Presentation: Reconciling Performance and Security in High Load Environments

Track: Scaling Security, from Device to Cloud

Location: St James, 4th flr.

Duration: 11:50am - 12:40pm

Day of week: Wednesday

Share this on:

Abstract

Most perceive security fixes and improvements as a necessary evil, because security is much “less tangible” than primary product functionality in terms of potential revenue. On top of not bringing any “meaningful” value to the overall system, security comes at a cost of potential performance degradation, as it steals precious CPU cycles and memory from the overall resource pool.

Because of the above in a performance-driven environment product and infrastructure security are either heavily avoided altogether or forcibly imposed by security teams, excusing themselves with numerous legal and compliance requirements. The fear of potential performance penalty and the need to balance performance vs security often leads to insecure architectures and designs or unnecessary complexity.

All this usually makes the rest of the organisation dislike and distrust security in the long term. But what if we can show that security actually improves performance? This presentation explores how to drive security in a high performance environment and make it a welcome and natural part of the product lifecycle.

Speaker: Ignat Korchagin

Cryptographer, & Security Software Engineer @Cloudflare

Ignat is a systems engineer at Cloudflare working mostly on platform and hardware security. Ignat’s interests are cryptography, hacking, and low-level programming. Before Cloudflare, Ignat worked as a senior security engineer for Samsung Electronics’ Mobile Communications Division. His solutions may be found in many older Samsung smart phones and tablets. Ignat started his career as a security researcher in the Ukrainian government’s communications services.

Find Ignat Korchagin at

Similar Talks

Compiling Deeper Underground -- the Next Trillion Hardware Targets

Qcon

University Lecturer @Cambridge_CL (Cambridge Computer Laboratory)

Anil Madhavapeddy

Build Your Own WebAssembly Compiler

Qcon

Technology Director @Scott_Logic

Colin Eberhardt

Modern Banking in 1500 Microservices

Qcon

Senior Staff Engineer @Monzo

Matt Heath

Rampant Pragmatism: Growth and Change at Starling Bank

Qcon

Web Technology Practice Lead @StarlingBank

Daniel Osborne

Software Profiling for Fun & Profit

Qcon

Chief Architect for the OpenLDAP Project and CTO of Symas Corporation

Howard Chu

Monitoring All the Things: Keeping Track of a Mixed Estate

Qcon

Principal Engineer Operations and Reliability Programme @FT

Luke Blaney

Tracks

Monday, 2 March

Tuesday, 3 March

Wednesday, 4 March

Download the QCon App!

Available on iOS and Android

The QCon app helps you make the most of your conference experience. Easily browse and follow the conference schedule, star the talks you want to attend, and keep tabs on your personal itinerary. Download the app now for free on iOS and Android.

QCon - iOS QCon - Android
QCon