demo\n* Future Work\n* References\n\nSource Code: https://github.c om/aerospike/aerospike-wireshark-plugin GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190618T125515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/shooting-the-trouble-down-t o-the-wireshark-lua-plugin-DhGAm4evqNH2xWBXo444uq BEGIN:VALARM ACTION:display DESCRIPTION:Tutorial: Shooting the trouble down to the Wireshark Lua plugi n in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Morning beverage break DTSTART;VALUE=DATE-TIME:20190621T050500Z DTEND;VALUE=DATE-TIME:20190621T053500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/RqGz64MidGHnKUR2HBZKhN@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T060114Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T060208Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Morning beverage break in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Building a 100% remote workplace DTSTART;VALUE=DATE-TIME:20190621T053500Z DTEND;VALUE=DATE-TIME:20190621T063500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/XHRRA4EiRqzYbbyQBC6UxC@hasgeek.com CATEGORIES:Intermediate,Birds Of Feather (BOF) Session,Discussion CREATED;VALUE=DATE-TIME:20190406T104503Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T114005Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/building-a-100-remote-workp lace-XHRRA4EiRqzYbbyQBC6UxC BEGIN:VALARM ACTION:display DESCRIPTION:Building a 100% remote workplace in BOF area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Let’s talk about routing security DTSTART;VALUE=DATE-TIME:20190621T053500Z DTEND;VALUE=DATE-TIME:20190621T061500Z DTSTAMP;VALUE=DATE-TIME:20210120T185328Z UID:session/Uvn3u6ExMHJPgSzNv1hyzR@hasgeek.com CATEGORIES:Intermediate,14 May ,Full talk of 40 mins duration CREATED;VALUE=DATE-TIME:20190409T054748Z DESCRIPTION:This talk covers how (in)secure in the routing at the global s cale\, covers about IRR in detail. Includes examples\, tools and challenge s with IRR based BGP filtering. It also gives a brief introduction to RPKI as well as latest developments in this domain (AT&T doing RPKI based filt ering\, Google about to do IRR based filtering etc) GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/lets-talk-about-routing-sec urity-Uvn3u6ExMHJPgSzNv1hyzR BEGIN:VALARM ACTION:display DESCRIPTION:Let’s talk about routing security in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Morning beverage break DTSTART;VALUE=DATE-TIME:20190621T060500Z DTEND;VALUE=DATE-TIME:20190621T063500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/MVoqZJtDBz78XzXwV69zh9@hasgeek.com CREATED;VALUE=DATE-TIME:20190618T130442Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190618T130442Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Morning beverage break in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Deploying and managing CSP: the browser-side firewall DTSTART;VALUE=DATE-TIME:20190621T061500Z DTEND;VALUE=DATE-TIME:20190621T065500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/WLNJ6s6B9piyPyTmWFKvXb@hasgeek.com CATEGORIES:Intermediate CREATED;VALUE=DATE-TIME:20190327T103511Z DESCRIPTION:- Introduction to client-side Data Exfiltration attacks\n- Int roduction to Content-Security Policy\n- Content Security Policy to prevent Data Exfiltration attacks\n ○ What is possible\n ○ What are the lim itations\n- How to design and deploy CSP to detect/prevent Data Exfiltrati on attacks \n- How to monitor policy violations and alerts GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T091305Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/deploying-and-managing-csp- the-browser-side-firewall-WLNJ6s6B9piyPyTmWFKvXb BEGIN:VALARM ACTION:display DESCRIPTION:Deploying and managing CSP: the browser-side firewall in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Tutorial: Onion services (Tor Project) for Devops DTSTART;VALUE=DATE-TIME:20190621T063500Z DTEND;VALUE=DATE-TIME:20190621T073500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/T2Gs5xuzoVQMGmrir2uXv6@hasgeek.com CATEGORIES:Workshop,Intermediate,Workshop CREATED;VALUE=DATE-TIME:20190609T151420Z DESCRIPTION:- Introduction to Tor project\n- Onion services 101\n- Deployi ng a website as an onion service\n- Deploying ssh access as an onion servi ce\n- QA GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190618T130429Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/onion-services-for-devops-T 2Gs5xuzoVQMGmrir2uXv6 BEGIN:VALARM ACTION:display DESCRIPTION:Tutorial: Onion services (Tor Project) for Devops in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Using pod security policies to harden your Kubernetes cluster DTSTART;VALUE=DATE-TIME:20190621T065500Z DTEND;VALUE=DATE-TIME:20190621T073500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/LMw9WK67wYxfwjmmHkeHns@hasgeek.com CATEGORIES:Intermediate,Full talk of 40 mins duration CREATED;VALUE=DATE-TIME:20190406T102249Z DESCRIPTION:This talk will start with current state of Kubernetes security and how folks are setting up their clusters. How folks are using shortcut s to get around changing their old bad practices. The talk will explain fo lks what's worst that can happen if they keep using those bad practices. S pecially in the multi-tenant setup this can lead to massive breakouts.\n\n The above topics are there to create a ground for folks to appreciate the security feature of Kubernetes Pod Security Policy. \n\nWe then come to co re of the talk this is where I will explain what Pod Security Policy is an d how it can help in hardening the cluster. I will explain all the support ed features that PSP has and what feature stops what kind of attack vector in a multi-tenant untrusted environment.\n\nAlso I will explain the benef its of having secure & hardened clusters from the development phase itself and how it helps you understand and catch the issues that you might encou nter only while deploying on production. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/using-pod-security-policies -to-harden-your-kubernetes-cluster-LMw9WK67wYxfwjmmHkeHns BEGIN:VALARM ACTION:display DESCRIPTION:Using pod security policies to harden your Kubernetes cluster in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART;VALUE=DATE-TIME:20190621T073500Z DTEND;VALUE=DATE-TIME:20190621T083000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/65kRbotHSTpqaDsHxbcsWh@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T060435Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T060448Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Lunch break in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Keynote: How convenience Is killing open standards DTSTART;VALUE=DATE-TIME:20190621T083000Z DTEND;VALUE=DATE-TIME:20190621T091000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/UcwKgZs63AvJaJECV81R7k@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Intermediate CREATED;VALUE=DATE-TIME:20190327T104349Z DESCRIPTION:All the technical diversity we enjoy in our industry is the re sult of internal evangelism 20 yers ago. Now all three major cloud provide rs have been pushing their serverless solutions to lure customers into a n ew form of vendor lock-in. I think it is time\, to remind ourselves about Open Standards. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/how-convenience-is-killing- open-standards-UcwKgZs63AvJaJECV81R7k BEGIN:VALARM ACTION:display DESCRIPTION:Keynote: How convenience Is killing open standards in Audi 1 i n 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Flash talks: by participants DTSTART;VALUE=DATE-TIME:20190621T091000Z DTEND;VALUE=DATE-TIME:20190621T094000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/A5HGA8kQkLgNggtjisRCEG@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T063709Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T091348Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Flash talks: by participants in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:How do you keep your secrets and how much does it cost? DTSTART;VALUE=DATE-TIME:20190621T091000Z DTEND;VALUE=DATE-TIME:20190621T101000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/H7LGMtxz54ePQp1PMq4SEz@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Advanced,Discussion,Birds Of Fe ather (BOF) Session,Advanced CREATED;VALUE=DATE-TIME:20190606T111750Z DESCRIPTION:Discussion Structure\n====================\nRather than starti ng from a particular solution and discuss the specific nature in which it works\, the discussion should be centered around why a particular so lution was deployed in an organization and the thought process th at went into it. \n\nWe need at least 4 - 5 examples on real world thought process that went in deploying a particular solution. In particular we wo uld be interested in the following structure\n* What was the secret keepin g solution that was chosen? \n* Why was it chosen? What are the parameters for chosing a particular solution? The parameters we are looking to under stand in depth are: \n - Number of Secrets\n - Nature of Secrets (Epheme ral\, API Keys\, Tokens etc.)\n - Number of entities that access these se crets (500\, 1000 etc.)\n - Integration with Identity management.\n - Co st for storing and managing secrets. \n - Trust in the organization/commu nity/person that developed and maintains the solution. \n - Integration w ith existing tools/cloud providers/organization workflows etc. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T094211Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/how-do-you-keep-your-secret s-and-how-much-does-it-cost-H7LGMtxz54ePQp1PMq4SEz BEGIN:VALARM ACTION:display DESCRIPTION:How do you keep your secrets and how much does it cost? in BO F area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:SSH Certificates: a way to scale SSH access DTSTART;VALUE=DATE-TIME:20190621T091000Z DTEND;VALUE=DATE-TIME:20190621T094000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/6vRxtiiw3XQH8412Sf4ofx@hasgeek.com CATEGORIES:Crisp talk of 20 mins duration,Intermediate CREATED;VALUE=DATE-TIME:20190327T103324Z DESCRIPTION:* Traditional Public key (asymmetric key) cryptography authent ication(2 min)\n * Traditional SSH authentication methods\n * Passwo rd-based authentication\n * Public-key (asymmetric) based authenticatio n\n * Generic Security Service Application Program Interface (an API to access servers)\n* Centralized authentication approach & limitations (3 m in)\n * How LDAP/Kerberos working (in brief)\n * Limitations of a ce nralized system\n* A adventures ride with SSH certificates (6 min)\n * Working of SSH certificates\n * Generate signed certificate from CA\n * Configuration on the host system\n * Configuration on the user syst em\n* Demo (3 min)\n* Features of SSH CA (3 min)\n * Role-based access\ n * Host-based access\n * Certificate validity\n * Certificate id entity\n* Limitation & solutions (3 min)\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/ssh-certificates-a-way-to-s cale-ssh-access-6vRxtiiw3XQH8412Sf4ofx BEGIN:VALARM ACTION:display DESCRIPTION:SSH Certificates: a way to scale SSH access in Audi 2 in 5 min utes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Sponsored talk: Implementing security from day one at a fintech st artup DTSTART;VALUE=DATE-TIME:20190621T094000Z DTEND;VALUE=DATE-TIME:20190621T102000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/NbDCPaRiFEJpBCvSgCnpqQ@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture CREATED;VALUE=DATE-TIME:20190607T060733Z DESCRIPTION:Information security domain has become vast with lots of indus try standards\, frameworks\, tools\, etc. However\, all business at the en d of the day cares about is releasing a product securely with minimal fric tion and enabling tech to move fast while having security in place.\n\nIn this talk\, we will touch base on the approaches as well as key decisions we took to ensure we have security in place from day 1 of our product laun ch. To keep understanding simple\, I have segmented security into 3 follow ing buckets\n\n1. A cloud approach\n \n2. A compliance approach\n \n3. A product approach\n \n\n\n**A cloud approach:** Most of our foun ding team members were well versed with a public cloud (AWS)\, hence\, thi s was a no brainer decision to adapt an AWS heavy infrastructure.\n\n\n*** Challenges(Security):***\n\n1. Due diligence of shared responsibility: Al l managed workloads would need to have a policy defined. E.g. An IAM role must not have an excess permissions or an admin user should not be able to delete a running ECS cluster.\n \n2. Lifecycle of workloads/resources : E.g. Security groups for enabling temporary access across AWS resource n eeds to be revoked asap.\n \n3. Secret/Key Management: E.g\, Because s ecrets are not meant to be hardcoded.\n \n4. Incident Response: E.g. B itcion miner on a hacked EC2.\n \n***Approach:***\n\n1. Least Principl e - OKTA as SSO on separate AWS accounts(dev\,stage\,prod\,PCI\, central) with distinguished user groups.\n \n2. Continuous AWS Monitoring - [ht tps://www.cloudconformity.com/conformity-rules/](https://www.cloudconformi ty.com/conformity-rules/)\n \n3. AWS Guardduty - Monitors Cloudtrail\, VPC Flow logs and Route53 logs - SNS to Email for all alerts.\n \n\n** A Compliance Approach:** Fintech is regulated business and industry standa rds are its consequence. During the first month of our product launch\, we were required to become compliant to NPCI guidelines for a UPI launch. Fo llowed by RBI’s data localization requirement(SAR) and then ISO 27001:20 13\n\n***Challenges:***\n\n1. Onboarding independent auditors to the conc ept of credit card bill payments.\n \n2. Onboarding consultants to vie w product/business from a different angle.\n \n3. Creating a process o riented culture to adhere to various compliance requirements.\n \n\n**A Product Approach:** Our founder wanted our product to be as secure before we launch.\n\n***Challenges:***\n\n1. Dealing with rapid code+design cha nges.\n \n2. Defensive versus offensive.\n \n3. Proposing secure s olutions for end user application flow.\n \n***Approach:***\n\n1. Keep ing track of changes in every alpha build. Sit next to developer and start with a simple code review. Need not be a tool based approach\, for every API call\, check the corresponding codebase and think what could go wrong. \n \n2. Too many tools and framework to attack. Think on how to make e very attack difficult. E.g. SSL Pinning\, Code obfuscation( Proguard follo wed by Dexguard)\n \n3. Review all application flow\, look at applicat ion having user inputs. E.g. OTP flow in our app. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/implementing-security-from- day-1-at-a-fintech-startup-NbDCPaRiFEJpBCvSgCnpqQ BEGIN:VALARM ACTION:display DESCRIPTION:Sponsored talk: Implementing security from day one at a fintec h startup in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:What are the benefits of using Ansible Automation? DTSTART;VALUE=DATE-TIME:20190621T094000Z DTEND;VALUE=DATE-TIME:20190621T104000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/8UEbPxATNrKP6XMaWuhMhs@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Intermediate,Discussion CREATED;VALUE=DATE-TIME:20190619T165756Z DESCRIPTION:The following points will be discussed during this session:\n- Ansible's simplicity and extensible plugins\n- Real world use cases of An sible\n- Comparing Ansible and AWX(Upstream of Ansible Tower)\n- Enabling next generation network operations using Ansible GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190619T165829Z LOCATION:Room 01 for BOFs - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/what-are-the-benefits-of-us ing-ansible-automation-8UEbPxATNrKP6XMaWuhMhs BEGIN:VALARM ACTION:display DESCRIPTION:What are the benefits of using Ansible Automation? in Room 01 for BOFs in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Securing infrastructure with OpenScap: the automation way DTSTART;VALUE=DATE-TIME:20190621T094000Z DTEND;VALUE=DATE-TIME:20190621T102000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/9q9pU6TdR4YcLC7wyHfbG7@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Beginner CREATED;VALUE=DATE-TIME:20190610T113732Z DESCRIPTION:Audience will learn about Openscap. Tools used by openscap alo ng with profiles and components of openscap. I will also through some ligh t on how we all can have our own set of policies and how we can develop ce rtain profiles and policies that will be custom of yourself and also usefu l for upstream. This talk will also involve how to deploy openscap\, how t o use different tools of openscap and warping up with the analysis of the reports generated by the scap policies. At the end you get a clear picture of openscap also with managing all the tools and reports by them. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/securing-infrastructure-wit h-openscap-the-automation-way-9q9pU6TdR4YcLC7wyHfbG7 BEGIN:VALARM ACTION:display DESCRIPTION:Securing infrastructure with OpenScap: the automation way in A udi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Evening beverage talk DTSTART;VALUE=DATE-TIME:20190621T102000Z DTEND;VALUE=DATE-TIME:20190621T105000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/AJmhsvULqzJ8kg4TcRF3rY@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T063218Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190618T130022Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Evening beverage talk in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Evening beverage break DTSTART;VALUE=DATE-TIME:20190621T102000Z DTEND;VALUE=DATE-TIME:20190621T105000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/Mdk6enkjtABbgxc7eNpZHH@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T061031Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190619T034452Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Evening beverage break in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:OSINT for proactive defense DTSTART;VALUE=DATE-TIME:20190621T105000Z DTEND;VALUE=DATE-TIME:20190621T113000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/H1Z5ygmYbY88VwxCqwKwWS@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture CREATED;VALUE=DATE-TIME:20190609T151155Z DESCRIPTION:Below is an outline of the presentation:\n- Overview of OSINT\ n- Why Security Teams should use OSINT\n- Continuous Discovery and Monitor ing of Assets\n- Use OSINT Data for Periodic Attack Simulation\n- Discover ing Sensitive Information Leakage \n- Monitoring Breached Passwords\n- Pro actively Identifying Security Incidents using SOCMint\n- OSINT Countermeas ures\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/osint-for-proactive-defense -H1Z5ygmYbY88VwxCqwKwWS BEGIN:VALARM ACTION:display DESCRIPTION:OSINT for proactive defense in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Birds of Feather (BOF) session: On taking your home brew projects to graduate into CNCF projects DTSTART;VALUE=DATE-TIME:20190621T105000Z DTEND;VALUE=DATE-TIME:20190621T115000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/VNM6T79wLSX2kdZvHzHS7m@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Beginner,Discussion CREATED;VALUE=DATE-TIME:20190620T110249Z DESCRIPTION:* Introduction to CNCF\n* CNCF presence in India\n* Current pr ojects under CNCF\n* Proposing a project to become part of CNCF\n* How a p roject graduates from CNCF ?\n* Journey of OpenEBS into CNCF GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190620T110301Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/birds-of-feather-bof-sessio n-on-taking-your-home-brew-projects-to-graduate-into-cncf-projects-VNM6T79 wLSX2kdZvHzHS7m BEGIN:VALARM ACTION:display DESCRIPTION:Birds of Feather (BOF) session: On taking your home brew proje cts to graduate into CNCF projects in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Birds of Feather (BOF) session: SRE approach to supporting product s as a PaaS internally DTSTART;VALUE=DATE-TIME:20190621T105000Z DTEND;VALUE=DATE-TIME:20190621T115000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/LTMfZC3AiK2jMtQNydhPVa@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Intermediate,Discussion,Birds O f Feather (BOF) Session,Intermediate CREATED;VALUE=DATE-TIME:20190614T085047Z DESCRIPTION:Open discussion on solving the challenge of building common SR E principles and tools to support multi dozen uniquely configured product environments. \nWe'll discuss about implementing correlation and principl es to improve automation and the quality of products. Building everything- as-a-service internally to homogenize workloads and toolchain. Comparing t he short term and long term tradeoffs of this approach.\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T094226Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/sre-approach-to-supporting- products-as-a-paas-internally-LTMfZC3AiK2jMtQNydhPVa BEGIN:VALARM ACTION:display DESCRIPTION:Birds of Feather (BOF) session: SRE approach to supporting pro ducts as a PaaS internally in BOF area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Devil lies in the details: running a successful bug bounty program me in your organization DTSTART;VALUE=DATE-TIME:20190621T113000Z DTEND;VALUE=DATE-TIME:20190621T121000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/6XQ2wZJitKPpNSQmffdkNu@hasgeek.com CATEGORIES:Full talk,Beginner,Lecture,Full talk of 40 mins duration,Beginn er CREATED;VALUE=DATE-TIME:20190606T073622Z DESCRIPTION:Agenda of this talk is to give a glimpse into the actual world of bug bounty and just not from what we read in news. These will be some points of discussion to paint a complete picture for the audience:\n\n-Int roduction and benefits of having a bug bounty program \n-Discuss on would it make sense to have a bug bounty program or can we live without it\n-Wha t take do leadership has on bug bounty\, their concerns\, and expectations \n-What could go wrong if we dont even bother\n-When is the right time in the timeline of an organization to have open connect with security researc hers \n-What kind of organizations need such program or how do we decide i t for my non-IT organization \n-What platform make sense? Should we buy or build our own\n-Why problem would pop up while building a platform vs dra wbacks on signing up on a platform\n-What all process needs to put in plac e across the organization to have a successful one\n-What is bare minimum automation we need to have to scale up to all bugs we receive \n-How do di fferent teams react to it like the legal team\, finance team\, PR team etc .\n-What are the logistic problem that shows up towards the launch \n-Do's and Do not's of a bug bounty program \n\n\n\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/bug-bounty-programs-good-ba d-ugly-6XQ2wZJitKPpNSQmffdkNu BEGIN:VALARM ACTION:display DESCRIPTION:Devil lies in the details: running a successful bug bounty pro gramme in your organization in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Check-in and breakfast (at food court) DTSTART;VALUE=DATE-TIME:20190622T033000Z DTEND;VALUE=DATE-TIME:20190622T040000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/7wr237FMzPK1apFKkREEdx@hasgeek.com CREATED;VALUE=DATE-TIME:20181005T075540Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T071805Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Check-in and breakfast (at food court) in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Recap of day 1\; introduction to day 2 DTSTART;VALUE=DATE-TIME:20190622T040000Z DTEND;VALUE=DATE-TIME:20190622T041000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/5iMFrzWKHBVHKThgTSjRc5@hasgeek.com CREATED;VALUE=DATE-TIME:20181005T075558Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T065319Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Recap of day 1\; introduction to day 2 in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Check-in and breakfast (at food court) DTSTART;VALUE=DATE-TIME:20190622T040000Z DTEND;VALUE=DATE-TIME:20190622T045000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/CfrKK97M7zfi6HCuGvEvSA@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T071711Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T071756Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Check-in and breakfast (at food court) in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Warm-up and walk through for audi 2 DTSTART;VALUE=DATE-TIME:20190622T041000Z DTEND;VALUE=DATE-TIME:20190622T042000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/LH4vCYQQCMo7qxKvRGLtvA@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T071858Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T092509Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Warm-up and walk through for audi 2 in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:OLTP or OLAP: why not both? DTSTART;VALUE=DATE-TIME:20190622T041000Z DTEND;VALUE=DATE-TIME:20190622T050000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/SFwvwk8iyht221XdKn74Qe@hasgeek.com CATEGORIES:Full talk,Intermediate,Demo CREATED;VALUE=DATE-TIME:20190515T171926Z DESCRIPTION:+ Vitess history\n+ Vitess architecture\n+ Vitess resharding a nd demo\n+ VReplication explained\n+ VReplication demo GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/oltp-or-olap-why-not-both-S Fwvwk8iyht221XdKn74Qe BEGIN:VALARM ACTION:display DESCRIPTION:OLTP or OLAP: why not both? in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Sponsored talk: SRE -- culture and strategy DTSTART;VALUE=DATE-TIME:20190622T042000Z DTEND;VALUE=DATE-TIME:20190622T050000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/Xg7rVBvLkRDWZkXTXAXhDT@hasgeek.com CATEGORIES:Crisp talk,Intermediate,Lecture,Intermediate,Crisp talk of 20 m ins duration CREATED;VALUE=DATE-TIME:20190609T152322Z DESCRIPTION:The work of an SRE team is to serve a single purpose of shippi ng code in a fast\, reliable and economical manner. Keeping these 3 factor s in mind\, we proceed to understand the undermentioned use cases.\n### Ob servability: \n__Intent: Reliability.__\n- Metric Collection:\nWe will dis cuss on how we were able to collect metrics from closely guarded systems\, with no access to the internet by using a reverse hole punching mechanism .\n- Scalable Storage:\nWe started off by using Postgres as our database f or storing metrics. Soon enough we hit a situation where the rate of inges tion almost exponentially filled up our storage. We will discuss on how we designed this solution to push metrics to multiple storage systems withou t affecting existing deployments.\n- Proactive Alerting:\nObservability is more than just metrics collection. We will walk through certain use cases which helped us analyse traffic load to adjust resource allocation\, keep a track of all error codes sent by upstream\, and detect slowness vs disc onnection across networks. \n\n### Shared storage: \n__Intent: Reliability .__\nWe deal with deployments in closely guarded systems where we don’t have control over the infrastructure. We will discuss how we utilized exis ting tooling to share data between services deployed across vlans.\n\n### Network accessibility: \n__Intent: Cost-Reduction and Speed__\n- Proxies:\ nNetwork accessibility would mean restricting access to certain sources. T he exercise of whitelisting source addresses is neither economical nor fas t when it comes to closely guarded systems. With the use of a transparent proxy we were able to manage access easily.\nWe will discuss how Squid pro xy would hijack a 429 error with a 503\, leading to temporary denial of ac cess to the upstream service.\n- DNS:\nWe will discuss 2 war stories with respect to DNS - one where DNS resolution failed randomly and the other w here DNS lookup limit was reached when too many services were accessing ou r central monitoring solution in a short span of time.\n- File sharing:\nA ny deployment in a closely guarded environment would mean us having to upl oad files to the destination manually. We resolved this situation by imple menting a small service which made file access easy across such environmen ts.\n- Topology mapping:\nConstant manual intervention was needed to check if x ports were opened cross y systems in z vlans. We discuss the solutio ning of how we automated this task.\n\n### Infrastructure Management: \n__ Intent: Reliability and Speed.__\nInfrastructure is the entrypoint to depl oy code to production. While cloud providers do make this task easy\, ther e are deeper problems we had to address\, such as - versioning\, locking a ccess to concurrent updation of resources and enabling webhooks. We develo ped a tool called Tessellate to do just this.\nWith an intent to give more power to product teams to bring up their own infrastructure without havin g to build the skill set\, we designed a tool called Escher which would ta ke a YAML file as an input and provide a fully baked infrastructure to the user. Escher also made automating workflows easier alongside our orchestr ator service.\n\n### Infosec: Authorization and Traceability:\n__Intent: C ost-Reduction and Reliability.__\nAny activity performed by the SRE team\, be it service deployment\, PR merge or infrastructure improvement\, had t o be tracked to ensure production systems were reliably maintained. We bui lt multiple authentication and authorization workflows around each of thes e use cases. These simple solutions enabled us to confidently allow deploy ments to take place. We discuss solutions such as ACL on job scheduling\, 2FA authentication for service deployments and LDAP for traceability.\n\n# ## Conclusion:\nThe core belief of an SRE team is to solve problems for th e larger good and not restrict ourselves to the problem at hand. Every sin gle tool we use was solutioned keeping this intent in mind. Each solution was a step towards better debuggability and accessibility to the issues fa ced in production\, and each of these solutions made our on-call shifts ma nageable. The key takeaway from this talk would be to follow the same appr oach and taking a step back and thinking twice before doing something manu ally\, thinking whether this problem is repeatable\, reusable and can be a utomated. - GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/sre-war-stories-trusting-so cial-Xg7rVBvLkRDWZkXTXAXhDT BEGIN:VALARM ACTION:display DESCRIPTION:Sponsored talk: SRE -- culture and strategy in Audi 2 in 5 min utes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Defensive and offensive applications of open source intelligence DTSTART;VALUE=DATE-TIME:20190622T045000Z DTEND;VALUE=DATE-TIME:20190622T055000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/ZyCNupqLePjG5hcVBGdBM@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Intermediate,Discussion,Birds O f Feather (BOF) Session,Intermediate CREATED;VALUE=DATE-TIME:20190607T102926Z DESCRIPTION:This Birds of a Feather session does not have a particular dec ided flow for discussion. All inputs\, including questions\, techniques\, experiences\, war stories\, et cetera\, will be helpful for moving the con versation forward. However\, it should be clarified that\, for the purpose of this discussion\, the use of open source intelligence will not cover t he associated investigative or journalistic aspect\, but rather that which deals with potential security implications\, both from the red and blue p erspective. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T114347Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/defensive-and-offensive-app lications-of-open-source-intelligence-ZyCNupqLePjG5hcVBGdBM BEGIN:VALARM ACTION:display DESCRIPTION:Defensive and offensive applications of open source intelligen ce in BOF area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Log Analytics with ELK Stack (Architecture for aggressive cost opt imization and infinite data scale) DTSTART;VALUE=DATE-TIME:20190622T050000Z DTEND;VALUE=DATE-TIME:20190622T054000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/KfMsGzN12MPosUynKJpfjA@hasgeek.com CATEGORIES:Beginner,Full talk of 40 mins duration CREATED;VALUE=DATE-TIME:20190515T172208Z DESCRIPTION:Business Requirements/Use Cases\n - Log analysis platform (App lication\, Web-Server\, Database logs)\n - Data Ingestion rate: ~300GB/day \n - Frequently accessed data: last 8 days\n - Infrequently accessed data: 82 days (90 - 8 days)\n - Uptime: 99.9\n - Hot Retention period: 90 days\ n - Cold Retention period: 90 days (with potential to increase)\n - Cost e ffective solution\n\nAreas of optimization\n - Application\n - Infrastruct ure\n\nCost Optimization\n - Replica counts and its impacts\n - How to run ELK on Spot instances correctly.\n - EBS Costs can be high\, how to set u p Hot / Cold data storage\n - Auto Scaling\n - On-demand ELK Cluster\n\nIn finite Data Retention\n - How to setup S3 as a hot backup\n - Recover on D emand\n\nNumbers/Tradeoffs\n - Cost/GB data ingested\n - Trade-offs made\n - DR mechanisms\n\nConclusion \n - Building a log analytics is not rocket science. But it can be painfully iterative if you are not aware of the op tions. Be aware of the trade-offs you are OK making and you can roll out a solution specifically optimized for that.\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200820T123009Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/log-analytics-platform-with -aggressive-cost-optimisation-and-infinite-scale-KfMsGzN12MPosUynKJpfjA BEGIN:VALARM ACTION:display DESCRIPTION:Log Analytics with ELK Stack (Architecture for aggressive cost optimization and infinite data scale) in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Scale MySQL beyond limits with ProxySQL DTSTART;VALUE=DATE-TIME:20190622T050000Z DTEND;VALUE=DATE-TIME:20190622T054000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/5iXqt3qFLgapwkQmHVEguk@hasgeek.com CATEGORIES:Intermediate CREATED;VALUE=DATE-TIME:20190402T095827Z DESCRIPTION:- Setting up the scene: MySQL database flooded with connection s\, more than it can handle\n- Vision: Achieve 10x scale without 10x cost\ n- An ideal solution?\n- Solutions available: ProxySQL\, MaxScale\, Nginx\ , HAProxy\n- Why ProxySQL?\n- Benchmarking ProxySQL\n- Conneting the missi ng dots\n- Chosing an architecture for deployment and why\n- Challenges an d workarounds\n- The end result!\n- The Future GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/scale-mysql-beyond-limits-w ith-proxysql-5iXqt3qFLgapwkQmHVEguk BEGIN:VALARM ACTION:display DESCRIPTION:Scale MySQL beyond limits with ProxySQL in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Morning beverage break DTSTART;VALUE=DATE-TIME:20190622T054000Z DTEND;VALUE=DATE-TIME:20190622T061000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/YcK1R9MUTu8VQPVybQPznB@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T070603Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190613T005220Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Morning beverage break in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Morning beverage break DTSTART;VALUE=DATE-TIME:20190622T054000Z DTEND;VALUE=DATE-TIME:20190622T061000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/3q9TtHy5fRRubfv889V1Se@hasgeek.com CREATED;VALUE=DATE-TIME:20190616T092637Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T092958Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Morning beverage break in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Birds of a Feather: DevSecOps DTSTART;VALUE=DATE-TIME:20190622T060000Z DTEND;VALUE=DATE-TIME:20190622T070000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/P9kaK84GHbgQGZPHYyKfdU@hasgeek.com CATEGORIES:Intermediate,Birds Of Feather (BOF) Session CREATED;VALUE=DATE-TIME:20190406T104003Z DESCRIPTION:We are looking to bring forth the following issues:\n\n-Challe nges in integrating security in a fast paced DevOps Cycle\n-Current Practi ces being followed for DevSecOps in their Organizations\n-How is SAST & DA ST placed in the lifeCycle\n-Embedding Security in the Pipeline and Automa tion\n-Whats different when dealing with containers and cloud GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190610T072832Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/devsecops-P9kaK84GHbgQGZPHY yKfdU BEGIN:VALARM ACTION:display DESCRIPTION:Birds of a Feather: DevSecOps in BOF area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Network automation with Ansible DTSTART;VALUE=DATE-TIME:20190622T061000Z DTEND;VALUE=DATE-TIME:20190622T065000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/Dvd75dwEPxkbm2qP5HpeGH@hasgeek.com CATEGORIES:Intermediate,Full talk,Demo,Full talk of 40 mins duration,Inter mediate CREATED;VALUE=DATE-TIME:20190610T071946Z DESCRIPTION:The talk will cover the key features like provisioning\, confi guration management of Networking devices and How Ansible becomes one Solu tion for all of it.\n\nAgenda of the talk:\n\n - What are challenges Netw ork Engineers face\n - WHY use Ansible for Network Automation to make the ir life simple.\n - What are the things Ansible offers for Network Automa tion \n - How to use Ansible to resolve challenges Network Engineers/Oper ators face everyday\n - Live demo of Configuring Networking device with A nsible GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/network-automation-with-ans ible-Dvd75dwEPxkbm2qP5HpeGH BEGIN:VALARM ACTION:display DESCRIPTION:Network automation with Ansible in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Sponsored talk: Functional programming and Nix for reproducible\, immutable infrastructure DTSTART;VALUE=DATE-TIME:20190622T061000Z DTEND;VALUE=DATE-TIME:20190622T065000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/QzS5nrxsXL9EEELfNAtuBY@hasgeek.com CATEGORIES:Sponsored talk,Intermediate CREATED;VALUE=DATE-TIME:20190515T172010Z DESCRIPTION:1. Why functions?\n2. How are functions relevant to package ma nagement?\n3. How are functions relevant to operating systems?\n4. Develop ment shells\n5. Docker without Dockerfiles GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/functional-programming-and- nix-for-reproducible-immutable-infrastructure-QzS5nrxsXL9EEELfNAtuBY BEGIN:VALARM ACTION:display DESCRIPTION:Sponsored talk: Functional programming and Nix for reproducibl e\, immutable infrastructure in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Software/site reliability of distributed systems DTSTART;VALUE=DATE-TIME:20190622T065000Z DTEND;VALUE=DATE-TIME:20190622T074000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/V6X23GAvJH5RrVsmnXX2CC@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture CREATED;VALUE=DATE-TIME:20190517T064111Z DESCRIPTION:Consider a sample application:\nA number that user sends an SM S text to of the form "Remind about ." When it's due\, a service calls you back. User is charged for each SMS and reminders that th ey answer.\n\nWhere all do you think this can start failing?\n\nStatic Fai lures:\n\n- Disks\n- Network\n- CPU\n- Memory\n\nBehaviour Failures:\n\n- Degradation\n- Latency\n- Freshness\n- Correctness\n- DDos\n\nWhat are the right tools and strategies to measure and monitor these failure points?\n What is the cost of measuring or leaving it un-measured?\n\nThere are Queu es in the system. How do you monitor synchronous and asynchronous architec tures?\n\nThe load has started to increase\, but before we discuss strateg ies Let's discuss CAP quickly.\nHow do we decide if we need sharding\, bet ter CPU or Clustering?\n\nHow do we add backups? Should they be asynchrono us or synchronous?\nCriteria to consider before picking up a strategy.\n\n So far\, we have been reactive about failures. How do we move to a proacti ve model?\nAnd Meanwhile\, could you trace that request from that particul ar user for me?\n\nAt what stage and how do we start injecting reliability as a part of the Software development process?\n\nLastly\, while all of t his is said to improve and fix things\, how do we prove that it does? How do you validate that MySQL replicas come back when the master dies. The on ly way to know is by simulating. How do we set up Simulations? A decade ag o it used to be called FMEA\; now it's called Chaos Engineering.\n\nAnd oh \, we should also discuss Site vs Software Reliability. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/software-site-reliability-o f-distributed-systems-V6X23GAvJH5RrVsmnXX2CC BEGIN:VALARM ACTION:display DESCRIPTION:Software/site reliability of distributed systems in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Load Balancing : an in-depth study to scale @ 80K TPS DTSTART;VALUE=DATE-TIME:20190622T065000Z DTEND;VALUE=DATE-TIME:20190622T073000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/8FwnduDBmbwMjzPbvWuBFb@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Intermediate,Lecture CREATED;VALUE=DATE-TIME:20190515T172146Z DESCRIPTION:- Referencing the 13 yr old article of willy tarreau ( 2006 ) \n- 5 categories of LB\n\n- Evaluation params of LBs\n\n* DNS Load Balanci ng Detail\n* Layer 3/4 Loadbalancing\n* Haproxy example and monitoring par ams \n\n- Layer 7 Loadbalancing\n\n- Hardware and Software Routing ( setup s and cases of each )\n- LVS: history and implementation\n - NAtting\n - D irect Routing \n - Tunnel Based routing\n\n- RP Filter\n- What to monitor\ n- Interrupts handling and CPU affinity\n- HA with Keepalived and consul \n\n- References\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/load-balancing-in-depth-stu dy-to-scale-80k-tps-8FwnduDBmbwMjzPbvWuBFb BEGIN:VALARM ACTION:display DESCRIPTION:Load Balancing : an in-depth study to scale @ 80K TPS in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART;VALUE=DATE-TIME:20190622T073000Z DTEND;VALUE=DATE-TIME:20190622T083000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/EHNVazYFoADzfUbB56nHEL@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T072154Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T093128Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Lunch break in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART;VALUE=DATE-TIME:20190622T074000Z DTEND;VALUE=DATE-TIME:20190622T084000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/5LfuT15nwgpnQpS9BN14rf@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T070910Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T092300Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Lunch break in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Code Coverage Based Verification (CCBV) DTSTART;VALUE=DATE-TIME:20190622T083000Z DTEND;VALUE=DATE-TIME:20190622T093000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/Q5ZLPvZZ9DQdzgmC7zsE2L@hasgeek.com CATEGORIES:Birds Of Feather (BOF) Session,Intermediate CREATED;VALUE=DATE-TIME:20190406T104224Z DESCRIPTION:Current testing scenario --> disadvantages with the approach - -> How can code coverage based verification help --> advantages --> challe nges --> way forward GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T093926Z LOCATION:Room 01 for BOFs - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/code-coverage-based-verific ation-ccbv-Q5ZLPvZZ9DQdzgmC7zsE2L BEGIN:VALARM ACTION:display DESCRIPTION:Code Coverage Based Verification (CCBV) in Room 01 for BOFs in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Sponsored talk: Decomposing a monolith -- engineering and operatio nal strategies we have gleaned from our experience at Endurance DTSTART;VALUE=DATE-TIME:20190622T084000Z DTEND;VALUE=DATE-TIME:20190622T092000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/3i3tZCizAM2c1hZ9hMipzu@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture,Sponsored talk,Intermediate CREATED;VALUE=DATE-TIME:20190616T093432Z DESCRIPTION:Our APAC story in identifying and addressing the key issues ar ound moving ~$70 million dollar monolithic Domain provisioning & Billing p latform to microservices:\n\n* Need for micro-services\n\n* Common mistake s\n\n* Managing the transition\n\n* Scaling\, Redundancy and Deployments\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/decomposing-a-monolith-engi neering-and-operational-strategies-we-have-gleaned-from-our-experience-at- endurance-3i3tZCizAM2c1hZ9hMipzu BEGIN:VALARM ACTION:display DESCRIPTION:Sponsored talk: Decomposing a monolith -- engineering and oper ational strategies we have gleaned from our experience at Endurance in Aud i 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Virtuous Cycles: Enabling SRE via automated feedback loops DTSTART;VALUE=DATE-TIME:20190622T084000Z DTEND;VALUE=DATE-TIME:20190622T092000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/MUtdYsAzKUJqWfQtJCsaCs@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture,Full talk of 40 mins duration,In termediate CREATED;VALUE=DATE-TIME:20190604T143326Z DESCRIPTION:In pictures we will show a journey of instrumentation - how on e can use app-level telemetry and tracing to build confidence that your au to-remediating strategies are doing the right things. Case studies include :\n\n- Intelligent query timeouts that allow loaded workers to recover\n- A backoff and jitter system for controlling thundering-herd on an internal service\n- Watermark-based quota system for shaping traffic on a multiten ant cluster\n\nWe will show that using open-source tooling\, and good obse rvability practices\, you can make an opaque part of your system that is o perationally taxing into a well-behaved component\, that remediates itself . We take a very visual approach to telling these stories - so expect grap hs and lot of them! \n\nUltimately\, we want to give audience a framework and strategy to answer these questions:\n- Is an ops procedure worth autom ating?\n- How to get good feedback from internal telemetry in your applica tion?\n- How to use this feedback to drive auto-remediation?\n- And most i mportantly\, how to experiment on all this\, without breaking production : ) GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/virtuous-cycles-enabling-sr e-via-automated-feedback-loops-MUtdYsAzKUJqWfQtJCsaCs BEGIN:VALARM ACTION:display DESCRIPTION:Virtuous Cycles: Enabling SRE via automated feedback loops in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Birds of a Feather: Security paranoid OS DTSTART;VALUE=DATE-TIME:20190622T084000Z DTEND;VALUE=DATE-TIME:20190622T094000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/3Z4r9VZecG6u8aL7NefDSv@hasgeek.com CATEGORIES:Beginner CREATED;VALUE=DATE-TIME:20190423T065616Z DESCRIPTION:In the wake of one data breach after another\, and in this age of surveillance\, security has become serious business. The trust on the big giants like Facebook\, Google\, etc has diminished over the years. Sec urity has been a huge concern in the recent times for many of us\, and a l ot of them have grown a valid paranoia around security and privacy. The te rm "valid" signfies just not be a paranoid but to be methodical in your ac tion. \n\nAs we grow dependent more and more on internet-based services\, the more vunerable are we becoming to exploits\, and you can easily notice how in the recent times the exploits has affected a large number of peopl e.\n\nAnd\, there could be no better place to start than your OS itself. T here has been a growing list of OS targeted towards security. There are bu nch of options these days\, like TailOS\, QubeOS\, Silverblue\, Whonix etc each behaving a bit differently but trying to acheive the same goal\, Sec urity & Privacy\n\nWe gather to discuss our ideas and concerns on this top ic\, discuss our methods\, how we compartmentalize applications to fight v ulnerabilties.\n\n\n\n GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T093911Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/security-paranoid-os-3Z4r9V ZecG6u8aL7NefDSv BEGIN:VALARM ACTION:display DESCRIPTION:Birds of a Feather: Security paranoid OS in BOF area in 5 minu tes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Virtual nodes to auto-scale applications on Kubernetes DTSTART;VALUE=DATE-TIME:20190622T092000Z DTEND;VALUE=DATE-TIME:20190622T094500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/X1QVL8L4jyQ2c7vYGbjw18@hasgeek.com CATEGORIES:Advanced CREATED;VALUE=DATE-TIME:20190409T055551Z DESCRIPTION:Let's see a demo application using ServiceMonitor for Promethe us\, a HPA\, and a custom container that will count the instances of the a pplication and expose them to Prometheus. Finally\, Grafana dashboard to v iew the metrics in real-time. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/virtual-nodes-to-auto-scale -applications-on-kubernetes-X1QVL8L4jyQ2c7vYGbjw18 BEGIN:VALARM ACTION:display DESCRIPTION:Virtual nodes to auto-scale applications on Kubernetes in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Scalable distributed systems from grounds up in Elixir DTSTART;VALUE=DATE-TIME:20190622T092000Z DTEND;VALUE=DATE-TIME:20190622T100000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/HitwMKgtw2Aihwv2BFdJ9J@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture CREATED;VALUE=DATE-TIME:20190607T103022Z DESCRIPTION:The outline of the talk would be roughly as follows:\n1. Discu ssion of the erlang/elixir process model\n2. Discussion of GenServers (oth er OTP constructs if required) \n3. Discussion on distributed erlang\n4. C ycling through live game show architecutures GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/scalable-dist-sys-from-grou nds-up-in-elixir-HitwMKgtw2Aihwv2BFdJ9J BEGIN:VALARM ACTION:display DESCRIPTION:Scalable distributed systems from grounds up in Elixir in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Infrastructure as Code BOF DTSTART;VALUE=DATE-TIME:20190622T094000Z DTEND;VALUE=DATE-TIME:20190622T104500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/3zb2tzBsDYz3FAGzcLyor2@hasgeek.com CREATED;VALUE=DATE-TIME:20190619T170034Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190619T170045Z LOCATION:Room 01 for BOFs - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Infrastructure as Code BOF in Room 01 for BOFs in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Bug bounties for organizations DTSTART;VALUE=DATE-TIME:20190622T094000Z DTEND;VALUE=DATE-TIME:20190622T104500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/RHXe15esFT29bm8Qg81quK@hasgeek.com CATEGORIES:Birds Of Feather (BOF) session ,Intermediate,Discussion CREATED;VALUE=DATE-TIME:20190613T110415Z DESCRIPTION:This session will be run in an unorganized manner however some key points of discussion we think would be useful are:\n\n1. Should an or ganization be getting into bug bounty. if yes when do you know you are rea dy\n2. How to convince the management about launching bug bounties\n2. Wha t would be a better choice going independent or joing a platform\n3. How d o you decide payouts (money\, swag\, wall of fame)\n4. Real life challenge s faced while running bug bounty programs\n5. How to handle bug triaging\n 6. How to handle respectful communications and enforce rules\n\nThe discus sion will revolve around bug bounties however we will not be covering bug hunting as part of this discussion. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T124110Z LOCATION:BOF area - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/bug-bounties-for-organizati ons-RHXe15esFT29bm8Qg81quK BEGIN:VALARM ACTION:display DESCRIPTION:Bug bounties for organizations in BOF area in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Flash talks: by participants DTSTART;VALUE=DATE-TIME:20190622T094500Z DTEND;VALUE=DATE-TIME:20190622T101000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/MpX1ve738fU2F62Vhhr2Xm@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T071143Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T092311Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Flash talks: by participants in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Evening beverage break DTSTART;VALUE=DATE-TIME:20190622T100000Z DTEND;VALUE=DATE-TIME:20190622T103000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/GBdj2nVco6tiwcbUTs1YN6@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T072454Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T093553Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Evening beverage break in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Kafka streams at scale DTSTART;VALUE=DATE-TIME:20190622T101000Z DTEND;VALUE=DATE-TIME:20190622T105000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/4uXhyFsDB6sMZPf1PbH4q2@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Advanced CREATED;VALUE=DATE-TIME:20190327T104225Z DESCRIPTION:Problem Statement: Stateful Realtime Processing of multi-milli on events.\n\n1. Intro Kafka Streams and event flow (2 slides)\n2. Challen ges in Kafka Streams\n a. Fault Recovery\n b. Horizontal Scalability\n c. Cloud Readiness\n d. Restricted RocksDB\n e. Large Clusters\n3. Lay a background on why are these a challenge.\n4. How we forked the code to solve each of these over the past year.\n5. Conclusion \n6. Future Work s GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/kafka-streams-at-scale-4uXh yFsDB6sMZPf1PbH4q2 BEGIN:VALARM ACTION:display DESCRIPTION:Kafka streams at scale in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:eBPF: exploring use case of BPF kernel infrastructure DTSTART;VALUE=DATE-TIME:20190622T103000Z DTEND;VALUE=DATE-TIME:20190622T111000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/6Qrun9XEJsmSHuK6EatVZh@hasgeek.com CATEGORIES:Full talk of 40 mins duration,Intermediate,14 May CREATED;VALUE=DATE-TIME:20190603T125656Z DESCRIPTION: - Introduction to eBPF\n - What is eBPF?\n - tcpdum p: Beginning of BPF\n - eBPF use cases \n - Networking: XDP\, AF _XDP\n - Why XDP: Comparison/benchmark data bw existing packet filtering(iptables) and high performance network data path(DPDK) \n - When should you use XDP: Practical use-case in production. \n - Tracing: bcc-tools\, Bpftrace\n - Overview of ebpf tracing tools and existing tracing tools.\n - Writing bpftrace program to trace kernel\n - Other scenarios and developing your own use-cas e\n - eBPF Architecture \n - Overview of in-kernel vm and verifi er.\n - How does a eBPF program looks like?\n - Security aspect of eBPF\n - Features of ebpf bytecode verifier\n - Seccomp B PF\n - Q & A GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/ebpf-exploring-usecase-of-b pf-kernel-infrastructure-6Qrun9XEJsmSHuK6EatVZh BEGIN:VALARM ACTION:display DESCRIPTION:eBPF: exploring use case of BPF kernel infrastructure in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Evening beverage break DTSTART;VALUE=DATE-TIME:20190622T105000Z DTEND;VALUE=DATE-TIME:20190622T112000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/S1LWU9ebV8em8fQ4XhLF9H@hasgeek.com CREATED;VALUE=DATE-TIME:20190610T071312Z GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20190616T092315Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Evening beverage break in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Automate your IX’s RS Config DTSTART;VALUE=DATE-TIME:20190622T111000Z DTEND;VALUE=DATE-TIME:20190622T113500Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/7xpvRGUmiXJwBQ2cgVV6Pj@hasgeek.com CATEGORIES:Full talk,Beginner,Lecture CREATED;VALUE=DATE-TIME:20190613T005541Z DESCRIPTION:Talk covers the use of open source project Arouteserver for ge nerating bird config. This makes it easy an internet exchange operator to run and operate an IX without much effort on config or updating the filter s manually. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 2 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/automate-your-ixs-rs-config -7xpvRGUmiXJwBQ2cgVV6Pj BEGIN:VALARM ACTION:display DESCRIPTION:Automate your IX’s RS Config in Audi 2 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:POLARDB architecture DTSTART;VALUE=DATE-TIME:20190622T112000Z DTEND;VALUE=DATE-TIME:20190622T120000Z DTSTAMP;VALUE=DATE-TIME:20210120T185329Z UID:session/6ngi97MxskoGoKtL3XzCx8@hasgeek.com CATEGORIES:Full talk,Intermediate,Lecture,Full talk of 40 mins duration,In termediate CREATED;VALUE=DATE-TIME:20190610T092532Z DESCRIPTION:See link to slides from an earlier presentation. GEO:12.94319058684005;77.59623119607569 LAST-MODIFIED;VALUE=DATE-TIME:20200619T062515Z LOCATION:Audi 1 - NIMHANS Convention Centre\nBangalore\, IN ORGANIZER;CN=Rootconf:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/rootconf/2019/schedule/polardb-architecture-6ngi97 MxskoGoKtL3XzCx8 BEGIN:VALARM ACTION:display DESCRIPTION:POLARDB architecture in Audi 1 in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT END:VCALENDAR