May 13, 2019

AtlSecCon (Atlantic Security Conference) 2019 notes

AtlSecCon is a mid-size conference held annually in Halifax, Nova Scotia. It has the usual security conference assortment of free time activities (a CTF competition, a lockpick lab, an Internet of Things lab, and a very photogenic lab from St John’s Ambulance therapy dogs program.) A five-track talk schedule means there’s something interesting for everybody, and using a proper conference center means the vendor area is not as crowded and hot as that of conferences that run in hotels. ... Read more

November 11, 2018

SREcon EMEA 2018 conference notes

One of the three SREcons worldwide, this was a long and intense conference with a three-day multitrack format and a correspondingly voluminous collection of notes. The crowd felt different from North American one: a lot more “large company” folks (heavy presence from Google, Microsoft, Facebook, and others), a lot more smokers than there would be on this side of the pond, and somewhat more conservative technology choices (the last point is similar to what I felt at DevOpsDays TLV last year as well). ... Read more

August 10, 2018

Dash 2018 conference notes

This is the first attempt by DataDog to produce a branded conference, and they did not manage to avoid some of the rough edges that usually accompany first-time events. However, the organizers’ response to various crises was commendable: they scheduled additional workshops when the existing ones proved to be significantly undersized, promised to refund some of the people who could not enter because of overcapacity, took contact information to follow up with some attendees, and in general hustled to recover in an admirable fashion. ... Read more

May 24, 2018

Monitorama 2017 conference report

I wrote this report for internal consumption shortly after the conference. As Monitorama 2018 approaches, I thought these notes could be useful for a wider audience to revisit the common themes and interesting questions from the previous year and to see what has been done to address them. ... Read more

March 7, 2018

ShmooCon 2018 conference notes

This was my second ShmooCon. It was just as fun as the first time, and this time I did various other activities (solving a few of Raytheon’s CTFs, practicing lockpicking, looking at all the codes in the conference program) in between interesting talks. For more details about the conference itself, see the last year’s report. ... Read more

December 6, 2017

DevOps Days Tel-Aviv 2017 conference notes

The Tel-Aviv instance of DevOps Days was interesting to me for two reasons. The first one is there’s a ton of innovation happening in Israel, so there’s a chance of hearing new things; yet Israel is far enough from Silicon Valley that its thinking and opinions are distinct from the San Francisco area monoculture. ... Read more

February 22, 2017

ShmooCon 2017 report

ShmooCon is a security conference held yearly in Washington, DC. With around 2000 participants, it has an audience large enough to fill 3 tracks and provide a range of extra-curricular activities, yet it is much less crazy than events like DefCon (which is ten times the size). ... Read more

May 12, 2016

Infrastructure secret management software overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools. This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong–I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter. ... Read more