Madrid Apache Kafka® Meetup by Confluent

📍Venue:
Orange Digital Center
Calle de San Bernardo, 101, Chamberí, 28015 Madrid

IF YOU RSVP HERE, YOU DON'T NEED TO RSVP @ Apache Kafka® Madrid

🗓 Agenda:

• 7:00pm: Doors open
• 7:00pm - 7:15pm - Intro to the agenda
• 7:15pm - 7:45pm - Talk + Q&A w/Olena Kutsenko, Confluent
• 7:45pm - 8:15pm - Talk + Q&A w/ Mario Salazar, MasOrange
• 8:00pm - 9:00pm - Pizzas, beverages and networking

💡 Speaker One:
Olena Kutsenko, Staff Developer Advocate, Confluent

Title of Talk:
Securing data in motion the right way

Abstract:
Data streaming is powering everything from fraud detection and real-time analytics to patient monitoring and order fulfillment. But as the role of streaming grows, so does the risk - because many streaming platforms, like Apache Kafka, aren't secure by default.
In this talk, we'll take a practical look at data streaming security through the lens of Kafka, one of the most widely adopted streaming platforms in the world. We'll walk through what can go wrong - real examples of exposing 14M patient-doctor messages, or years of real-time delivery info to the internet - and what it takes to do it right.

We'll cover the key pillars of securing a streaming system: encryption in transit and at rest, access control, monitoring, and key management. Along the way, we'll look at the trade-offs like disk encryption vs. end-to-end encryption, what is behind field-level and envelope encryption, and the realities of using customer-managed keys in regulated industries.

We'll also explore how streaming security has evolved, how real vulnerabilities (like CVE-2019-12399) highlight the need for patching and monitoring, and what successful multi-layered security looks like in production - from financial institutions to healthcare platforms.
If you're building, running, or scaling streaming systems, this talk will help you see the security blind spots and give you concrete steps to protect the data flowing through your pipelines.

Bio:
Olena is a Staff Developer Advocate at Confluent and a recognized expert in data streaming and analytics. With two decades of experience in software engineering, she has built mission-critical applications, led high-performing teams, and driven large-scale technology adoption at industry leaders like Nokia, HERE Technologies, AWS, and Aiven.

A passionate advocate for real-time data processing and AI-driven applications, Olena empowers developers and organizations to use the power of streaming data. She is an AWS Community Builder, a dedicated mentor, and a volunteer instructor at a nonprofit tech school, helping to shape the next generation of engineers.

As an international speaker and thought leader, Olena regularly presents at top global conferences, sharing deep technical insights and hands-on expertise. Whether through her talks, workshops, or content, she is committed to making complex technologies accessible and inspiring innovation in the developer community.
-----

💡 Speaker Two:
Mario Salazar De Torres, Senior Software Engineer, MasOrange

Title of Talk:
Securing Multi-Tenant Kafka Clusters in Practice

Abstract:
Operating large-scale Kafka clusters is challenging enough — securing them in a multi-tenant environment adds an entirely new layer of complexity. In this talk, we’ll dive into the realities of securing day-to-day operations in shared Kafka infrastructures, where multiple teams, applications, and data domains coexist.

Using MasOrange as a real-world case study, I’ll start by walking through how we structure and manage data flows across large Kafka clusters, highlighting the challenges that arise when enforcing security boundaries at scale. From there, we’ll explore a key architectural shift: moving away from a complex, externalized authorization system based on Open Policy Agent (OPA) toward a custom-built authorization solution tailored to our needs.

We’ll break down the reasoning behind this decision by analyzing alternative approaches, their trade-offs, and why they ultimately didn’t fit our operational and performance requirements. You’ll see how simplifying the authorization model led not only to better maintainability but also to significant performance improvements across the platform.
To make things concrete, the session will include a short demo showcasing how the new authorization system works in practice, and how it integrates into everyday Kafka operations without slowing teams down.

If you’re running or planning to run multi-tenant Kafka clusters, this talk will give you practical insights into balancing security, performance, and operational simplicity — and help you rethink how authorization should work at scale.

Bio:
Mario is a Senior Software Engineer with over five years of experience building and operating distributed systems at scale. Currently working at MasOrange, and previously at Ericsson, he has focused on designing reliable, high-performance data platforms in demanding production environments.

He has also contributed to distributed systems within the open-source ecosystem, gaining hands-on experience with real-world challenges in scalability, resilience, and security.
While relatively new to public speaking, Mario approaches every talk with a strong commitment to clarity, depth, and impact—aiming to deliver practical insights and memorable takeaways that resonate with engineers working in the field.
***
DISCLAIMER
NOTE: We are unable to cater for any attendees under the age of 18.
If you would like to speak or host our next event please let us know! community@confluent.io