About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:
- Security talks and tutorials in audi 1 and 2 on 21 June.
- Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.
Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule
Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:
- OSINT and its applications
- Key management, encryption and its costs
- Running a bug bounty programme in your organization
- PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
- SRE and running distributed teams
- Routing security
- Log analytics
- Enabling SRE via automated feedback loops
- TOR for DevOps
Who should attend Rootconf?
- DevOps programmers
- DevOps leads
- Systems engineers
- Infrastructure security professionals and experts
- DevSecOps teams
- Cloud service providers
- Companies with heavy cloud usage
- Providers of the pieces on which an organization’s IT infrastructure runs – monitoring, log management, alerting, etc
- Organizations dealing with large network systems where data must be protected
- VPs of engineering
- Engineering managers looking to optimize infrastructure and teams
For information about Rootconf and bulk ticket purchases, contact firstname.lastname@example.org or call 7676332020. Only community sponsorships available.
Rootconf 2019 sponsors:
DevSecOps is becoming increasingly relevant with changing requirements and rapid product development becoming the norm. Through this Birds of Feather session we plan to discover various approaches of integrating end to end security in the DevOps cycle.
Who should attend:
1.DevSecOps Enthusiasts, Practitioners, Agile Development Teams,
2.All Developers,QAs, DevOps practitioners
3.Anyone interested in DevSecOps
Key Takeaways for Audience:
1.Understanding of holistic practices of DevSecOps: what role people, process and technology play in DevSecOps
2.Basic building blocks if establishing DevSecOps from scratch(metrics)
3.Ways in which security can catch up with really fast paced DevOps
4.Amount of tooling that is optimal for your pipeline
5.Key aspects of environment security to consider in the age of containerization & cloud
We are looking to bring forth the following issues:
1.Challenges in integrating security in a fast paced DevOps Cycle
2.Current Practices being followed for DevSecOps in Organizations
3.Solving People and Proces challenges around DevSecOps to bring about a security mindset
4.Best Practices to prevent over-tooling in Pipelines
5.Embedding Security in the Pipeline and Automation
6.Culture shift required when transitioning from On-Premise to Containers and Cloud infra
This being a Birds of a Feather session, we expect people to call out questions you may have or challenges faced when choosing, establishing or maintaining the idea of DevSecOps in your organisation. We encourage you to share your experiences or analysis around automation and culture shifts needed for your DevSecOps journey, during this discussion. The general idea is to see what’s new in the DevSecOps space including optimisations and learn from inputs from practitioners solving problems on a daily basis. We will try to keep discussions to pointers and suggestions at a high level.
She is working as principal consultant for AppSec at Thoughtworks. Her array of experience includes Penetration testing and Vulnerability Assessments, Threat Modeling and Design Reviews of web applications & APIs, Source Code Reviews, Configuration reviews, Social Engineering engagements and Red Teaming. She loves building and execution of various threat cases & bending business logic. Currently She is focussed on integrating security in fast paced Agile development lifecycles and delivering security by building it into the product.
He is the founder and primary author of the IronWASP project and various other appsec focussed tools such as Ravan, JS-Recon, Imposter, etc. His products helps developers and admins discover security issues in their websites. He is also a security researcher with notable security advisories to his name.