BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//talks.devopsdays.org//devopsdays-austin-2026//talk//EKWE
 9A
BEGIN:VTIMEZONE
TZID:CST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T080000Z
TZNAME:CST
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:CST
TZOFFSETFROM:-0500
TZOFFSETTO:-0600
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T090000Z
TZNAME:CDT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:CDT
TZOFFSETFROM:-0600
TZOFFSETTO:-0500
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-devopsdays-austin-2026-EKWE9A@talks.devopsdays.org
DTSTART;TZID=CST:20260505T111500
DTEND;TZID=CST:20260505T113500
DESCRIPTION:Endpoints are where most security incidents begin. Compromises 
 often start with phishing\, software vulnerabilities\, or simple misconfig
 urations on individual laptops and servers. Modern security teams rely on 
 endpoint telemetry for detection\, investigation\, and response. But for m
 any engineers\, this part of the stack remains opaque and difficult to rea
 son about.\n\nThis talk presents a practical\, open-source blueprint for b
 uilding an endpoint telemetry pipeline that engineers can actually underst
 and and evolve. We start with osquery\, a Linux Foundation project that ex
 poses endpoint state as structured\, queryable data. On top of that\, we b
 uild a layered system with clear responsibilities. This includes a control
  layer for intent and coordination\, a data layer responsible for ingestio
 n\, buffering\, streaming\, and storage\, a detection and intelligence lay
 er with inspectable logic\, and a correlation and response layer designed 
 for humans in the loop.\n\nRather than pitching a product\, this talk focu
 ses on boundaries\, contracts\, and tradeoffs. We walk through real-world 
 design decisions and common failure modes. We also explore why ownership o
 f telemetry matters more than any single tool. Attendees will leave with a
  mental model they can adapt\, a stack they can run locally\, and the conf
 idence to build endpoint security systems that are transparent\, flexible\
 , and defensible without relying on closed platforms.
DTSTAMP:20260410T025311Z
LOCATION:Inspiration A/B
SUMMARY:Open Source Endpoint Telemetry Blueprint for Security Teams - Victo
 r Lyuboslavsky
URL:https://talks.devopsdays.org/devopsdays-austin-2026/talk/EKWE9A/
END:VEVENT
END:VCALENDAR