##About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:
- Security talks and tutorials in audi 1 and 2 on 21 June.
- Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.
##Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule
Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:
- OSINT and its applications
- Key management, encryption and its costs
- Running a bug bounty programme in your organization
- PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
- SRE and running distributed teams
- Routing security
- Log analytics
- Enabling SRE via automated feedback loops
- TOR for DevOps
##Who should attend Rootconf?
- DevOps programmers
- DevOps leads
- Systems engineers
- Infrastructure security professionals and experts
- DevSecOps teams
- Cloud service providers
- Companies with heavy cloud usage
- Providers of the pieces on which an organization’s IT infrastructure runs -- monitoring, log management, alerting, etc
- Organizations dealing with large network systems where data must be protected
- VPs of engineering
- Engineering managers looking to optimize infrastructure and teams
For information about Rootconf and bulk ticket purchases, contact email@example.com or call 7676332020. Only community sponsorships available.
##Rootconf 2019 sponsors:
OSINT mindset to protect your organization
Information on the public internet is increasing exponentially. The public information about your organization includes employees, email addresses, public facing digital assets (domains, subdomains & IP addresses), documents, policies and much more. Anyone having access to internet could gather more information about your organization than you think.
Open Source Intelligence, also known as OSINT in short, is an art of gathering publicly available data to derive useful information. The usage of the information is upto the OSINT investigator, it could be used for or against your organization. In this talk we would dive into an OSINT investigator’s perspective of information. We would have a detailed look at different ways one could gather information about your organization and how the information could be used in weakening or compromising your security.
We would end the session with the available ways to reduce harmful effect of your public information. The attendees would leave the talk with a deep understanding of how information could harm against you, along with ways to prevent it.
- What is OSINT ?
- The OSINT Mindset
- What do you know about the organization ?
- Supply Chain
- What do you technically know about the organization ?
- Domains & Subdomains
- Digital assets, IP addresses & their open ports
- Technology stacks used
- Did you check out the employees ?
- Email addresses
- Online coding
- Online content sharing
- Username and password reuse
- OpSec as a defensive measure
Chandrapal Badshah is a security researcher and open source enthusiast. He is the founder and maintainer of “Hack with GitHub” – an initiative to showcase open source security tools on GitHub. He has contributed to multiple projects revolving around mobile app security, automation and open source intelligence (OSINT). He has given multiple talks including those at Null community monthly meets. He is an active member at Null Bangalore and contributes to the community as a chapter lead.
- Twitter: https://twitter.com/bnchandrapal
- Website: https://badshah.io
- Community talks: https://null.co.in/profile/3268-badshah