##About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:
- Security talks and tutorials in audi 1 and 2 on 21 June.
- Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.
##Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule
Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:
- OSINT and its applications
- Key management, encryption and its costs
- Running a bug bounty programme in your organization
- PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
- SRE and running distributed teams
- Routing security
- Log analytics
- Enabling SRE via automated feedback loops
- TOR for DevOps
##Who should attend Rootconf?
- DevOps programmers
- DevOps leads
- Systems engineers
- Infrastructure security professionals and experts
- DevSecOps teams
- Cloud service providers
- Companies with heavy cloud usage
- Providers of the pieces on which an organization’s IT infrastructure runs -- monitoring, log management, alerting, etc
- Organizations dealing with large network systems where data must be protected
- VPs of engineering
- Engineering managers looking to optimize infrastructure and teams
For information about Rootconf and bulk ticket purchases, contact email@example.com or call 7676332020. Only community sponsorships available.
##Rootconf 2019 sponsors:
Deploying and Managing CSP - the Browser-side Firewall
Data exfiltration attacks like Magecart have targeted a low-hanging fruit in the industry and have allowed attackers to steal millions of user’s credit card data. Existing security systems fail to prevent or even detect these attacks and this is a major blind-spot in the security monitoring systems. Content Security Policy is a standard supported in most modern browsers and can be harnessed to help increase protection against Magecart type attacks. This talk will explain how engineers in charge of infrastructure and servers can put this security measure in place and manage it effectively.
- Introduction to client-side Data Exfiltration attacks
- Introduction to Content-Security Policy
- Content Security Policy to prevent Data Exfiltration attacks
○ What is possible
○ What are the limitations
- How to design and deploy CSP to detect/prevent Data Exfiltration attacks
- How to monitor policy violations and alerts
Lavakumar Kuppan is the founder of Ironwasp Security. He is a security researcher and a product developer. He is currently developing products that automatically perform vulnerability detection and attack monitoring for the DOM.