Mr. Aditya Gupta

Tracing is Security: Lessons on Building Trustworthy Observability Pipelines at Scale

Anstract:

Modern observability is no longer just about debugging; it has become a foundational pillar of application and infrastructure security. In this talk, I will explore how telemetry systems can be engineered not only for scale and performance, but also for security and trust. Drawing from real-world experience designing trace ingestion and export pipelines that handle millions of requests per second, I will walk through approaches for securing telemetry at the source. Topics include encryption at rest, access-controlled ingestion, and contextual filtering of headers and metadata. I will explain the distinction between ControlPlane and DataPlane telemetry, and why enabling data event APIs in systems like CloudTrail is critical for complete traceability. The talk also covers how resource policies and service-linked roles define the perimeter of trust in distributed systems. I will share challenges and lessons from integrating W3C trace headers across services, and why trace propagation standards are essential for secure interoperability. Finally, I will outline key principles to ensure observability systems do not become unintended channels for sensitive data exposure. Attendees will leave with a practical blueprint for designing secure-by-default telemetry pipelines that support both compliance and diagnostics at scale.

Profile:

Aditya Gupta is a seasoned researcher and engineer with over 7 years of experience in cloud observability, cybersecurity, and distributed systems. Currently an AWS Security Guardian, he leads innovations in threat modeling, anomaly detection, and compliance automation. His work at AWS X-Ray and CloudWatch has driven advancements in distributed tracing for large-scale systems. A patent holder and published researcher with an h-index of 8, Aditya's contributions span AI-driven security and privacy-preserving machine learning. Recognized as a Senior Member of IEEE, he has received accolades including the Best Paper Award at IIT Kanpur and multiple AWS hackathon wins. He also serves as a certified reviewer for Elsevier, ACM, and IEEE journals.