You are viewing content from a past/completed QCon
NIST 800-207A: Implementing Zero Trust Architecture
Zero Trust is all about replacing implicit trust based on perimeter security and network access with explicit trust based on identity and runtime authorization. This means authenticating and authorizing workloads in addition to end users, driving new patterns like identity-aware proxies and the service mesh for enforcing access.
Join Zack Butcher, co-author of NIST security standards for microservices, in a discussion of the forthcoming Special Publication 800-207A on a Zero Trust Architecture (ZTA) model for access control in cloud native applications in multi-location environments. We'll present a succinct and easy-to-understand definition of a "zero trust architecture" and discuss how a common use case—application communication from cloud to on-premises through a DMZ—can be simplified with identity aware proxies (and policy!), leading to improved security without sacrificing organizational agility.
Founding Engineer @Tetrateio & NIST co-author on security, prev core services @GoogleCloud
Zack is Principal and Founding Engineer at Tetrate, where he helps some of the largest enterprises in the world adopt Istio and Envoy. An early engineer building Istio at Google, he served on its Steering Committee and co-authored “Istio: Up and Running” (O'Reilly). He works with NIST and co-authored a series of Special Publications defining microservice security and zero trust standards. At Google Cloud Platform, Zack worked on its central resource hierarchy, service management, identity & access management systems, and Google’s internal mesh that Istio draws from.
Find Zack Butcher at:
From the same track
AWS Lambda Under the Hood
Monday Oct 2 / 10:35AM PDT
AWS Lambda is a serverless compute service running at a massive scale! Supporting packages of up to 10GiB while allowing over 15K new containers per second (for a single customer) and serving millions of TPS across millions of unique workflows is a challenging problem.
Senior Principal Engineer @AWS Lambda
Managing 238M Memberships at Netflix
Monday Oct 2 / 02:45PM PDT
Have you ever wondered what goes on behind the scenes when you sit back, relax and watch Netflix? How does Netflix own and operate their system of record for all members making sure they continue to be in good standing and get the best experience possible?
Senior Software Engineer @Netflix
Unconference: Architectures You've Always Wondered About
Monday Oct 2 / 03:55PM PDT
What is an unconference?
An unconference is a participant-driven meeting. Attendees come together, bringing their challenges and relying on the experience and know-how of their peers for solutions.
Unpacking how Ads Ranking Works @Pinterest
Monday Oct 2 / 05:05PM PDT
In this session, we delve into the dynamic world of social media advertising. Facebook, Snap, Pinterest, Twitter, and many others generate the majority of their revenue from targeted ads.
Senior Machine Learning Engineer @Pinterest, Focusing on Privacy Safe Recommender Systems, IIT Kanpur Alumnus
Relational Data at the Edge
Monday Oct 2 / 11:45AM PDT
Data storage and access at the edge delivers massive performance gains by reducing location-sensitive latency.
Software Engineer Intern - iCloud Edge @Apple, Previously @Cloudflare
Engineering Manager @Cloudflare, Contributor to Postgres, Previously at Ticketmaster