Speaker

What does it really mean to create software that is safe to use in today's world? In this panel discussion, our experts will talk about different security issues that developers face today. They will share their thoughts on these issues, which come from their experience in architecture, data platforms, AI systems, and developer culture.

Maybe you want to learn more about reactive, incident-driven security and move towards a more proactive Secure by Design mindset. When should you start thinking about security when creating software? And how can teams balance speed, innovation, and resilience without slowing delivery?

Have you ever thought about how real-time data streaming is becoming really important in lots of systems? The panel can look at the special security problems of platforms like Apache Kafka. This includes ways to encrypt information, how to control who can access it, how to manage keys, how to monitor it, and what we have learned from data exposure incidents that have actually happened.

As AI and large language models become more common in apps, new risks like prompt injection might also be talked about. What are the practical results of these attacks? How can developers deal with increasing threats while still coming up with new ideas using AI?

As well as technical controls, the panel could also look at the human side of security. What can organisations do to make developers more aware of security issues? Could activities that involve playing games, like capture-the-flag exercises, help change the way people think about security from "security as compliance" to "security as responsibility"?

Get ready for a lively discussion where our speakers share their experiences and the audience can ask questions. If you're designing systems, working with streaming data, integrating AI or strengthening engineering culture, this session is for you.

Data streaming is powering everything from fraud detection and real-time analytics to patient monitoring and order fulfillment. But as the role of streaming grows, so does the risk - because many streaming platforms, like Apache Kafka, aren't secure by default.

In this talk, we’ll take a practical look at data streaming security through the lens of Kafka, one of the most widely adopted streaming platforms in the world. We'll walk through what can go wrong - like Gamooga's public Kafka broker leaking 17GB of customer data in two hours, or GonnaOrder exposing years of real-time delivery info to the internet - and what it takes to do it right.

We'll cover the key pillars of securing a streaming system: encryption in transit and at rest, access control, monitoring, and key management. Along the way, we’ll look at the trade-offs like disk encryption vs. end-to-end encryption, what is behind field-level and envelope encryption, and the realities of using customer-managed keys in regulated industries.

We'll also explore how streaming security has evolved, how real vulnerabilities (like CVE-2019-12399) highlight the need for patching and monitoring, and what successful multi-layered security looks like in production - from financial institutions to healthcare platforms.

If you're building, running, or scaling streaming systems, this talk will help you see the security blind spots and give you concrete steps to protect the data flowing through your pipelines.