Slack Architecture and Security

Software Engineering Daily recently broadcast two episodes about Slack:

Slack’s Architecture with Keith Adams

Keight Adams spoke about Slack’s architecture with a focus on the “game” like system. Slack’s architecture has technically designed to work in a highly distributed environment that requires managing the latency, connectivity, cache coherency, and cache capacity. Similar to the concerns in a massively multiplayer online game (MMOG). In fact Slack as a product/company was a pivot from a game company.

Slack Security with Ryan Huber

Ryan Huber works on the small team (~4 SecOps) at Slack and highlighted a few important aspects of managing security. He noted the importance of managing authentication/authorization since it is a broad and often attacked means of creating a breach. He brought attention to the defenders advantage in knowing where the critical infrstructure/data is located and that that knowledge is critical in defense. Additionally, he emphasized the importance of log monitoring and the awesome usefulness of “auditd”, which is built into the Linux kernel and can capture information about syscalls. From Ryan’s twitter feed is this helphful link allowing the searching of syscalls. Building tools and automating their usage so as to contribute to DevSecOps was also focused on.

Run Docker Without Sudo

Update the /etc/docker/daemon.json as follow (will require root priveleges):``` json title:"/etc/docker/daemon.json"{"live-restore": tru...… Continue reading

Vagrantfile Modifications

Published on October 13, 2018

Add GUI to Dev VM

Published on October 13, 2018