Conference:  Defcon 31

Authors: Patrick Wardle Objective-See Foundation

2023-08-01

As the majority of malware contains networking capabilities, it is well understood that detecting unauthorized network access is a powerful detection heuristic. However, while the concepts of network traffic analysis and monitoring to detect malicious code are well established and widely implemented on platforms such as Windows, there remains a dearth of such capabilities on macOS. This talk aims to remedy this situation by delving deeply into a myriad of programmatic approaches capable of enumerating network state, statistics, and traffic, directly on a macOS host. We will showcase open-source implementations of relatively overlooked low-level APIs, private frameworks, and user-mode extensions that provide insight into all networking activity. And, by leveraging these techniques, you will learn how to efficiently and generically detect both known and unknown threats targeting macOS!

Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Florent Poinsard, Arthur Schreiber

2023-04-21

GitHub uses MySQL and v-test for their database management and scaling strategy

• GitHub has a standard MySQL setup with 80 clusters and 2000 instances
• They have a read-heavy load with 330 terabytes of data across primaries and replicas
• Their scaling strategy includes setting up separate clusters for new features, breaking up existing clusters, and adding more replicas
• They ran into problems with scaling approaches and schema migration times
• They implemented v-test as a solution, which is a sharding model that fits their data model well
• v-test allows for seamless schema changes, automatic failure detection and repair, and query consolidation
• GitHub has successfully migrated 20 key spaces to v-test, reducing the number of hosts needed and improving read and write rates

Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Nick Young, Rob Scott

2023-04-19

The Gateway API subproject of Kubernetes SIG-Network is making great strides towards the goal of being the description language for inbound traffic that’s portable, extensible, expressive, and role-oriented. With nearly 20 implementations in progress, interest is high. This session is about what’s happening now and next. We’ll update on: The state of the API, and when we’re planning to move to GA and 1.0 Our plans for conformance testing and certification What’s happening with the GAMMA initiative and how the efforts work together Maintainer Q+A And a lot more!