How do you handle almost a trillion Kafka messages per day while adhering to stringent security and compliance standards? Very carefully. As one of the world’s largest fintech companies, PayPal processes a rapidly growing deluge of data each day. Much of that data flows as event streams on Apache Kafka, powering analytics that are at the center of business and product decisions.
Kafka traffic is growing by leaps and bounds -- we’re seeing more than 30% growth quarter-on-quarter. In keeping that data secure and meeting compliance goals, we faced numerous challenges, including:
- Working with PayPal’s internal Certificate Authority and Key Management System, which controls the certificate and key lifecycle for all applications in our environment including Kafka
- Ensuring that all interactions between any two applications (including Kafa clients and brokers) use Mutual Auth TLS, and doing so at a scale that is not practical with the default, file-based TLS capabilities provided by Kafka
- Supporting authorization with SASL across various language stacks

If you’re in a similar position, looking for effective ways to secure Kafka traffic at scale in accordance with enterprise security policies, join us at this session. You’ll learn more about challenges we faced (and ones you’ll likely encounter too), some innovative ways we solved them, and important tips and lessons that you can apply to keep your Kafka traffic safe and your compliance department happy.