Presentations
This talk will cover the various features that Postgres provides for data security, from the very basic to the most advanced.
Postgres has a variety of features to secure your data in a multitude of ways, each suitable for a specific set of use cases. The goal of this talk is not just to lay out the features available to secure your data, but also to give an idea of when to leverage these features, and how best to implement it. This session will also cover some of the upcoming security features in Postgres 11, and a few gotchas with the existing features
Adobe Systems engineers built a modular, open-source security and compliance auditing tool named HubbleStack on the SaltStack automation platform. HubbleStack provides on-demand profile-based auditing, real-time security event notifications, automated remediation, alerting and reporting. Compare HubbleStack v1 (more Salty) and HubbleStack v2 (less Salty) and learn about HubbleStack's built-in coverage for CIS standards, integration with osquery.io for deep introspection, real-time file integrity monitoring, and support for Splunk, ELK and Slack reporting endpoints.
Cloud service adoption is increasing across organizations, from startups to enterprises. Manual manipulation and an inability to track changes throughout an environment causes a myriad of connectivity and complexity unknowns, resulting in significant difficulties in managing and auditing the security of cloud services. As config as code increases in popularity, detection of unwarranted changes or access to your system becomes more important. Skunky is a soon to be open sourced event driven system capable of marking compute resource dirty at scale in order to address this problem.
Engineers adopting microservice architectures quickly realize implementing rate limiting, circuit breaking, timeouts, retries and implementing metrics, logging and tracing are no simple tasks.
The shift to microservices is a ticking timebomb of complexity. Decomposing a monolithic app into hundreds of microservices comes with a new set of challenges that become readily apparent when running in production. Enter a new category of tooling: the service mesh. There's been a recent surge of interest in the so-called "service mesh", but what is it? Why is this suddenly relevant now? Why would you even need one? If you're considering running microservices in production, this talk is relevant to you.
Learn the benefits of Continuous Integration (CI) and Continuous Delivery/Deployment (CD). Learn how to set up CI/CD pipelines using two popular tools: GitLab and Jenkins. This will be a self-paced class with hands-on lab.
Most of what we've been told over the years about what makes a good password has been wrong, so it's no surprise most people pick bad passwords. This talk covers the history of password policy and cracking from the Golden Age, to the "correct horse battery staple" password renaissance, to modern password cracking and modern defenses.
AWS Lambda is the most widespread implementation of “Serverless.” In this talk, come explore what happens when your Lambda usage goes hilariously wrong– and what to do about it.
High availability is becoming a de-facto requirement of today's applications. Customer-facing IT failures mean directly losing customer revenue and trust, as users have grown accustomed to easily switching service providers for more reliable ones. Lack of internal systems availability block employee productivity and add to the financial burden. Thus, it is critical to have a healthy, performant, resilient IT structure serving as a backbone of conducting your business.
In Linux, getting an application packaged and uploaded to the repositories for distribution can be just as challenging if not more than the actual development of the application in the first place. In this talk, Nathan Handler will demonstrate how you can use Snapcraft to quickly turn your applications into Snaps that can then be immediately uploaded to the store.