2023 kcdc table of contents

This week I’m at KCDC. This page will contain links to my live blogs and sessions.




[kcdc 2022] insider threat : what is social engineering

Speaker: Crux Conception @cruxconceptoin (pen name)

For more, see the table of contents

On walking in

  • He asked what talk was in the room and teased people about giving too much info
  • Also commented there is too much info (wifi password) on the badge

Social Engineering

  • Ability and talent to connect with emotion
  • Can be offline or online
  • We all do it. Ex: lying about what movie you want to see.
  • May earn trust
  • Goal is to do something or gain data
  • Highly evolving method
  • Teaching in college now


  • Anonymous test messages with links
  • Facebook messages asking where from


  • Phishing – say have tickets but didn’t plan trip. Asks for employee id to confirm. Also gave up name by confirming it and said interested in going to Budapest (came from screensaver), – Called you so already know name.
  • Team building – where grow up, how many siblings and unique challenge from childhood. Think about how much you disclosed and if you held anything back.
  • Scenario where pen tester tries to get in building. Try to get someone to let you in. Most people say take to security or get security
  • Scenario – pen tester pretends changed auto pay info and asks for employee id
  • Companies have offices all over US. Try to get id number by calling Miami office and speak to receptionist then victium

Useful insider info

  • Knowing how much a company would pay to recover from an attack
  • Ids
  • Names
  • Departments


  • Fill in the blanks
  • Spoof text message numbers
  • Israeli software to crack phone. Don’t even have to click link anymore. Get access to phone just by sending a SMS.
  • 40% of major companies reported industrial espionage incidents in 2016
  • Ex-employee stealing self driving car info from Apple. We focused too much on China. More African students in US than anywhere else.
  • Leaking is making info public. Info is power. Have goal.
  • Spilling is like leaking without intent.
  • Sharing info at conferences. Ex: where you work.
  • Russian and China trying to steal COVID vaccine research using malware and spear phishing
  • Twitter hack on Obama/Biden/Bezos.etc, Trying to get money. Got data from internal employees
  • Fake social media


  • Steal sensitive data
  • Espionage is like a double life
  • Affects personality
  • Traits (thrill seeking, sense of entitlement, desire for power/control) are also found in politicians and CEOs
  • Helpful to be calm (see in tech a lot) and strong sense of responsibility
  • May have regrets after
  • Logical at the time
  • More life crises because more than one personality


  • When someone calls and says “is this Jeanne”, ask who it is rather than confirming
  • Be cautious when people ask you a lot of questions
  • No defense. Just try to avoid answering too many questions.
  • Be careful if they initiate call.
  • Think about info they should now. Ex: HR has employee id already

Human Traits

  • In psych, organized means have life together.
  • Psychopath – born that way. Sociopath – traumatic event started it

My take

Crux is an ex-cop. I like that they had someone from outside development for a different perspective than we usually get. He’s a good speaker and kept it interactive. The scenarios were fun to think about.

[kcdc 2022] getting started with site reliability engineering

Speaker: Shradha Khard

For more, see the table of contents


  • Site Reliability Engineering
  • Operations is a software problem.
  • SRE is what you get when you treat ops as software and staff it with software engineers
  • Software dev: idea -> strategy -> dev (design, code, test)-> ops(build, deploy, support) -> deliver (real world)
  • Ops – maintenance, system upgrades and isntalls, security, compliance, cost, support help desk escalations, vendor contracts
  • Conflict – dev wants new features, ops want to make sure doesn’t break


  • SRE implements DevOps.
  • SRE is a substream
  • Ensures durable focus on engineering. Need to make sure product up and running. 50% time automate to make sure that happens
  • ex: augment S3 bucket
  • See how fast can make changes without violated SLO
  • Error budget – metric for how unreliable a system is allowed to be
  • Monitoring is not just logging in system. Need to alert and ticket too
  • Change management
  • Demand forecasting/capacity planning
  • Provisioning
  • Efficiency and Performance
  • SRE doesn’t replace DevOps people who deploy to cloud

Enabling SRE/How to Start

  • Centralized SFE team (core platform, networking)
  • Embedded (full team members of project team, teach devs how to manage, work with core team)
  • Need same skillset as dev to be SRE


  • MTTR – mean time to recovery – how long to get system healthy again. Emergency response helps with this
  • Lead time to release or rollback
  • Improve monitoring to catch and detect issues earlier
  • Estabilish error budget to have budget based risk management

Service levels

  • SLA (service level agreement) – legal agreement. Often involves compensation if not
  • SLO (service level objective) – number which SLI should be before needing improvement
  • SLI (service level indicator) – metric over time. Quantitive measure – ex: throughput, latency, error rate, utlization
  • 3 nines (99.9%) – 10 mnutes per week, 8.8 hours per year
  • 4 nines – 1 minute per week, 52 minutes per yeaar
  • 5 nines – 6 seconds per week, 5 minutes per year

Incident Management

  • Goals: Restore service to normal and minimize business impact
  • Be able to get the people who can help solve it
  • Log of events so can see when started
  • Blameless post mortems


  • Google book ”Seeking SRE”
  • Google book ”The Site Reliability Workbook”
  • Book: Implementing Service Level Objectives

My take

There was a lot of info, but easy to follow. It was great to see a structured intro vs that random things I’ve read online