Rootconf 2019

Rootconf 2019

On infrastructure security, DevOps and distributed systems.

About Rootconf 2019:

The seventh edition of Rootconf is a two-track conference with:

  1. Security talks and tutorials in audi 1 and 2 on 21 June.
  2. Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.

Topics and schedule:

View full schedule here:

Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:

  1. OSINT and its applications
  2. Key management, encryption and its costs
  3. Running a bug bounty programme in your organization
  4. PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
  5. Vitess
  6. SRE and running distributed teams
  7. Routing security
  8. Log analytics
  9. Enabling SRE via automated feedback loops
  10. TOR for DevOps

Who should attend Rootconf?

  1. DevOps programmers
  2. DevOps leads
  3. Systems engineers
  4. Infrastructure security professionals and experts
  5. DevSecOps teams
  6. Cloud service providers
  7. Companies with heavy cloud usage
  8. Providers of the pieces on which an organization’s IT infrastructure runs – monitoring, log management, alerting, etc
  9. Organizations dealing with large network systems where data must be protected
  10. VPs of engineering
  11. Engineering managers looking to optimize infrastructure and teams

For information about Rootconf and bulk ticket purchases, contact or call 7676332020. Only community sponsorships available.

Rootconf 2019 sponsors:

Platinum Sponsor


Gold Sponsors

Atlassian Endurance Trusting Social

Silver Sponsors

Digital Ocean GO-JEK Paytm

Bronze Sponsors

MySQL sumo logic upcloud
platform sh nilenso CloudSEK

Exhibition Sponsor

FreeBSD Foundation

Community Sponsors

Ansible PlanetScale

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

rahul bajaj


Automating compliance with Foreman: The Lifecycle management tool

Submitted Feb 11, 2019

Systems left with unpatched vulnerabilities can have a number of consequences. Security compliance is a state where computer systems are scrutinized against certain defined security policy. OpenSCAP is one such security compliance ecosystem that provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines.

Foreman provides OpenSCAP as a plugin that enables Foreman to receive automated vulnerability assessment and security compliance audits from Foreman hosts. You can upload SCAP compliance contents, create compliance policies out of them and further, these policies can be assigned to various hosts or hostgroups created through foreman.

OpenSCAP reports will help users find vulnerabilities on the hosts and also suggest remediation plan to fix those vulnerabilities. Foreman OpenSCAP plugin is made of 4 components viz., foreman_openscap, smart_proxy_openscap, foreman_scap_client and puppet-foreman_scap_client. These components together establish the Foreman and OpenSCAP integration.


Learning OpenSCAP:

  • Installing OpenSCAP
  • Scanning and Analyzing Compliance
  • Customizing OpenSCAP Policy
  • Remediating OpenSCAP Issues with Ansible

Automate Compliance using Foreman:

  • Configuring Foreman to enable OpenSCAP
  • Scan OpenSCAP Compliance with Foreman
  • Customize OpenSCAP Policy with Foreman


Basic knowledge of Linux commands and a will to learn new things are a big plus!

Speaker bio

Rahul is a Software Engineer at Red Hat. He is a Rubyist, open source enthusiast and upstream contributor. He contributes mostly to the Foreman project and is the co-maintainer of the Foreman Discovery plugin. Being a Red Hat Certified Architect, he takes interest in learning about containers, configuration management tools, and security. He loves to travel, code, talk and drink beer!


{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more