April 28, 2017
Ep. #10, Dynamic Authorization: The Evolution of Access Controls
In the latest episode of The Secure Developer, Guy is joined by Aren Sandersen. They examine the current state of access control systems and...
We have close to 100 TVs in our office and we also run hundreds of microservices. What connects the two? Service owners need to have good visibility into the health of their services. We use SignalFX and Terraform to generate nice-looking, TV-ready dashboards to supplement our regular monitoring and alerting. This talk covers Mathieu’s experience from monitoring Yelp’s monolith to monitoring their services and how they build dashboards for them.
Amy was recently asked to investigate whether her team should switch from running their own ELK stack to paying for a SaaS logging vendor. Eventually, she concluded that they should switch, and so they did – but not without encountering significant pushback and unexpected difficulties along the way. In this talk, Amy explains the criteria her team started out with for switching, what they did during the evaluation period, and what she wishes they had done instead. She covers actionable lessons such as how to evaluate security, the right way to ask for feedback, and what you might not have thought to ask about in a vendor trial.