Breakout sessions
The Podfather: Orchestrating Security for Scalable Systems
Marco Pierobon, Principal Developer, Thoughtworks
Room: Grote zaal – 2nd floor
Time: 13:15 – 13:45
As systems expand and containers multiply, security can’t be an afterthought. In this session,
we’ll explore strategies for embedding security throughout the lifecycle of containerized
applications. From Kubernetes orchestration practices to automated threat detection and
patching, you’ll learn how to maintain airtight defenses while scaling up. Discover practical tips
on identity, network policies, and runtime protection—ensuring even the largest deployments
stay resilient. Whether you’re new to container orchestration or fine-tuning established
pipelines, this talk will arm you with the insights to confidently scale your systems and defend
them against emerging threats.
Back to agenda >
Back to agenda >
$1M Breach? Never Again:
Designing & Building Cloud Foundation with First Principles
Prerit Munjal, CTO, InfraOne
Room: IJ zaal – 5th floor
Time: 13:15 – 13:45
After losing $1M to crypto-miners in a weekend, we rebuilt our security posture using
Terraform/OpenTofu+ OpenSearch. Then we took it a step further—turning metrics into
actionable infrastructure code.
We’ll walk through our journey to securing 400+ Google Cloud projects by combining OpenSearch’s metrics capabilities with AI-powered Terraform/OpenTofu generation: first visualizing 21,000+ quota implementations across our GCP estate in OpenSearch, then building our game-changer tool that lets engineers query “Show me unprotected compute instances” and get both the vulnerability data AND the remediation Terraform code. We’ll see how we integrated OpenAI with OpenSearch to analyze metric patterns and generate appropriate security configurations—reducing remediation time from days to minutes. Our approach isn’t theoretical—it’s saved us from three potential breaches and cut security implementation time by 70%.
This isn’t just for security teams—we’ll explore how this same pattern works for performance optimizations, cost savings, and compliance.
Back to agenda >
We’ll walk through our journey to securing 400+ Google Cloud projects by combining OpenSearch’s metrics capabilities with AI-powered Terraform/OpenTofu generation: first visualizing 21,000+ quota implementations across our GCP estate in OpenSearch, then building our game-changer tool that lets engineers query “Show me unprotected compute instances” and get both the vulnerability data AND the remediation Terraform code. We’ll see how we integrated OpenAI with OpenSearch to analyze metric patterns and generate appropriate security configurations—reducing remediation time from days to minutes. Our approach isn’t theoretical—it’s saved us from three potential breaches and cut security implementation time by 70%.
This isn’t just for security teams—we’ll explore how this same pattern works for performance optimizations, cost savings, and compliance.
Back to agenda >
How Google built a Consistent, Global Authorization
System with Zanzibar (and you can
too!)
Sohan Maheshwar, Lead Developer Advocate, AuthZed
Room: Grote zaal – 2nd floor
Time: 13:50 – 14:20
Broken Authorization now tops OWASP’s Top 10 Security Risks for Web Apps. In order to build
resilient systems at scale, one must fix broken access control.
This talk describes the internal workings of Google Zanzibar is the singular authorization service
that powers permissions and sharing across all Google properties, including Docs, YouTube, and
Cloud IAM.
Creating a consistent, global-scale authorization system that can process “more than 10 million client queries per second” is not a trivial task. The talk will cover how the paper lays out an engineer-friendly blueprint for building a highly scalable distributed system with flexible consistency guarantees.
This talk will start with foundational knowledge of Relationship Based Access Control (ReBAC) and then cover the technical implementations behind Zanzibar – How Google solved for correctness, scale and speed. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you an use open source tools to build authZ into your application.
Back to agenda >
Creating a consistent, global-scale authorization system that can process “more than 10 million client queries per second” is not a trivial task. The talk will cover how the paper lays out an engineer-friendly blueprint for building a highly scalable distributed system with flexible consistency guarantees.
This talk will start with foundational knowledge of Relationship Based Access Control (ReBAC) and then cover the technical implementations behind Zanzibar – How Google solved for correctness, scale and speed. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you an use open source tools to build authZ into your application.
Back to agenda >
The Race You Don’t Want to Win: How a Microsecond
Bug Broke Our Wallet and How We
Fought Back
Paul Edward, Senior Software Developer, GotPhoto
Room: IJ zaal – 5th floor
Time: 13:50 – 14:20
In high velocity systems, bugs don’t need minutes they need milliseconds. In this talk, I’ll share a
real incident from our fintech platform where a subtle race condition in our wallet credit service
led to a catastrophic financial loss of over 50 million in under 5 minutes.
We’ll walk through how a “successful” API response masked a failure that was quietly duplicating wallet credits, and how concurrency flaws in our infrastructure became a production-grade attack surface. More importantly, I’ll detail how we rebuilt the system to be resilient against these threats.
This session is not just about the bug. It’s about the leadership decisions made under pressure, how we redesigned our architecture to detect and self-heal from anomalies, and the cultural shift required to treat resiliency as a first-class citizen. If you’ve ever pushed code to production, scaled an API under load, or lost sleep over what a single edge case might cost, this talk will hit home.
Back to agenda >
We’ll walk through how a “successful” API response masked a failure that was quietly duplicating wallet credits, and how concurrency flaws in our infrastructure became a production-grade attack surface. More importantly, I’ll detail how we rebuilt the system to be resilient against these threats.
This session is not just about the bug. It’s about the leadership decisions made under pressure, how we redesigned our architecture to detect and self-heal from anomalies, and the cultural shift required to treat resiliency as a first-class citizen. If you’ve ever pushed code to production, scaled an API under load, or lost sleep over what a single edge case might cost, this talk will hit home.
Back to agenda >
Stateful Applications in the Age of Durable Execution
Marc Klefter, Senior Solutions Architect, AxonIQ
Room: Grote zaal – 2nd floor
Time: 14:50 – 15:20
Durable execution is an emerging programming model, offered by vendors such as Temporal
and Azure Functions, for developing resilient, distributed applications with ease, wherein a
”durable function” – a unit of execution guaranteed to run to completion – orchestrates a
business process and encapsulates state. However, if an application is made up of these
functions, and parts – or even all – of its state is stored alongside each function, what impact
does that have on data modeling and retention, supporting complex updates and queries that
span multiple workflows, concurrent access, and other issues related to managing state in this
type of system architecture?
This session explores durable execution in the context of designing, implementing and operating stateful applications; hands-on examples will demonstrate how a durable function ensures robustness, correctness and efficiency in writing and reading state while eliminating the need for locks and having to deal with race conditions, lost or duplicate updates, and stale views. The discussion will also cover scenarios that require the use of an external database and outline strategies for evolving application state as new versions of function code are deployed. The session will conclude by examining methods for debugging and observing function execution and state changes, as well as the challenges in maintaining and scaling stateful applications composed of durable functions.
Join this session to gain comprehensive, practical and novel insights into state management in distributed systems built using durable execution.
Back to agenda >
This session explores durable execution in the context of designing, implementing and operating stateful applications; hands-on examples will demonstrate how a durable function ensures robustness, correctness and efficiency in writing and reading state while eliminating the need for locks and having to deal with race conditions, lost or duplicate updates, and stale views. The discussion will also cover scenarios that require the use of an external database and outline strategies for evolving application state as new versions of function code are deployed. The session will conclude by examining methods for debugging and observing function execution and state changes, as well as the challenges in maintaining and scaling stateful applications composed of durable functions.
Join this session to gain comprehensive, practical and novel insights into state management in distributed systems built using durable execution.
Back to agenda >
Shipping Through Chaos: Engineering
Resilience Across Borders
Kaustubh Hiware, Senior Software Engineer, Mercari
Room: IJ zaal – 5th floor
Time: 14:50 – 15:20
What does it take to ship critical backend infrastructure in a legally complex, high-stakes e-
commerce environment—across 10 teams, 3 platforms, 2 timezones, and during a structural
reorganization?
Over nine months, I led a cross-functional effort at Japan’s largest C2C marketplace to enable business buyers on a consumer-first platform. The stakes were high: regulatory ambiguity, evolving specs, legacy systems, and a live production environment that couldn’t break. This talk breaks down how resilience is built not just into systems, but into architecture, communication, and decision-making. I’ll share how we coordinated changes across 7 backend services, 3 client platforms, and multiple staging environments—while handling legal constraints, inter-team dependencies, and a variety of collaboration styles. You’ll hear about a 61-page design doc, 30K+ backend lines changed in 2 months, and the tradeoffs made to keep it all stable.
This talk also looks at the human side of resilience: adapting to org shifts, mentoring under load, recognizing design dark patterns, reading Japanese laws for DB normalizations, and building trust through transparency—even when unsure.
This is a talk for backend engineers, tech leads, and architects who operate across borders— technical, organizational, or national—and want to build resilience into both systems and teams.
Back to agenda >
Over nine months, I led a cross-functional effort at Japan’s largest C2C marketplace to enable business buyers on a consumer-first platform. The stakes were high: regulatory ambiguity, evolving specs, legacy systems, and a live production environment that couldn’t break. This talk breaks down how resilience is built not just into systems, but into architecture, communication, and decision-making. I’ll share how we coordinated changes across 7 backend services, 3 client platforms, and multiple staging environments—while handling legal constraints, inter-team dependencies, and a variety of collaboration styles. You’ll hear about a 61-page design doc, 30K+ backend lines changed in 2 months, and the tradeoffs made to keep it all stable.
This talk also looks at the human side of resilience: adapting to org shifts, mentoring under load, recognizing design dark patterns, reading Japanese laws for DB normalizations, and building trust through transparency—even when unsure.
This is a talk for backend engineers, tech leads, and architects who operate across borders— technical, organizational, or national—and want to build resilience into both systems and teams.
Back to agenda >