Charan Akiri
Christopher Guerra
Discover how Reddit built a scalable, self-hosted code scanning platform after facing limitations and costs associated with existing SaaS Security tools. We’ll walk through our architecture that integrates with any CLI tool, supports pull request commit-level and scheduled scans, and delivers real-time alerts. Built with Golang, Redis, and Kubernetes, our solution gives us full control and flexibility. In this session you’ll find out how we architectured our solution, challenges we overcame, and strategies for maintaining security at scale - all without expensive SaaS Security platforms.
Charan Akiri
With over 14 years of experience in the software industry, I transitioned from software development to focus on security. I’ve uncovered critical Salesforce misconfigurations affecting major organizations, with my findings featured in SC Magazine, Ars Technica, The Register, and KrebsOnSecurity. I also contributed to the O'Reilly book 97 Things Every Application Security Professional Should Know, authoring a chapter on API security.
Christopher Guerra
Application Security Engineer At Reddit
I'm an application security engineer at Reddit with prior experience in penetration testing of medical devices and security research of ICS/SCADA systems. Now a "purple team" convert that loves building systems to help scale security.