System Architecture and Design

Presenters Junyuan Zeng Wei Zhang Source OpenSource SecurityCon NA 2025 LinkedIn’s Identity Revolution: From Fragile PKI to Spire-Powered Security! 🚀 Ever feel like your security infrastructure is a house of cards? 🃏 That’s exactly where LinkedIn found itself a few years ago. Their homegrown Public Key Infrastructure (PKI) system, built on a basic Python server, was buckling under the weight of their massive microservice architecture. It was a system that screamed “legacy” – lacking scalability, standard identity formats, and the ability to efficiently manage certificates. Imagine trying to build a skyscraper on a sandcastle foundation! 🏗️ ...

Presenters Tyler Schade Source OpenSource SecurityCon NA 2025 From Bare Metal to Bulletproof: Securing Your Cloud-Native Kingdom with TPMs and SPIRE 🚀 The quest for secure, modern infrastructure is a constant battle, especially in the dynamic world of cloud-native. Geico Insurance, a company at the forefront of digital transformation, is tackling this challenge head-on, not just in the cloud, but right down to the foundational bare metal of their data centers. Tyler Shade, a Software Engineer at Geico, shared his team’s compelling journey into bootstrapping trust and building a truly secure, identity-first infrastructure. ...

Presenters Maxime Coquerel Source OpenSource SecurityCon NA 2025 Revolutionizing Kubernetes Security: From Weeks to Days with AI-Powered Threat Modeling 🚀 In today’s rapidly evolving cloud landscape, securing Kubernetes deployments isn’t just a good idea; it’s an absolute necessity. The intricate nature of Kubernetes, with its distinct control and data planes, presents a complex web of potential vulnerabilities. But what if we told you that the arduous task of threat modeling, which traditionally consumes weeks, could be slashed down to mere days? That’s precisely the promise of an innovative AI-powered solution presented by Maxim Cochril, Principal Cloud Security Architect at RBC and CNCF Ambassador. ...

Presenters Dor Serero Michael Katchinskiy Source OpenSource SecurityCon NA 2025 Kubernetes Security: Beyond the CVEs, Mastering the Boundaries 🛡️ Kubernetes. It’s the engine powering so much of our modern cloud-native world. But with great power comes great responsibility, and let’s be honest, security can feel like a labyrinth. This presentation dives deep into the heart of Kubernetes vulnerabilities, not to get lost in the weeds of every single exploit, but to extract the real lessons and equip us with the proactive controls to build truly resilient environments. The core message is clear: we’re seeing a recurring pattern of vulnerabilities, and by understanding these patterns and fortifying our boundaries, we can get ahead of the game. ...

Presenters Mariusz Sabath Maia Iyer Source OpenSource SecurityCon NA 2025 Agent Security Unleashed: Building Trustworthy AI with a Zero Trust Approach 🚀 The modern developer’s life is a juggling act. Between managing code on GitHub, collaborating on Slack, and countless other tools, the quest for efficiency is constant. Enter agentic applications – the promise of automating those repetitive tasks and offering a single, powerful interface to control your entire digital ecosystem. Sounds amazing, right? While setting up local agents with API keys is relatively straightforward, taking these intelligent assistants to the cloud unlocks a whole new world of security challenges. ...