Rootconf 2025 Annual Conference CfP

{Describe your talk/session in 2-3 paragraphs}
At Uptycs, we’ve spent years scaling a cloud-native security analytics platform to handle Trillion+ events (1+ petabyte) per day, across cloud and on-premise deployments. This talk traces the architectural evolution that made it possible — from our early SU-based deployment model to a modern, Kubernetes-optimized system. SU (Scaling Unit) clusters, while powerful and reliable, started to show their age in the face of rapidly growing data, rising infrastructure costs, and operational inefficiencies.

Scaling Unit is a pair of nodes one of those housing large number of compute intensive, low latency, memory bound services while second node housing memory intensive, largely disk bound , medium to high latency tolerant and batched workload. We could stack up these SUs in multiple of 3s together to build a SU cluster but we never went beyound a 12 SU cluster. After that we started growing another SU cluster upto 12 ... why pair of nodes, why multiple of 3s and why maximum of 12 - what benifits such an architecture provided in on-prem deployments apart from making it cloud agnostic ? how it allowed us to scale to unheard scales of ingesting a petabyte a day, achieving peak EPS of 100+ million in a single deployment - are all the answers we would like to share in the session.

We’ll walk through how we used the SU (scaling unit) model to scale predictably and achieve fault tolerance — and why it became a bottleneck as our microservices grew. The tipping point came when we realized the majority of these services were idling yet consuming resources at scale. The session will deep-dive into how Kubernetes helped us reclaim performance and cost efficiency, cut down PostgreSQL pressure by 90% (connections), and achieve 50% savings in production cloud spend — all while improving agility and rollout speed. Most importantly, we’ll share how we merged the best of both worlds: combining SU’s predictable scaling with Kubernetes’ flexibility, without compromising on reliability.

{Mention 1-2 takeaways from your session}
Design Takeaway: Learn how to architect large-scale systems using building block patterns (like SU clusters) and evolve them into cost-optimized Kubernetes-native platforms without disrupting availability.

Ops Takeaway: Get actionable insights on cost-saving strategies — from reducing service sprawl and PostgreSQL overload to cutting down deployment times from hours to 20 minutes using Pulumi and K8s.

{Which audience segment is your talk/session going to beneficial for?}
This session is ideal for platform engineers, SREs, and DevOps leaders building scalable infrastructure for high-throughput systems — especially those supporting multi-tenant SaaS or hybrid cloud deployments. It’s also relevant for architects managing on-prem/cloud parity or looking to transition from legacy scaling models to Kubernetes without losing operational control.

{Add your bio - what you do; where you work}
I am the Head of data and platform engineering at Uptycs, Inc.- a CNAPP and XDR platform company that develops cycber security solutions for:
EDR
XDR
CWPP
CIEM
CSPM
KSPM
SSPM
SCSM
AISPM
DSPM
... and more ... with an aim to provide a unified platform that gives an enterprise ability to manage security of its entire infrastructure from code to cloud. What it translates to is a data plat that ingests 100+Million EPS, close to Petabyte of data daily, runs 500k+ queries daily that ends up scanning 500TB+ data daily on a cloud agnostic dataplatform that is touching exaByte scale.It will be co-presented by https://www.linkedin.com/in/pravinbange/ an Architect with uptycs who is lead on kubernetisation of uptycs cloud along with leading the GenAI efforts within the company,