Security @ Slack
Monitoring for malicious activity and handling the resulting alerts is vital to the success of a defensive security program. Powerful, centralized logging is available to all of us, but it is only useful if we understand and take action on the data collected.
This talk will discuss tools everyone should consider using to monitor their infrastructure, including Elasticsearch, and the process by which users can create a reliable logging pipeline to handle data from thousands of hosts. Ryan and Nate will demonstrate how to scale these efforts by integrating security into a communication platform that helps users look at more data by delegating event management to the affected individuals directly.
Nate Brown is a developer at Slack, where he has helped lead the company's security operations efforts. Nate has strong operational experience and a keen eye for security. He has contributed to numerous open source tools, including Vault, rsyslog, go-audit, and StreamStash.
Ryan Huber does security things at Slack. Before that, Ryan did other security things. When he was 12, he wrote malware in Pascal + inline asm to steal his teacher's password. His teacher wasn't impressed.