Rootconf 2019

Rootconf 2019

On infrastructure security, DevOps and distributed systems.

About Rootconf 2019:

The seventh edition of Rootconf is a two-track conference with:

  1. Security talks and tutorials in audi 1 and 2 on 21 June.
  2. Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.

Topics and schedule:

View full schedule here: https://hasgeek.com/rootconf/2019/schedule

Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:

  1. OSINT and its applications
  2. Key management, encryption and its costs
  3. Running a bug bounty programme in your organization
  4. PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
  5. Vitess
  6. SRE and running distributed teams
  7. Routing security
  8. Log analytics
  9. Enabling SRE via automated feedback loops
  10. TOR for DevOps

Who should attend Rootconf?

  1. DevOps programmers
  2. DevOps leads
  3. Systems engineers
  4. Infrastructure security professionals and experts
  5. DevSecOps teams
  6. Cloud service providers
  7. Companies with heavy cloud usage
  8. Providers of the pieces on which an organization’s IT infrastructure runs – monitoring, log management, alerting, etc
  9. Organizations dealing with large network systems where data must be protected
  10. VPs of engineering
  11. Engineering managers looking to optimize infrastructure and teams

For information about Rootconf and bulk ticket purchases, contact info@hasgeek.com or call 7676332020. Only community sponsorships available.

Rootconf 2019 sponsors:

Platinum Sponsor

CRED

Gold Sponsors

Atlassian Endurance Trusting Social

Silver Sponsors

Digital Ocean GO-JEK Paytm

Bronze Sponsors

MySQL sumo logic upcloud
platform sh nilenso CloudSEK

Exhibition Sponsor

FreeBSD Foundation

Community Sponsors

Ansible PlanetScale

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more
Karan Saini

Karan Saini

@x

Defensive and Offensive Applications of Open Source Intelligence

Submitted Jun 7, 2019

In real life, a footprint can be used to distinguish and confirm the identity of an individual. The same is true on the Internet, where activities and transactions that have been carried out leave behind a digital footprint, which at times can be leveraged for gathering intelligence about a particular individual and their activities. As an example, websites which reveal partial phone numbers can allow attackers to piece together an individual’s phone number in full, or an attacker attempting to break into an online account could use information available on a target’s Facebook page (e.g., name of hometown, or name of first school) in order to take guesses at their security answer. In a similar fashion, organisations may unknowingly give away sensitive information online, which could potentially be used by an attacker looking for an entry into their network. Attackers often seek to target employees as a part toward ultimately compromising their employing organisation. The question then arises, how much information is available online right now which could potentially assist an adversary in carrying out an attack at your workplace or organisation? Open Source Intelligence (“OSINT”) traditionally refers to the practice of gathering information that is available publicly, and then analysing and piecing it together with other knowledge for use as intelligence. An adversary may be interested in accumulating open source intelligence for several reasons; acquiring business edge, sabotage, theft, et cetera. How does an organisation protect against this threat? Further, how can organisations utilise the defensive gains of OSINT?

Outline

This Birds of a Feather session does not have a particular decided flow for discussion. All inputs, including questions, techniques, experiences, war stories, et cetera, will be helpful for moving the conversation forward. However, it should be clarified that, for the purpose of this discussion, the use of open source intelligence will not cover the associated investigative or journalistic aspect, but rather that which deals with potential security implications, both from the red and blue perspective.

Requirements

There are no particular requirements for this session, however, participants may benefit from having a basic understanding of computer security and open source intelligence. The session will be considered a success if participants walk away having acquired more knowledge about the topic at hand, including knowledge about specific techniques or methods which could be adapted in an offensive or defensive manner.

Speaker bio

Vandana Verma, Shubham Mittal and Karan Saini will be participating in this discussion.

Links

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more