Tuan-Anh Tran


Posted on January 1, 0001  •  3 minutes  • 493 words

I try to give 1 or 2 talks per year, starting from earlier this year (2018). So far, I’m keeping on track.


Secured Container Images with Wolfi

0-CVE is not a myth. It’s actually very much achievable.

We were early adopter of Chainguard’s Wolfi and actively contribute to Wolfi from early days. This is the story how we use Wolfi to build a set of secured base images for all of our application workload.

Presented at


Defending Software Supply Chain Security in Banking or Any Highly Regulated Environment

I presented about what we did to secure software supply chain in banking domain using SLSA framework and OSS projects like cosign, etc…

Presented at


DevSecOps: Decoding…

I talked with Dang Sy Cong (FPT) and Luat Nguyen (CyberJutsu) about various aspects of DevSecOps: how to do security properly, securing the software supply chain, what’s going on in DevSecOps world, etc…


eBPF: A peek into the future of networking security and more

This talk is a brief introduction about eBPF, eBPF programming and its applications in networking security and other areas such as profiling, tracing, etc…

Presented at

Building a distributed cache with serverless - a novelty approach

This talk is a paper review of a novelty approach to build a distributed cache system around serverless technology. Think of this like a serverless, distributed version of Elasticache.

Presented at

Building Docker container: how many ways are too many?

This talk goes over all the ways you can use to build Docker container. Find out about the pros and cons of each method and what you should use in production.

Presented at


Building Next Generation Websites with Serverless and Micro-frontend Architecture

Is serverless technology mature enough for building real-world applications? Can we use it on actual workload on production? Is it still limited to backend only?

This talk dives into a novelty approach of using serverless technology to power everything you need for a website, from backend to frontend.

Presented at


Cloud Cost Optimization at Scale

This talk dives into some of the problems of scalability when running large application at scale: performance scalability and cost scalability. We describe and demonstrate how we make use of Kubernetes, .NET core and spot instances in increase availability and to cut EC2 billing cost by up to 80% in the process.

Learn about the flaws of spot instances, how to overcome that and use them in your system. The session covers the best practices and workarounds that we apply when using spot instances on our production workload.

The architecture that we used is not limited to AWS. It can be applied to other cloud providers like Google, Azure, etc…

Presented at

Follow me

Here's where I hang out in social media