Join Our Slack

Using SS Octopus by Shraya Ramani

0
By devsecondev Video November 4, 2019

As BuzzFeed transitioned to microservices it needed to secure a growing number of internal tools. Our first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. The talk will discuss sso, our open-source, homegrown, centralized solution which elegantly solved this problem.

Resources mentioned in this session:

Shraya Ramani
Shraya Ramani

Shraya Ramani is a Los Angeles-based security-infrastructure software engineer at BuzzFeed, with extensive experience with Golang. Before BuzzFeed, she worked at MongoDB on server tools, including an open-source continuous integration tool. When she isn’t obsessing about tests, she enjoys learning about the ocean and octopuses.

devsecondev / About Author
More posts by devsecondev

Related Posts

Ep. #61, The rise of HTTPS and Front-End Security Toolbox with Scott Helme

Host Guy Podjarny In episode 61 of The Secure Developer, Guy Podjarny talks to Scott Helme. Scott is the force behind Security Headers an…

0
20 May 2020
Solving trust issues at scale

Microservices are social constructs: they can’t function without talking with other services. This also raises an interesting question: d…

0
12 May 2020
2FA in 2020 and Beyond

This talk will explore the modern landscape of 2FA. With a data-driven analysis of the tradeoffs between different types of factors, we’l…

0
30 Apr 2020
Ep. #53, How to Embrace the Organizational Revolution as a Next Generation Security Leader

In episode 53 of The Secure Developer, Guy Podjarny talks to Roland Cloutier, Chief Security Officer at ADP, about the major changes that…

0
07 Apr 2020
Ep. #51, The Big Picture of Security at Atlassian with Adrian Ludwig

In episode 51 of The Secure Developer, Guy Podjarny talks to Adrian Ludwig, Chief Information Security Officer at Atlassian. Adrian has a…

0
24 Mar 2020
Ep. #50, InSpec Insights with Mandi Walls of Chef Software

In episode 50 of The Secure Developer, Guy Podjarny talks to Mandi Walls about her talk at DevSecCon Seattle: InSpec, which is Chef’s pro…

0
17 Mar 2020
Knock knock, who’s there? Authenticating your single page apps using JSON Web Tokens

When it comes to writing code, there’s nothing we take more serious than authentication and security. Modern single page applications bri…

0
05 Dec 2019
Insecure Transit – Microservice Security

Microservices are great, and they offer us lots of options for how we can build, scale and evolve our applications. On the face of it, th…

0
04 Nov 2019
Replacing a VPN with OAuth2 – SecAdvent Day 25
3
25 Dec 2020
Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required
Privacy Policy Cookies Policy