Hoy empezamos el último día con un refresco de los puntos de seguridad que debemos tener siempre en mente.
Thank you for coming folks!! What a great time!! @devopsbarcelona #devopsbcn2019 pic.twitter.com/uOBP7e4gXQ
— Néstor Salceda (@nestorsalceda) 6 de junio de 2019
1. DevSecOps, stay away from being in the news
Irene Comalada – GFI
#security #hackers #devsecops
Have you ever heard of: ‘one apple a day keeps the doctor away’? Fact that makes each one of us responsible for doing a small action that should improve our life.
https://joind.in/event/devops-barcelona-conference-2019/devsecops-stay-away-from-being-in-the-news
https://www.devseccon.com/
https://owaspsamm.org/
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
2. Continuous delivery for data science models
Raam Rosh Hai – Wonderkind
#predictions
Tired of wrapping pickled models in server logic? me too! The biggest bottleneck in delivering machine learning services is the handover from data science to engineering.
https://joind.in/event/devops-barcelona-conference-2019/continuous-delivery-for-data-science-models
https://github.com/assaf-platform
3. Kubernetes event abnormality detection with Falco
Néstor Salceda – Sysdig
#kubernetes #security #anomaly #detection #falco
In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level event
https://joind.in/event/devops-barcelona-conference-2019/kubernetes-event-abnormality-detection-with-falco
https://falco.org/
https://sysdig.com/blog/gke-security-using-falco/
https://sysdig.com/blog/monitoring-kubernetes-with-sysdig-cloud/
4. Managing Failure in a Distributed World
Nic Jackson & Erik Veld – HashiCorp
#mesh-architecture
In this talk, Nic will walk through the areas of complexity in a system we will then look at what patterns you can employ to ensure performance and availability even in a failing world.
https://joind.in/event/devops-barcelona-conference-2019/managing-failure-in-a-distributed-world
https://emojify.today/
https://www.envoyproxy.io/
5. Monitoring OVH: 300k servers, 27 DCs and one Observability platform
Horacio González – OVH
#scalable #metrics
In this talk we will relate our experience building and maintaining OVH Metrics, the platform used to monitor all OVH infrastructure.
https://joind.in/event/devops-barcelona-conference-2019/monitoring-ovh-300k-servers-27-dcs-and-one-observability-platform
https://gotochgo.com/2017/sessions/86
https://www.influxdata.com/
https://www.warp10.io/
https://prometheus.io/
Slides: https://noti.st/lostinbrittany/RBj04E/monitoring-ovh-300k-se…
6. From DevTestOops to DevTestOps
Álex Soto – RedHat
#testing pyramid #test-in-production #canary-releases #dark-canaries
In this session, we will not only describe but also actively demonstrate several techniques that you can use immediately following the session for testing applications like unicorns.
https://joind.in/event/devops-barcelona-conference-2019/from-devtestoops-to-devtestops
https://puppet.com/resources/whitepaper/state-of-devops-report
https://github.com/redhat-developer-demos/istio-tutorial
Slides: https://www.slideshare.net/asotobu/from-devtestoops-to-devtestops
7. Levering Kubernetes to run Kubernetes
Fernando Ripoll Lafuente – Giant Swarm
#kubernetes
I will go through the key components of our design and how we apply DevOps practices to deliver value fast in a highly dynamic environment.
https://joind.in/event/devops-barcelona-conference-2019/levering-kubernetes-to-run-kubernetes
8. You cannot fight against what you cannot see
Jesús Chóliz – Adevinta
#security #monitoring #hacks
In this talk we want to show the architecture we have in place to monitor several different platforms from several different websites, with distributed teams, diverse technologies, using a pragmatic approach for investing a very reasonable effort and money
https://joind.in/event/devops-barcelona-conference-2019/you-cannot-fight-against-what-you-cannot-see
Monitor Web Request: WAF: https://www.splunk.com
Monitor infrastructure: AWS CloudTrail
Monitor Server: OSSEC (Wazuh)
Monitor User: Logins: Same county/ip on differents users
Monitor Attackers: HonneyPot
Monitor Network: AWS Guard Duty (request to bitcoin server, root logins, TOR nodes, etc…)
Desarrollador de aplicaciones. Consultor tecnológico.
