Rootconf 2019

Rootconf 2019

On infrastructure security, DevOps and distributed systems.

About Rootconf 2019:

The seventh edition of Rootconf is a two-track conference with:

  1. Security talks and tutorials in audi 1 and 2 on 21 June.
  2. Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.

Topics and schedule:

View full schedule here: https://hasgeek.com/rootconf/2019/schedule

Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:

  1. OSINT and its applications
  2. Key management, encryption and its costs
  3. Running a bug bounty programme in your organization
  4. PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
  5. Vitess
  6. SRE and running distributed teams
  7. Routing security
  8. Log analytics
  9. Enabling SRE via automated feedback loops
  10. TOR for DevOps

Who should attend Rootconf?

  1. DevOps programmers
  2. DevOps leads
  3. Systems engineers
  4. Infrastructure security professionals and experts
  5. DevSecOps teams
  6. Cloud service providers
  7. Companies with heavy cloud usage
  8. Providers of the pieces on which an organization’s IT infrastructure runs – monitoring, log management, alerting, etc
  9. Organizations dealing with large network systems where data must be protected
  10. VPs of engineering
  11. Engineering managers looking to optimize infrastructure and teams

For information about Rootconf and bulk ticket purchases, contact info@hasgeek.com or call 7676332020. Only community sponsorships available.

Rootconf 2019 sponsors:

Platinum Sponsor

CRED

Gold Sponsors

Atlassian Endurance Trusting Social

Silver Sponsors

Digital Ocean GO-JEK Paytm

Bronze Sponsors

MySQL sumo logic upcloud
platform sh nilenso CloudSEK

Exhibition Sponsor

FreeBSD Foundation

Community Sponsors

Ansible PlanetScale

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

Neelu Tripathy

@br3akp0int

DevSecOps

Submitted Mar 18, 2019

DevSecOps is becoming increasingly relevant with changing requirements and rapid product development becoming the norm. Through this Birds of Feather session we plan to discover various approaches of integrating end to end security in the DevOps cycle.

Who should attend:
1.DevSecOps Enthusiasts, Practitioners, Agile Development Teams,
2.All Developers,QAs, DevOps practitioners
3.Anyone interested in DevSecOps

Key Takeaways for Audience:
1.Understanding of holistic practices of DevSecOps: what role people, process and technology play in DevSecOps
2.Basic building blocks if establishing DevSecOps from scratch(metrics)
3.Ways in which security can catch up with really fast paced DevOps
4.Amount of tooling that is optimal for your pipeline
5.Key aspects of environment security to consider in the age of containerization & cloud

Outline

We are looking to bring forth the following issues:

1.Challenges in integrating security in a fast paced DevOps Cycle
2.Current Practices being followed for DevSecOps in Organizations
3.Solving People and Proces challenges around DevSecOps to bring about a security mindset
4.Best Practices to prevent over-tooling in Pipelines
5.Embedding Security in the Pipeline and Automation
6.Culture shift required when transitioning from On-Premise to Containers and Cloud infra

Requirements

This being a Birds of a Feather session, we expect people to call out questions you may have or challenges faced when choosing, establishing or maintaining the idea of DevSecOps in your organisation. We encourage you to share your experiences or analysis around automation and culture shifts needed for your DevSecOps journey, during this discussion. The general idea is to see what’s new in the DevSecOps space including optimisations and learn from inputs from practitioners solving problems on a daily basis. We will try to keep discussions to pointers and suggestions at a high level.

Speaker bio

Neelu Tripathy
She is working as principal consultant for AppSec at Thoughtworks. Her array of experience includes Penetration testing and Vulnerability Assessments, Threat Modeling and Design Reviews of web applications & APIs, Source Code Reviews, Configuration reviews, Social Engineering engagements and Red Teaming. She loves building and execution of various threat cases & bending business logic. Currently She is focussed on integrating security in fast paced Agile development lifecycles and delivering security by building it into the product.

LavaKumar Kuppan
He is the founder and primary author of the IronWASP project and various other appsec focussed tools such as Ravan, JS-Recon, Imposter, etc. His products helps developers and admins discover security issues in their websites. He is also a security researcher with notable security advisories to his name.

Links

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more