Tech minds share insights at Nord Security Tech Days

Daniel Markuson

December 29, 2021

Nord Security wouldn’t exist without the brilliant developers, sysadmins, security experts, and other technical staff who build and test our products and infrastructure. When they get together to share their expertise with one another, there’s electricity in the air!

tech minds

Maintaining and expanding our tech staff's valuable skill sets is as important as breathing to us. Our recent Nord Security Tech Days event was just the latest in a long line of tools we use to help our tech people stay on the cutting edge.

At Nord Security's Tech Days, over 30 of our leading experts got together to share and discuss technical insights that have enriched their work, and that might enrich their colleagues as well. We'd like to share just a few of the topics discussed that day to paint a picture of just some of the brilliant tech workers who we are proud to call our colleagues.

Nord Security Tech Days topics

TechDays 2

Name: Justas Rafanavičius

Role: Senior developer at NordLocker

Topic: Exceptions are a powerful tool for handling errors in code, but many people perceive them as confusing and hard to use. Because of this, some modern languages forego exceptions entirely instead of using error handling mechanisms that the exceptions were meant to replace in the first place. This talk aims to rectify these misconceptions, show how exceptions can be an incredibly useful tool for error handling, and provide concrete examples and tips regarding proper exception usage.

Name: Dmitrijus Glezeris

Role: Lead software developer at Nord Security

Topic: Well-functioning internal tools are the key to developer happiness, and that's the main reason why it's so important to invest in them.

I dedicate my spare time to finding and creating internal tools that improve our developers' workflows. Unfortunately, that also means I am the go-to person when old tools break down. One of the tools we currently use for PHP projects is a very outdated package manager. As with all software, migration to newer tools requires investment, and I'm here to tell you: outdated tools are a pain to maintain and eat up your developers' precious time. And that makes our work less fun!

Name: Morta Strazdė

Role: Malware researcher at NordVPN

Topic: Packing is a code obfuscation technique used broadly by both legitimate software developers and malicious actors. It is a very popular technology – some statistics show that more than 80% of modern malware is packed with at least one packer. How, then, does the antivirus industry handle their widespread use? The answer: it hardly does.

During this presentation, I will review the most popular antivirus engines and how they analyze packed files. Some vendors' approaches result in large streams of false positives and mislabelling. We cover the user experience hell those false positives create for legitimate projects and how developers can help overcome this challenge.

Name: Karolis Pabijanskas
Role: Satellite SRE infrastructure team lead at NordVPN

Topic: Satellite Infrastructure introduces a Consul as a layer to manage data synchronization and service discovery on VPN servers. However, due to the specific nature of VPN servers, we have some quite unusual requirements and ways of doing things. Those requirements have led us to attempt to use Consul in non-standard ways, but Consul is reasonably opinionated in how it allows itself to be abused. In this presentation, I discuss the pitfalls in various approaches we've tried with Consul, the limitations we have discovered, and how Consul prevented us from abusing it and forced us to do things "the Consul way".

Name: Albertas Bužinskas

Role: SRE engineer at the Nord Security infrastructure team

Topic: I'll be discussing our statistics infrastructure at Nord Security. That includes what our statistics infrastructure looks like today, what kind of tools we use, and how we're moving forward with statistics infrastructure 2.0. We'll also cover some of the setbacks and challenges we've experienced along the way, how we've dealt with them, and what lessons we've learned.

Name: Kamil Danek

Role: Software engineer at Nord Security

Topic: In my presentation, I'll be discussing how we implement our Threat Protection feature and how it blocks ads, trackers, and malicious websites on the user's device. We're doing lots of work to expand it, including defense against tracking cookies. The next big step is a feature to jeopardize device fingerprinting. I'll discuss some of the unique challenges we're facing and some of the most promising tools we're looking at to implement these new functionalities.

Name: Kiril Mikulskij
Role: Network engineering team lead at NordVPN

Topic: Optimizing for the Anycast network was one of the very first tasks I had to work on when I joined NordVPN. At that time, NordVPN had its DNS infrastructure built on Anycast but offered a suboptimal user experience in certain cases. It was challenging to optimize Anycast on a global scale because of how the internet works. We learned a lot while tackling this challenge, so I would like to share that experience with you today.

TechDays 3

Name: Laimutis Nedzinskas

Role: Senior database admin at Nord Security

Topic: I will be raising questions about building a database platform that works all day and all night for all kinds of tasks, whether real or imagined. We'll be touching on issues and experiences here at Nord Security, as well as cases faced by database admins at other leading tech companies.

Name: Ignas Jakubčionis

Role: Android developer at NordVPN

Topic: I'll discuss our work to provide dynamic layouts for payments in the client app. We deliver changes to the app while it's in production and without a release procedure. We also run A/B testing to analyze our layout effectiveness, and we run all of this using a Firebase Remote Config. You'll find out how in my presentation.

Name: Algirdas Jundulas

Role: QA technical lead

Topic: Many of us have tried to imagine ourselves in the hit show "Squid Game" and have wondered how far we get. In IT, however, we don't have to try too hard as we live the Squid Game every day. In addition to sharing some similarities between the IT world and Squid Game, I'll also discuss how we got started automating our QA testing.

Name: Alan Vezhbitskis

Role: Senior infrastructure engineer at Nord Security

Topic: Our Core-Admin Team currently consists of 18 Linux, Windows, Database, and other experts who support over 1500 virtual production servers and over 2000 virtual servers. Our scalable GitLab-runners spin 1,600 jobs per day, and we process more than 150 deployments per day, while a standard load for us is 20 deploy per hour and five deployments at a time. We execute 800 automated Ansible jobs and up to 400 manual actions every day. Moreover, we serve 300 applications written on PHP, Go, NodeJS and .NET, and we help more than 150 developers across different teams.

All of this requires a stable and secure staging environment. I'll be discussing how we plan to transform our current staging and what it still needs.

Name: Paulius Kimbartas

Role: Engineering Manager at NordCheckout

Topic: Micro front-end architecture has achieved great results for many companies in both the front-end and backend, as evidenced by companies like Dazn and IKEA. However, the path towards success with micro front-end architecture is bumpy. It involves developers, architects, managers, and even business people. Everyone has to be on the same page. Preparation for this journey is crucial. It makes the transition to the micro front-ends architecture smooth and pleasant. In this talk, I will break down what pitfalls await if you rush and how good homework upfront helps avoid them.

Name: Edvinas Tamošiūnas

Role: Backend tech lead at NordPass

Topic: I'll be discussing feature monitoring. How can you know if the product features actually work for end-users? Error monitoring, regression test results, testing, and the absence of user complaints are all insufficient for determining functionality. What you need is feature monitoring. I'll discuss this and how you can implement it across a wide range of different features.

Name: Andrius Jankauskas

Role: Windows developer at NordVPN

Topic: As our app grew in scale and became more feature-rich, we noticed that it started to run slow. We found a threading issue that we opted to solve by developing a custom thread factory to manage our threads. The results were dramatic, with tenfold reductions in certain UI hangups and even 30% increases in connection speed in certain cases. I'll talk about how we did it and why thread management is so important.

TechDays 1

Name: Jokūbas Trinkūnas

Role: Android developer at NordPass

Topic: I notice a lot of Android applications that handle process death poorly. That can lead to bad UX or even crashes. However, it can also be hard to find relevant and concise information about it. That's why I'd like to share what I know about Android memory management and process death. That includes explaining how Android handles memory management and process death, how it can impact your app, and how you can test for it on your apps.

Name: Justinas Reigis

Role: Front-end developer at NordPass

Topic: I'll be talking about using machine learning to classify HTML forms. To generate a new secure password, autofill your login information, shipping address, or credit card information using your NordPass vault - we have to know what sort of form we are dealing with. We needed to capture all the major and subtle differences within every form using our custom "atomic" rules and turn HTML elements into vectors! We processed all the forms we've collected and used machine learning to build an extremely accurate model to predict the form type - which we use to fill your specific vault items. Getting the model right was not exactly easy, but we have reached over 98% accuracy. I'll explain how.

Name: Oleksandr Savchenko

Role: Backend developer at NordPass Enterprise

Topic: I'll describe the Symfony Messenger component, how its parts are related to each other, and how they can be used. I'll also discuss how we implement this component in our services and how it allows us to decouple business logic, simplify testing, and make our lives easier.

Name: Kęstutis Kalvaitis

Role: MacOS tech lead at NordVPN

Topic: I will be discussing our team's experience with implementing modular architecture in NordVPN's Apple apps. I'll cover what modular architecture we chose, why we considered it, and what obstacles we encountered while adapting it. That will include technical details about our app layers, as well as our final structure, our main achievements, and our future goals after implementing the modular architecture.

Name: Lukas Jokubauskas

Role: Application security specialist at Nord Security

Topic: Open source is everywhere, including many proprietary codebases and community projects. If you're not aware of what is in your software supply chain, an upstream vulnerability in one of your dependencies can be fatal, making you and your customers vulnerable to a potential compromise. In my talk, I will try to explain what the term "software supply chain" means, why it matters, what are the biggest threats and how software engineers can secure their project's supply chain.

Name: Lukas Praninskas

Role: Linux app developer at NordLayer

Topic: We encountered some unique challenges when developing the Linux app due to the nature of this platform. There are valid reasons why some companies tend to avoid extending their support to include it. As the creators of a business VPN implementation, we had no easy solutions available, either.

In my presentation, I'll discuss the development and distribution problems we encountered while developing NordLayer Linux, the decisions that we had to make, and their impact on the application. Moreover, I'll talk about our successes, our failures, and how we managed to make it all work well. I'll also share tried and tested ideas and guidelines on making your Linux application as portable as possible.

Name: Mikhail Markin

Role: iOS developer at NordPass

Topic: I'd like to introduce our approach to dealing with Table and Collection views in a quick and easy way. After getting tired of massive and tangled DataSources for UITableViews, we found a declarative approach to making tables really data-driven. The result is that now we can build TableView as easily as tableView.rx.bind(sections: sections).disposed(by: bag) for any table with any cells inside. That is all the code that you need in your UIController.

Name: Žygimantas Kaupas

Role: Application security team lead at Nord Security

Topic: My presentation is focused on threat modeling. I'll introduce what threat modeling is, how it's done, and what key questions the threat modeling manifesto raises. During my talk, I will emphasize why good documentation is crucial for threat modeling and what makes it a team challenge rather than just the security team's job. We'll also cover the main threat modeling benefits, challenges, and tips for dealing with them. My talk will cover free tools available to try and what kind of diagrams they help produce. Also, I will touch on well-known threat modeling methodologies like STRIDE, PASTA, or OCTAVE. STRIDE will be presented in more detail with some samples from our internal threat modeling sessions.

TechDays 4

Editor's note: Due to their technical nature, some of the topics covered at the event cannot be published here. Our first and foremost responsibility is to maintain our users' security and privacy, which sometimes requires us to maintain the confidentiality of our staff, infrastructure, processes, and technologies. Staff present at the event gained even deeper insights into the tech that makes Nord Security products run.