Loading…
Friday, August 14 • 09:39 - 09:59
Keynote: Open Source Intrusion Detection for Containers at Shopify - Shane Lawrence, Senior Security Infrastructure Engineer, Shopify & Kris Nóva, Chief Open Source Advocate, Sysdig

Sign up or log in to save this to your schedule and see who's attending!

Even well protected workloads may be compromised by 0-days and platform vulnerabilities. Observability is essential for detecting and stopping an attack before infrastructure and information is compromised. Shopify uses open source Falco, a CNCF incubating project, to track syscalls at the kernel level and reveal them to a Kubernetes-aware process in userspace. That uses predefined rules to decide which events to log. Additional tooling filters and aggregates logs, and generates alerts when suspicious activity is detected.

In this talk, Shane will describe how Shopify first deployed Falco in 2018 and continues to use it to monitor critical systems, including those that process payment card information. He will share tips and tricks for getting the most out of Falco, areas for improvement, and use cases for detecting compromise or data exfiltration when all else fails.

Speakers
avatar for Kris Nóva

Kris Nóva

Chief Open Source Advocate, Sysdig
Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →
avatar for Shane Lawrence

Shane Lawrence

Senior Infrastructure Security Engineer, Shopify
Shane is a Senior Security Infrastructure Engineer at Shopify, where he's working on a multi-tenant platform that allows developers to build secure, scalable apps and services. His previous work includes SIEM and Log Management at CGI MSS, and IDS Engineering at CFNOC.


Friday August 14, 2020 09:39 - 09:59
Hall 12 - RAI Amsterdam
Feedback form isn't open yet.

Attendees (344)




Twitter Feed