World Congress > Themes > Controlling Complexity

Controlling Complexity: Mastering Ecosystems

6 & 7 June | CityCube Berlin

Get tickets

DevOps

It is one thing to create an application and another one to deliver it. DevOps is no black magic, but it helps to know the right spells and ingredients to have a successful CI setup.
Maybe somebody else already solved that problem for you. Time to find out.

Security

Let me inject some thoughts into your brain. Everybody knows about the importance of security but there seem to be more people who don’t give a 5#/7 . Let the others be the victim of the people with black hats and pack your notebook.

Quality Engineering

After a certain degree of complexity is reached, your unit tests are not enough. A wide variety of methodologies and tools exist to keep the quality on a level so that you know, when you break something and if your software is in a releaseable state.

Wanna know the secrets of the tech pioneers?

Then get your Ticket and grab a seat!
Tickets are available from €99 starting now!

Get Tickets

Featured Speakers

Gaurav Kumar

Chief Architect for Public Cloud Security, Palo Alto Networks

Gaurav has been building and breaking security systems for more than 15 years. Most recently, he was the co-founder and CTO of RedLock which was acquired by Palo Alto Networks where he is the chief architect for public cloud security. At RedLock he created Cloud Security Intelligence team which pioneered cloud security search and uncovered new attack vectors.When he is not hacking, he can be seen roasting coffee beans or playing chess.

Gaurav Kumar
Chief Architect for Public Cloud Security, Palo Alto Networks

Philipp Krenn

Developer 🥑, Elastic

Hands-On ModSecurity and Logging
Theme:Controlling Complexity

This talk combines two of the OWASP top ten security risks:

* Injections (A1:2017): We are using a simple application that is exploitable by injection and will then secure it with ModSecurity.
* Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring the application both with and without ModSecurity with the open source Elastic Stack.

To make it more interactive the audience has to do the injections, which we are then live monitoring and mitigating with ModSecurity.

About Philipp Krenn
Philipp lives to demo interesting technology. Having worked as a web, infrastructure, and database engineer for more than ten years, Philipp is now working as a developer advocate at Elastic — the company behind the open source Elastic Stack consisting of Elasticsearch, Kibana, Beats, and Logstash. Based in Vienna, Austria, he is constantly traveling Europe and beyond to speak and discuss open source software, search, databases, infrastructure, and security.

Philipp Krenn
Developer 🥑, Elastic

Max Feldman

Staff Security Engineer, Slack

Bulletproof Shoes
Theme:Controlling Complexity

Version control software has come a long way, and the barrier to creating an open source project has been lowered to the point of being negligible. However, this has also increased the instances of accidental leakage of credentials or sensitive data into public repositories. Numerous tools now exist which trawl repositories for such information and abuse it almost instantly. For platform developers, time is of the essence. We will talk about the history and evolution of our “token nuker” — the automation we use to find and disable exposed Slack tokens in the wild before they can be abused. We will cover general tactics for preventing developers from shooting themselves in the foot (or mitigating damage if they do).

About Max Feldman
Max Feldman is a member of the Product Security team at Slack, where he works on the bug bounty and security assessments of Slack features, as well as the development of security tools and automation. He was previously a member of the Product Security team at Salesforce.

Max Feldman
Staff Security Engineer, Slack

Daniel Linder

Lead Data Scientist, Adyen

Building a Big Data Platform to support fast analysis and machine learning
Theme:Controlling Complexity

About Daniel Linder
Daniel Linder is a Machine Learning enthusiast who works as a Lead Data Scientist at Adyen. He is currently focused on building scalable, fault-tolerant, productionized machine learning systems. He also teaches advanced machine learning workshops internally at Adyen.

Daniel Linder
Lead Data Scientist, Adyen

Andrey Semenyuchenko

Head of Enterprise Projects Implementation and Maintenance, Kaspersky Lab

Andrey Semenyuchenko is a Head of Enterprise Projects Implementation and Maintenance at Kaspersky Lab with more than 15 years’ experience in professional services, business development, IT and Information Security.Andrey Semenyuchenko has been working at Kaspersky Lab for more than 10 years. He started his job at Kaspersky Lab as Unix systems expert, but also certified as MCSE, in Technology Alliances department having knowledge and experience in other domains including IT security. Andrey had many IT/Cyber Security publications in IT media like Hacker Spec magazine and moderating bug track channel at Xakep.ru.Andrey Semenyuchenko holds different positions at Kaspersky Lab and performed as Head of Technical Business Enablement, Head of Global Business Development Technical Services.At the moment Andrey is a Head of Enterprise Projects Implementation and Maintenance at Kaspersky Lab. His role is to enable Enterprise business by building PoC/Pilots execution framework and supporting Presales organization globally.Andrey also has big experience working with xSP/Telco and Technology alliances ISV/IHV partners providing Pre-sale assistance and Technical Account Management services.

Andrey Semenyuchenko
Head of Enterprise Projects Implementation and Maintenance, Kaspersky Lab

Sergej Epp

Chief Security Officer Central Europe, Palo Alto Networks

Sergej Epp is Chief Security Officer (CSO) at Palo Alto Networks in Central Europe. In this role, he develops regional cybersecurity strategy and is overseeing cybersecurity operations and threat intelligence across the region. His functional specialities include cyber defense operations, cyber risk management and transformation management. Prior to joining Palo Alto Networks, he spent eight years in a variety of roles at Deutsche Bank, with his last position leading groups focusing on Cyber Hygiene Operations and Cyber Forensics & Investigations. He also founded and led the first Group-wide Cyber Defense Center including Threat Intelligence, Active Defense, Red Teaming as well as Security Awareness and Security Big Data programs. Sergej regularly participates in forums, conferences and panels and provides advise on threat intelligence and cyber defense matters. Outside of the office, Sergej is a passionate advocate for cybersecurity and emerging technologies. He has particular interest in Cybercrime research, Blockchain and Financial Markets and also spends time in teaching those to graduates or professionals.

Sergej Epp
Chief Security Officer Central Europe, Palo Alto Networks

Featured Talks

Hands-On ModSecurity and Logging
Philipp Krenn, Developer 🥑, Elastic

Theme: Controlling Complexity

This talk combines two of the OWASP top ten security risks:

* Injections (A1:2017): We are using a simple application that is exploitable by injection and will then secure it with ModSecurity.
* Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring the application both with and without ModSecurity with the open source Elastic Stack.

To make it more interactive the audience has to do the injections, which we are then live monitoring and mitigating with ModSecurity.

Philipp Krenn

Philipp Krenn

Developer 🥑, Elastic

Philipp lives to demo interesting technology. Having worked as a web, infrastructure, and database engineer for more than ten years, Philipp is now working as a developer advocate at Elastic — the company behind the open source Elastic Stack consisting of Elasticsearch, Kibana, Beats, and Logstash. Based in Vienna, Austria, he is constantly traveling Europe and beyond to speak and discuss open source software, search, databases, infrastructure, and security.

Bulletproof Shoes
Max Feldman, Staff Security Engineer, Slack

Theme: Controlling Complexity

Version control software has come a long way, and the barrier to creating an open source project has been lowered to the point of being negligible. However, this has also increased the instances of accidental leakage of credentials or sensitive data into public repositories. Numerous tools now exist which trawl repositories for such information and abuse it almost instantly. For platform developers, time is of the essence. We will talk about the history and evolution of our “token nuker” — the automation we use to find and disable exposed Slack tokens in the wild before they can be abused. We will cover general tactics for preventing developers from shooting themselves in the foot (or mitigating damage if they do).

Max Feldman

Max Feldman

Staff Security Engineer, Slack

Max Feldman is a member of the Product Security team at Slack, where he works on the bug bounty and security assessments of Slack features, as well as the development of security tools and automation. He was previously a member of the Product Security team at Salesforce.

Building a Big Data Platform to support fast analysis and machine learning
Daniel Linder, Lead Data Scientist, Adyen

Theme: Controlling Complexity

Daniel Linder

Daniel Linder

Lead Data Scientist, Adyen

Daniel Linder is a Machine Learning enthusiast who works as a Lead Data Scientist at Adyen. He is currently focused on building scalable, fault-tolerant, productionized machine learning systems. He also teaches advanced machine learning workshops internally at Adyen.

Keeping up with Upstream
Nicolas Byl, Senior DevOps Consultant, Codecentric

Theme: Controlling Complexity

The internet is a dangerous place. Every day, new exploits are created, and novel protections are invented. But one question has remained the same for the average developer: how do you secure the software you are creating? In this talk, I want to give you an overview of how to secure your software delivery process. We will start with the scanning of your dependencies at build time. We will continue by looking at ways to check which of your applications are affected when a security issue is raised. While most of these tools have already been around for some time, the process of finding new versions of dependencies has been a tedious one. New tools like Renovate (https: renovatebot.com) offer an automation tool...

Nicolas Byl

Nicolas Byl

Senior DevOps Consultant, Codecentric

Nicolas Byl gained his first hands-on experiences at developing distributed systems during his studies in medical informatics. When he’s not building cloud-native infrastructures for application development, he’s teaching codecentric AG customers about kubernetes and the benefits of DevOps.

Software Quality without Testing
Christina Hauk, Application Engineer, Nagarro GmbH

Theme: Controlling Complexity

In most cases, software quality is only used as a buzzword to be marketable and to win customers. Sadly, only very few people are concerned with what software quality really means and how it can be achieved.
The most common mistake is to believe that software quality means using manual and automated tests only, since they are the easiest to implement and measure. Unfortunately, this is a misconception. Quality should be a mindset like being agile or a cultural way of thinking. It should be relevant throughout the entire software cycle.
In general, when people think about quality, they tend to only see testing; however, testing is only the tip of the iceberg, like coding is for implementing software. Thus, this talk aims to provide an enhanced understanding of what quality is.

Christina Hauk

Christina Hauk

Application Engineer, Nagarro GmbH

Christina loves it to work as a software engineer. Her passion lies in front-end development as well as the process behind software development. Finding ideas, working on different concepts and providing functioning code are just a few aspects that keeps her job so engaging.
Over the years, she has been involved in various projects that have all more or less in common: complex requirements, too little time & budget and a different understanding of quality. Christina has experianced that even in a team team members are not in agreement about how to ship quality because everybody pictures quality in other ways. Thus, let's talk about quality and the mindset behind.

Better be fast

Tickets are available from €99 starting now!
Act fast before they’re gone. Or pay more later. Your call.

Get Tickets

Dive into the experience

Get your ticket now!