Rootconf 2025 Annual Conference CfP

Description

Managing attack surfaces effectively demands comprehensive, continuous scanning of internet-facing assets at an unprecedented scale. Each organization’s needs differ vastly—there is no one-size-fits-all solution. To overcome these challenges, we engineered a highly scalable, distributed platform leveraging cloud infrastructure, guided by the Single Responsibility Principle.

In our approach, we designed data pipelines around an event-driven, queue-based architecture integrated seamlessly with serverless computing. This allowed us to enhance data ingestion capabilities by 20x, while simultaneously cutting operational costs by approximately 33%.

On the platform side, we adopted a robust multi-tenant architecture, assigning dedicated infrastructure to premium customers while utilizing shared infrastructure for free-tier users. Our solution strategically employs AWS Fargate and Lambda for lightweight and non-network-intensive tasks, combined with EC2 Auto Scaling Groups optimized for resource-heavy operations such as port scanning. This resulted in scan times decreasing by up to five times per customer, again reducing operational expenses by one-third.

We also enforced strict infrastructure lifecycle management, ensuring resources spin up only when necessary, minimizing idle resources effectively to near-zero. Further cost savings were achieved through extensive use of spot instances for stateless workloads.

This talk will provide insights into our architectural decisions, cost optimization strategies, and key learnings, showcasing how we successfully built a scalable, efficient, and cost-effective attack surface management solution capable of scanning the internet at scale.

Takeaways

• Learn how to design and operate a cost-efficient, cloud-native platform capable of internet-scale scanning using queue-based architectures, serverless compute, and workload-specific infrastructure choices.
• Understand practical strategies for multi-tenant design, resource auto-scaling, and cost optimization—including the use of Spot Instances, on-demand infrastructure spin-up, and strict idle resource control—to achieve high performance without breaking the bank.

Which audience segment is your talk/session going to beneficial for?

This session will be valuable for engineering leaders, DevOps practitioners, security architects, and platform engineers who are building or managing large-scale security systems, especially in the areas of vulnerability management, asset discovery, and attack surface monitoring. It will also benefit anyone interested in designing cost-optimized, cloud-native architectures for high-scale data processing and scanning workloads. Whether you are tackling internet-scale challenges or managing infrastructure for a growing SaaS product, this talk will offer practical insights and real-world lessons that can be applied across various domains.

About Me

• Priyes Bamne - Principal Engineer at RedHunt Labs, leads the DevOps and platform architecture efforts, focusing on building scalable, reliable, and cost-efficient infrastructure. With deep expertise in cloud-native technologies, automation, and distributed systems, he specializes in designing resilient platforms that can handle high-scale workloads. Passionate about performance optimization and infrastructure as code, Priyes plays a key role in ensuring that engineering velocity and operational stability go hand in hand.