The fuzzy tale of an x/crypto vulnerability Michael McLoughlin Gophercon 2019 Lightning Talks Uber Advanced Technologies Group 8,140 lines of amd64 assembly in crypto 10,474 lines of amd64 assembly

Introduction Intro 2.0 to 2.2.1 2.4 - 2.6 Beyond Outro Prometheus Deep Dive Monitoring. At scale. Richard Hartmann & Frederic Branczyk @TwitchiH & @fredbrancz 2018-12-12 Richard Hartmann & Frederic environments in mind It’s the second project to ever join CNCF and the de facto standard in cloud-native monitoring Kubelets, sidecars, microservices, ALL the cloud-native But it’s a monolithic application . What do you need for operations? Power and cooling Network connectivity Observability, a.k.a. Monitoring The rest you can fix Richard Hartmann & Frederic Branczyk @TwitchiH & @fredbrancz Prometheus

Zero instrumentation monitoring with your first steps in eBPF Beatriz Martínez, Isovalent - @beatrizmrg October 28, 2020 2 What will we be doing? 3 How are we going to do it? 4 Demo time 5 Tracing easier: ○ First approach: C, LLVM/CLANG, tc ○ Second approach: gobpf, bcc ● Non-instrumentation monitoring http://34.70.147.68 $curl 34.70.147.68:8083 Let’s represent the attendees in the map! https://github

Identity Aware Threat Detection and Network Monitoring by using eBPF Natalia Reka Ivanko, Isovalent October 28, 2020 ● ● ○ ● ○ ○ ○ ○ ● ● ● ● ● ● ● ● ○ ● ○ ○ ○ ● ● ● ○ ● ○ ○ ● ●

collaboration Host VM Container shim QEMU process rexec server Rexec cross-host startup and monitoring DPU Management-plane processes libvirtd dockerd virsh client Kubernetes Server 011 openEuler drives. • The capabilities of the management plane are insufficient, and device management or I/O monitoring methods are absent. Project Introduction Applications (VM, CSD) SCM NVMe SSD HDD SSD Ceph server various storage media. • Storage management: provides functions such as device management, I/O monitoring, and maintenance and test tools to manage devices. Efficient Concurrency and Ultimate Performance

talks on these topics tooProblem 6: Security vulnerabilities in open-source code Solution 6: Vulnerability monitoring, prevention, and response •Review public CVE databases (e.g. GitHub Advisory Database) known open- source codeProblem 6: Security vulnerabilities in open-source code Solution 6: Vulnerability monitoring, prevention, and response •Make it trivial to update packages so you can respond quickly effort 5. Create an asset cache for sources needed to build dependencies 6. Develop a vulnerability monitoring, prevention, and response strategy and associated tools / workflows 7. Centralize common

the same Dapr building blocks. None of the issues were of critical or high severity. We found a vulnerability in a 3rd-party dependency which was assigned a CVE1 of high severity, however it did not impact is not enabled by default. The vulnerability had the potential to crash a Dapr sidecar with an out-of-memory denial of service attack vector. We found the vulnerability a�er performing the threat modelling independent unit of computation. 6 Observability A series of components for logging, tracing, monitoring, emission of metrics. 7 Secrets For managing secrets. 8 Configuration For retrieving application

Documentation, Release 6.5.1 5.22 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) 5.23 6.1.4 • Fix broken links to McDonald • Tres DuBiel 5.29 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a

@kevin-bates • @virejdasani 5.21 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) 5.22 6.1.4 • Fix broken links to McDonald • Tres DuBiel 5.28 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a

@kevin-bates • @virejdasani 5.15 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) 5.16 6.1.4 • Fix broken links to McDonald • Tres DuBiel 5.22 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a