Shridivya
Sharma
Senior Software Engineer at Microsoft
"Securing Debugging Workflows in Cloud-Native Environments"
"Securing Debugging Workflows in Cloud-Native Environments"
Don’t miss out and join visionaries, innovators, and thought leaders from all over the world at the Women in Tech Global Conference.
Vote by Sharing
Unite 100 000 Women in Tech to Drive Change with Purpose and Impact.
Do you want to see this session? Help increase the sharing count and the session visibility. Sessions with +10 votes will be available to career ticket holders.
Please note that it might take some time until your share & vote is reflected.
Session: Securing Debugging Workflows in Cloud-Native Environments
Debugging containerized workloads often requires elevated privileges, creating a critical security gap. Common practices such as using kubectl exec to open shells inside pods or deploying privileged debug containers allow engineers to run commands directly on cluster nodes. These methods, while convenient, bypass granular access controls and lack robust audit trails—introducing risks of privilege escalation, lateral movement, and compliance violations.Key Takeaways
- Certificate-Based Authentication: Enforcing strong identity verification for ephemeral access using hardware-backed tokens.
- Granular Role Assignments: Applying RBAC policies to restrict privileges and isolate troubleshooting tasks.
- Secure Diagnostic Sessions: Using ephemeral SSH channels for high-privilege operations, combined with command-level auditing and metadata logging for traceability.
Bio
I am a Software Engineer with 7+ years of experience at Microsoft, building secure, reliable, and large-scale systems across Microsoft 365. My work spans distributed systems, Kubernetes, and workload management, including projects like Gabion, which improved resource fairness across the Substrate (foundational data platform that underpins the entire Microsoft 365 ecosystem, integrating services like Exchange, SharePoint, Teams, and OneDrive) Servers and the COSMIC Cluster debugging tool, enabling Just-In-Time SSH access for Microsoft’s geo-scale managed container platform on AKS.Beyond engineering, I’ve been an active part of the Grace Hopper community since 2017, serving as a reviewer since 2020, and have contributed as a session chair and judge at Microsoft’s MLADS conference. I also review open-source software for the Journal of Open Source Software (JOSS), supporting the Python ecosystem and fostering innovation in the developer community.
Recognized early for academic excellence with national-level rankings in NSTSE and the International Informatics Olympiad, and awarded the AICTE TFWS merit scholarship, I bring a long-standing passion for problem-solving and building systems that scale to millions of users worldwide.
