Taking the Canary Out of the Coal Mine | QCon San Francisco 2018

Next QConSF Conference: Applied AI for Developers QCon.ai April 2019

Abstract

In this talk, we'll discuss how canaries can take all shapes and sizes: Web servers, network devices, cloud instances, and numerous token variants. We'll dig into what actually is a canary, modern canary tools and services, how deploying canaries will provide an early warning against even the most careful attackers - and perhaps most importantly - how automating their deployment can give every device in your environment a means to let you know they're being tampered with; intrusion detection at scale.

Speaker: Mike Ruth

Staff Security Engineer @Cruise Automation

Mike is a Staff Security Engineer at Cruise Automation, where he helps in securing one of the world’s best autonomous vehicle platforms. Previously a security lead in VMware's cloud management division, Mike has close to a decade of experience securing, designing, and deploying cloud infrastructure and enterprise storage systems.

Find Mike Ruth at

Speaker page

Tech Lead Fairness, Transparency, Explainability & Privacy Efforts @LinkedIn

Krishnaram Kenthapadi

Jupyter Notebooks: Interactive Visualization Approaches

Senior Researcher in the Quantitative Financial Research Group @Bloomberg

Chakri Cherukuri

Nearline Recommendations for Active Communities @LinkedIn

Senior Manager & Heading AI for Growth and Communication Relevance @LinkedIn

Hema Raghavan

Open Source Robotics: Hands on with Gazebo and ROS 2

Software Engineer @OpenRoboticsOrg

Louise Poubel

Making AI FaaSt

Principal Engineer @Adobe

Dragos Dascalita Haut

Making AI FaaSt

Senior Software Engineer AI/ML, Applied Machine Learning @Adobe

Akhilesh Kumar

Terraform Earth - Secure Infrastructure for Developers

Senior Software Engineer @coinbase

Chase Evans

Michelangelo - Machine Learning @Uber

Machine Learning Platform @Uber

Jeremy Hermann

CRDTs in Production

Software Engineer @PayPal

Dmitry Martyanov

Tracks

Monday, 5 November

Microservices / Serverless Patterns & Practices

Evolving, observing, persisting, and building modern microservices
Practices of DevOps & Lean Thinking

Practical approaches using DevOps & Lean Thinking
JavaScript & Web Tech

Beyond JavaScript in the Browser. Exploring WebAssembly, Electron, & Modern Frameworks
Modern CS in the Real World

Thoughts pushing software forward, including consensus, CRDT's, formal methods, & probabilistic programming
Modern Operating Systems

Applied, practical, & real-world deep-dive into industry adoption of OS, containers and virtualization, including Linux on Windows, LinuxKit, and Unikernels
Optimizing You: Human Skills for Individuals

Better teams start with a better self. Learn practical skills for IC

Tuesday, 6 November

Architectures You've Always Wondered About

Next-gen architectures from the most admired companies in software, such as Netflix, Google, Facebook, Twitter, & more
21st Century Languages

Lessons learned from languages like Rust, Go-lang, Swift, Kotlin, and more.
Emerging Trends in Data Engineering

Showcasing DataEng tech and highlighting the strengths of each in real-world applications.
Bare Knuckle Performance

Killing latency and getting the most out of your hardware
Socially Conscious Software

Building socially responsible software that protects users privacy & safety
Delivering on the Promise of Containers

Runtime containers, libraries, and services that power microservices

Wednesday, 7 November

Applied AI & Machine Learning

Applied machine learning lessons for SWEs, including tech around TensorFlow, TPUs, Keras, PyTorch, & more
Production Readiness: Building Resilient Systems

More than just building software, building deployable production ready software
Developer Experience: Level up your Engineering Effectiveness

Improving the end to end developer experience - design, dev, test, deploy, operate/understand.
Security: Lessons Attacking & Defending

Security from the defender's AND the attacker's point of view
Future of Human Computer Interaction

IoT, voice, mobile: Interfaces pushing the boundary of what we consider to be the interface
Enterprise Languages

Workhorse languages found in modern enterprises. Expect Java, .NET, & Node in this track

This Year's Schedule

The all-new QCon app!

Available on iOS and Android

The new QCon app helps you make the most of your conference experience. Easily browse and follow the conference schedule, star the talks you want to attend, and keep tabs on your personal itinerary. Download the app now for free on iOS and Android.

Track: Security: Lessons Attacking & Defending

Location: Pacific DEKJ

Duration: 1:40pm - 2:30pm

Day of week: Wednesday

Level: Intermediate

Persona: Security Professional

Abstract

Speaker: Mike Ruth

Find Mike Ruth at

Similar Talks

Tracks

Monday, 5 November

Microservices / Serverless Patterns & Practices

Practices of DevOps & Lean Thinking

JavaScript & Web Tech

Modern CS in the Real World

Modern Operating Systems

Optimizing You: Human Skills for Individuals

Tuesday, 6 November

Architectures You've Always Wondered About

21st Century Languages

Emerging Trends in Data Engineering

Bare Knuckle Performance

Socially Conscious Software

Delivering on the Promise of Containers

Wednesday, 7 November

Applied AI & Machine Learning

Production Readiness: Building Resilient Systems

Developer Experience: Level up your Engineering Effectiveness

Security: Lessons Attacking & Defending

Future of Human Computer Interaction

Enterprise Languages

The all-new QCon app!

Available on iOS and Android

Presentation: Taking the Canary Out of the Coal Mine

Track: Security: Lessons Attacking & Defending

Location: Pacific DEKJ

Duration: 1:40pm - 2:30pm

Day of week: Wednesday

Level: Intermediate

Persona: Security Professional

More talks on:

Share this on:

Abstract

Speaker: Mike Ruth

Find Mike Ruth at

Similar Talks

Tracks

Monday, 5 November

Tuesday, 6 November

Wednesday, 7 November

The all-new QCon app!

Available on iOS and Android