Ganapathy Subramanian Ramachandran (Ganu Ramachandran) is a Senior Principal Software Engineer and Architect at Palo Alto Networks, specializing in cybersecurity and cloud networking. With over a decade of experience, he has contributed to distributed systems, cloud computing, networking, and telecommunications, particularly in securing access for unmanaged users to private applications. A Fellow at IETE and an IEEE Senior Member, he actively judges global hackathons and serves as a peer reviewer for technical journals. His expertise spans AWS, GCP, Azure, Kubernetes, and microservices, with a strong focus on automation, scalability, and observability.
Previously, as a founding engineer at an eCommerce startup, Ganu played a key role in building 0-1 solutions, architecting secure, scalable applications for large-scale networks. His background includes developing solutions for OTN (Data Center Interconnect), VoIP, and video conferencing, enhancing content delivery and optimizing user experiences. He drives product velocity by emphasizing automation, simple design, and efficient development practices while fostering collaboration among cross-functional teams. His strategic focus on feature prioritization, dependency management, and deployment metrics ensures high-quality, resilient systems that meet market demands.
Distributed Systems, Networking & Security
Securing APIs in Microservices Environment
As organizations increasingly adopt microservices architectures, securing distributed APIs becomes critical and complex. This session will explore the unique security challenges that arise when APIs are decomposed across many small, interconnected services. We'll discuss strategies for robust authentication, authorization, and encryption, delving into how concepts such as service meshes and mutual TLS can effectively secure service-to-service communication. Attendees will learn to implement least-privilege principles, isolate trust boundaries, and manage secrets in a highly distributed system. In addition, the talk will cover practical tips for enforcing consistent security policies across services with an API gateway, preventing common attacks such as token theft and lateral movement. By the end, the participants will come away with proven patterns, tools, and best practices for strengthening their API security in a microservices-driven architecture.