Security as a Service

Thursday, March 29, 2018 - 9:15 am9:55 am

Wojciech Wojtyniak, Facebook


In the game of security, defenders have to be lucky every single time, but just one time is enough for an attacker. Good news: by leveraging good practices one can tilt the scales significantly in their favor. Bad news: it's not always an easy and quick thing to do. PE and SRE teams have helped building reliable infrastructure and software across the stack, can their skills and experience be leveraged to improve security posture within an organization?

Facebook's Production Engineering Security team has proved that it's indeed possible. In this talk I'm going to give you a brief overview of the security landscape today (aka the battlefield), give you a simple framework for thinking about security in the context of a production environment and show ways in which we engage with others both internally and externally.

Wojciech Wojtyniak, Facebook

Wojciech has joined Facebook as a Production Engineer and the PE Security team in 2013. During his tenure there he was working in a wide variety of security-related projects including: SSH environment, internal certificate authority, and public certificates management. Before that he was working in the software configuration management area for a telecom company.

SREcon18 Americas Open Access Videos Sponsored by

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {213098,
author = {Wojciech Wojtyniak},
title = {Security as a Service},
year = {2018},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = mar

Presentation Video