Loading…
Thursday, November 21 • 10:55am - 11:30am
How Yelp Moved Security From the App to the Mesh with Envoy and OPA - Daniel Popescu, Yelp & Ben Plotnick, Cruise

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
From its inception, Yelp's service infrastructure has treated security as a fundamental component. For many years, developers carried the burden of building security features directly into their services. By using standard cloud native building blocks, the service infrastructure now provides security features by default; this enables hundreds of developers to focus on shipping features for more than 100M monthly active Yelp users.

This talk will cover Yelp’s journey from a legacy service proxy to a modern, secure service mesh based on Envoy and Open Policy Agent. It will discuss

-Authn and Authz mechanisms using mTLS and JWT with Envoy and OPA
-Migration from using an in-house policy decision engine to standardized open source tools (OPA)
-Transpiling legacy policy data to rego and other best practices for policy maintenance
-Strategies for quickly and safely rolling out policy changes

Speakers
avatar for Daniel Popescu

Daniel Popescu

Security Engineer, Yelp
Daniel Popescu works at Yelp where he is responsible for security infrastructure and operations. Previously he worked at Microsoft on non-security products, but has maintained a passion for security since his undergrad years at the University of California, Santa Barbara. Professionally... Read More →
avatar for Ben Plotnick

Ben Plotnick

Senior Platform Engineer, Cruise Automation
Ben Plotnick is a Sr. Platform Engineer at Cruise Automation.Prior to this, he was a member of the Engineering Effectiveness group at Yelp, working to redesign Yelp's service infrastructure with Envoy at the heart of the revamped service mesh. He has previously built a standardized... Read More →



Thursday November 21, 2019 10:55am - 11:30am
Room 6F - San Diego Convention Center Upper Level