Talks
Posted on January 1, 0001 • 3 minutes • 557 words
I try to give 1 or 2 talks per year, starting from earlier this year (2018). So far, I’m keeping on track.
2024
The road to 0 CVE
Our approach toward 0 CVE and how we ultilize Sonatype Repository and Firewall to protect & secure our software supply chain security.
Presented at
- Sonatype DevSecOps Leadership Forums - Singapore
Secured Container Images with Wolfi
0-CVE is not a myth. It’s actually very much achievable.
We were early adopter of Chainguard’s Wolfi and actively contribute to Wolfi from early days. This is the story how we use Wolfi to build a set of secured base images for all of our application workload.
Presented at
- FOSSASIA Summit 2024 - Hanoi, Vietnam
- OpenInfra Summit Asia | OCP APAC Summit 2024 - Suwon, Korea
2022
Defending Software Supply Chain Security in Banking or Any Highly Regulated Environment
I presented about what we did to secure software supply chain in banking domain using SLSA framework and OSS projects like cosign, etc…
Presented at
- OpenInfra Day Vietnam 2022 - Hanoi, Vietnam
2021
DevSecOps: Decoding…
I talked with Dang Sy Cong (FPT) and Luat Nguyen (CyberJutsu) about various aspects of DevSecOps: how to do security properly, securing the software supply chain, what’s going on in DevSecOps world, etc…
2020
eBPF: A peek into the future of networking security and more
This talk is a brief introduction about eBPF, eBPF programming and its applications in networking security and other areas such as profiling, tracing, etc…
Presented at
- Vietnam Web Summit 2020 (Dec 2020) - Hanoi, Vietnam
Building a distributed cache with serverless - a novelty approach
This talk is a paper review of a novelty approach to build a distributed cache system around serverless technology. Think of this like a serverless, distributed version of Elasticache.
Presented at
- TBA
Building Docker container: how many ways are too many?
This talk goes over all the ways you can use to build Docker container. Find out about the pros and cons of each method and what you should use in production.
Presented at
- Viet OpenInfra Meetup #24. Videos available as Facebook livestream here .
2019
Building Next Generation Websites with Serverless and Micro-frontend Architecture
Is serverless technology mature enough for building real-world applications? Can we use it on actual workload on production? Is it still limited to backend only?
This talk dives into a novelty approach of using serverless technology to power everything you need for a website, from backend to frontend.
Presented at
- Vietnam Web Summit 2019 (Dec 2019) - Hanoi, Vietnam
2018
Cloud Cost Optimization at Scale
This talk dives into some of the problems of scalability when running large application at scale: performance scalability and cost scalability. We describe and demonstrate how we make use of Kubernetes, .NET core and spot instances in increase availability and to cut EC2 billing cost by up to 80% in the process.
Learn about the flaws of spot instances, how to overcome that and use them in your system. The session covers the best practices and workarounds that we apply when using spot instances on our production workload.
The architecture that we used is not limited to AWS. It can be applied to other cloud providers like Google, Azure, etc…
Presented at
- Vietnam Web Summit 2018 (Dec 2018) - Hanoi, Vietnam
- Kubernetes Hanoi Meetup #2 (Mar 2018) - Hanoi, Vietnam