Talks

So you’ve scaled your app up to 1000 instances. Do they all share the same credentials for access to stateful resources? Then the attack surface for your stateful resources just got scaled up too. Automated secret management lets you focus on scaling up your app, not your risk of data compromise.

Born and bred on dirty tricks. Security Engineer at Praekelt.org, a non-profit foundation focused on building digital solutions to improving quality of life in the majority world. Worked at MWR InfoSecurity as a penetration tester until moving on to Praekelt.org to connect information security with strengthening human rights in the digital age. Once ate an entire pack of lemon creams for supper.

The video for this talk is available on YouTube

Run a lot of Python at your company? You running old, slow, unloved Python <=2.7.14? You shouldn’t be! Come and see why! With tips on moving and examples including the Instagram Backend code. You should leave this talk inspired to move all your projects straight to Python 3.7, No Looking Back!

I’m an Aussie who’s been at Facebook for almost 5 years. Previous to Facebook I worked for Juniper Networks via contact all over APAC, and was once a UNIX Systems admin @ the Australian Nuclear Science and Technology Organization. I love modern computing technology, of late IPv6 and Python 3. I have helped with the efforts of pushing both to Facebook and associate companies.

The video for this talk is available on YouTube

Two things happen over time: we need to adapt to changes, and complexity increases. Contrast that with the urgent plea of “We need to scale”. The problem is obvious. Do it wrong, and we scale the problem. The answer lies in key decisions on where to start, then what to do, how to do it and why.

Aslam is an African technologist and strategist. He consults to large enterprises looking to shift gears, and to startups that are off the runway trying the same. He spends his time with his friends at Samushonga, Khan and Baker where they sharpen enterprise strategy and execute on its implementation; focusing on people to lines of code and the weird stuff in between. After all, what is the value of a strategy that can’t be delivered?

The video for this talk is available on YouTube

MariaDB is an open source DBMS used by organisations running some of the largest and most heavily-used databases in the world. This talk covers some of the innovations MariaDB, with its active community of contributors, has been making in supporting large-scale systems.

Monty started working on precursors to MySQL in 1981, released MySQL in 1995 and has been developing MySQL and its fork MariaDB ever since. Currently the CTO of MariaDB Corporation, he’s still a highly active developer, and loves nothing more than intense technical discussions.

The video for this talk is available on YouTube

During the last 18 years of hacking systems and networks, hacking could be described as "looking for the one place somebody screwed up". This is premised on the idea that scale aids an attacker, because even a low incidence of security screw ups, turns into ample fodder at scale. Modern tools were going to save us. If we could deploy infrastructure as code, applying patches is as simple as rebuilding our Docker/Packer image, or updating one line in our Chef recipe. Containerisation means we can have security boundaries around our microservices, so a compromise of one, doesn't lead to a compromise of the whole application. And large infrastructure providers means best in the world security teams that can lock down their infrastructure. In this talk, we'd like to discuss the common security flaws we see in large networks (with some anecdotes from our own experiences) and ways of designing networks and systems to avoid them (also with some anecdotes).

Dominic is SensePost's CTO and has been hacking/securing stuff for 12 years.

The video for this talk is available on YouTube

During the last 18 years of hacking systems and networks, hacking could be described as "looking for the one place somebody screwed up". This is premised on the idea that scale aids an attacker, because even a low incidence of security screw ups, turns into ample fodder at scale. Modern tools were going to save us. If we could deploy infrastructure as code, applying patches is as simple as rebuilding our Docker/Packer image, or updating one line in our Chef recipe. Containerisation means we can have security boundaries around our microservices, so a compromise of one, doesn't lead to a compromise of the whole application. And large infrastructure providers means best in the world security teams that can lock down their infrastructure. In this talk, we'd like to discuss the common security flaws we see in large networks (with some anecdotes from our own experiences) and ways of designing networks and systems to avoid them (also with some anecdotes).

Marc is SensePost's IT manager and has had to build a network that is constantly attacked from the inside. Previously, he was the primary system engineer at CloudAfrica.

The video for this talk is available on YouTube

The story of how Allan Gray moved from traditional .Net monolith to polyglot linux-based microservices, with a cast including Kubernetes, Gitlab, Grafana/Prometheus, Continuous Delivery, and Trunk-based development. And a few choice words on databases.

I am a Civil Engineer turned Software Engineer and I’ve been writing code since the 90s. Having spent 10 years slowly transitioning my career from designing water pipelines to integration pipelines, I now lead the SRE team at Allan gray, focusing on how to get software into production reliably and efficiently. I have twin 3 year old daughters who live in an energy state somewhere just above that of nuclear fission, so I look forward to Monday mornings when I can get some time off at work to recover.

The video for this talk is available on YouTube

Prepare for scale too soon and you slow the experimentation needed to find a compelling product. Too late and you risk not scaling at all. What does scaling look like in different phases of the life of a product? How do you know when it’s time to shift gears?

Kent Beck has spent the past seven years at Facebook teaching the engineers that scale the service. Before that he pioneered applying patterns to software development, co-wrote the JUnit testing framework, re-discovered Test-Driven Development, and created Extreme Programming. He is also the first signatory of the Agile Manifesto (alphabetically).

The video for this talk is available on YouTube

Anyone can easily analyze the more than five years of GitHub metadata and 42+ terabytes of open source code. We’ll leverage this data to understand the community and code related to any language or project.

In 2011 Felipe Hoffa moved from Chile to San Francisco to join Google as a Software Engineer. Since 2013 he’s been a Developer Advocate on big data - to inspire developers around the world to leverage the Google Cloud Platform tools to analyze and understand their data in ways they could never before. You can find him in several YouTube videos, blog posts, and conferences around the world.

The video for this talk is available on YouTube

A personal journey from computer science, through architecture, consulting, sales and programme management, to startup CTO.

I have 14 years of experience in the IT industry, that span across Development, Architecture, IT strategy and Consulting, Sales, and Programme management. After years of big budget IT projects for many Telecommunications companies, and consulting and sales roles for IBM, I am now CTO of an Insuretech startup called Simply (www.simply.co.za). I hope to remind people that a successful technical career can include fun.

The video for this talk is available on YouTube

Stepping through evolution of our systems and team structures to support the annual anomaly of Black Friday.

Brad's nerdy little eyes lit up as a kid when he was shown a graphing calculator. He owned his own C64 joystick to use at school to play Boulder Dash™. These fundamental skills, and an ability to use good words, have fed to his ascension into the Chief Technical Officer position at Superbalist.com. He's worked across a few fields including internet dating, and the best WhatsApp before WhatsApp - Mxit.

The video for this talk is available on YouTube

The web is growing up and getting faster and more secure. Making that the default is hard to achieve when you have to be backwards compatible, and some of the stuff we built 10 years ago is now a serious security liability. The answer: headers. Lots of headers.

Andrew is a web developer and principal developer advocate for Fastly, working with developers across the world to help make the web faster, more secure, more reliable and easier to work with. He founded a web consultancy which was ultimately acquired by the Financial Times, led the team that created the FT’s pioneering HTML5 web app, and founded the FT’s Labs division. He is also an elected member of the W3C Technical Architecture Group, a committee of nine people who guide the development of the World Wide Web.

The video for this talk is available on YouTube

You've built an enormous fleet consisting of tens of thousands of hosts. How do you know when things break? Metrics are great, log scanning is great, but what about detecting complex host hardware issues, software bugs or networking problems? We've created a fleet diagnostics framework that does that for us, and I'd like to share some of the learnings with you.

Anton has been playing with computers since his dad bought him a C64 back in the 80's. His favourite game was Bombjack. He studied at UCT, and did some internships at Nvidia and Amazon circa 2006-2008, where he helped to build this fun cloud thing called EC2. He joined EC2 full time in 2010, and played with their computers until last year, when he moved to Oracle to help them build their public cloud.

The video for this talk is available on YouTube