Elevator Pitch
Log compliance is a task that costs many days and $$$ and often result in multiple code changes. Serverless infrastructure + AI can make it with no changes in application code and near zero infrastructure modifications. Remove sensitive data from your logs before they are stored.
Description
Application logs in production environments store a lot of sensitive information such as PII, PHI as well as security keys or even passwords). Noone means to make it public but internal access to logs is harder to control. Data Governance and Information security describe multiple methods to control this problem. So far, log redaction - removing or replacing sensitive information in logs - remains the best solution for this problem. It is also complaint with various laws and regulations such as HIPAA, GDPR, PCI DSS and many others. Implementing log redaction is not simple, especially when it has to be done on the already existing and, sometimes, running product. This talk demonstrates how modern serverless environments and AI-based services make this work done by DevOps engineers only and without need for writing or modifying a single line of code of the application.
Notes
The talk is about 30 min + time for questions. In order to demonstrate the solution in real-time a proxy-less Wi-Fi or wired connection to internet is required. If this is not possible, please, let me know ~3 weeks ahead, so I will be able to record the demo session.