Conference:  Defcon 31

Authors: David Pekoske Administrator, Transportation Security Administration (TSA), Jen Easterly Director, Cybersecurity and Infrastructure Security Agency, Kevin Collier NBC

2023-08-01

Just like there's more than one way to peel a banana, there’s more than one way to protect a computer network from being pwned. Cyber threats against America’s pipelines, railroads and aviation system are increasing, and the Transportation Security Administration – with support from the White House, the Cybersecurity and Infrastructure Security Agency and Congress – is hacking traditional cybersecurity policy to improve resiliency for the growing connected transportation sector. How? TSA isn’t telling regulated parties exactly the ways they should secure their own systems. Instead, the agency is asking them to produce and provide plans for ensuring they protect their critical assets. America’s adversaries are sophisticated, and TSA needs help from the hacking community to think creatively about future attacks, to identify new vulnerabilities, and to provide innovative new ways of measuring success. This talk will tell you what TSA is seeing, gives you a chance to offer us advice, and to learn specific ways in which you can contribute to new projects. Because always in motion the future is.

Conference:  KubeCon + CloudNativeCon North America 2022

Authors: Harry Lee

2022-10-27

The conference presentation discusses the design and implementation of a central data aggregation platform for a smart energy management system in South Africa, targeting big energy consumers such as office blocks, industrial factories, and the mining industry. The platform uses IoT devices to measure energy usage, estimate costs, and optimize electricity usage with automation. The presentation highlights the challenges of building a solution for companies and industrial plants located in rural areas with infrastructure limitations, intermittent internet connectivity, and power outages due to load shedding. The solution needs to be resilient, work offline, and use open-source technologies. Kubernetes is chosen for its resilience, high availability, and ability to run pods from previous states.

• South Africa is facing an energy crisis due to a limited supply of electricity, which drives up costs and impacts businesses heavily reliant on electricity
• The smart energy management system targets big energy consumers and uses IoT devices to measure energy usage, estimate costs, and optimize electricity usage with automation
• The central data aggregation platform is designed to work offline, be resilient, and use open-source technologies
• Kubernetes is chosen for its resilience, high availability, and ability to run pods from previous states
• The solution needs to be flexible, work with existing network infrastructure, and reduce setup costs
• Multiple teams are involved in building the IoT devices, gateway, IoT platform, and advanced data analytics in the cloud

Conference:  KubeCon + CloudNativeCon North America 2022

Authors: Kendall Roden, Alice Gibbons

2022-10-27

Remember when writing connected application code to do something innovative was the hard part? These days developers have to do more than ever, not only to write innovative and elegant code to run their business, but now also have to deal with all the faults, outages, disasters, hot spots, scale points, and concurrency issues that come with building distributed apps and microservices at scale. In this session, you will learn about the best practices to write distributed app code that sings at scale directly from the team that helped bring you Dapr and a number of hyper-scale cloud services in production. It will focus on the topics of resiliency, distributed locking, and optimization in common tasks like async messaging & Pub-Sub, state management, secrets and more. You will also learn about abstractions and implementations to do this the easy way in your favorite programming model and language, while targeting Kubernetes.