In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Tuesday, October 25 • 5:30pm - 5:35pm
⚡ Lightning Talk: Securing Envoy: Catching Vulnerabilities With Continuous Fuzz Testing - Teju Nareddy, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Service proxies are becoming increasingly complex data parsers. Out of the box, Envoy supports HTTP protocol translation, payload decompression, gRPC-JSON transcoding, and many other features that operate directly on raw request bytes. Coupled with the deployment of Envoy as a "front" edge proxy, these parser-like features become an attack surface for external clients — a malicious HTTP request may trigger undefined behavior, resulting in service mesh downtime. Envoy developers use coverage-guided fuzz tests to automatically discover parser bugs. When run with C++ sanitizers, fuzz tests capture intricate corner cases a developer may have missed. Integration with OSS Fuzz provides continuous fuzz testing and vulnerability reports, allowing developers to fix such bugs before the features are released. Join this talk for a case study on Envoy's multi-year adoption of fuzz testing. Learn about how we harden Envoy for production deployments and the surprising bugs our fuzz tests discovered!

avatar for Teju Nareddy

Teju Nareddy

Software Engineer, Google
Teju Nareddy is a software engineer working on Google's API Service Infrastructure. He is involved in multiple efforts to create Envoy-based API Gateways at Google, from spearheading OSS ESPv2 for Cloud Endpoints to building Google Cloud Platform's managed API Gateway. Teju is an... Read More →

Tuesday October 25, 2022 5:30pm - 5:35pm EDT
Grand Riverview Ballroom AB
  Lightning Talks, Service Mesh