Elasticsearch - Securing a search engine while maintaining usability

Java User Group München (JUGM)
Java User Group München (JUGM)
Public group

mgm technology partners GmbH

Frankfurter Ring 105a · München

How to find us

Einlass ab 18:30 - Vortrag beginnt pünktlich um 19:00 - letzter Einlass 19:10 - bitte nicht klingeln!

Location image of event venue


Alexander Reelsen

Elasticsearch - being an integral part of the Elastic Stack - is known for its full-text search and analytics ability.

Elasticsearch is running on tens of thousands of nodes world-wide, so despite all the functionality squeezed into new releases, we also have to think about security, all the time. This talk will cover different aspects of Elasticsearch, explain some features and (sometimes unpopular) decisions and the reasoning behind. This talk will cover:

* Usage of the Java Security Manager including integration with plugins
* Production vs. Development mode
* System Call Filtering
* Our own scripting language called Painless, which superseded all other scripting languages like MVEL, Groovy or Javascript
* X-Pack security features

The goal of this talk is not (only) to show off Elasticsearch features. You start thinking about these non-functional requirements in your own applications as well!