Your Load Balancer is Your New Perimeter: Attacks & Defenses at Scale
Arjun Sharma
BSidesSF 2026 · Day 1 · AMC Theatre 09
In an era where enterprise security perimeters are increasingly complex and costly, a fundamental vulnerability often remains overlooked: the load balancer. Arjun Sharma, who leads IBM Cloud's global load balancer service, delivered a compelling talk at BSides SF, "Your Load Balancer is Your New Perimeter," highlighting how easily sophisticated edge security can be bypassed due to common misconfigurations. Drawing from over a decade of experience building and securing infrastructure that handles billions of requests monthly, Sharma vividly illustrated how attackers exploit these blind spots to gain direct access to backend applications, rendering expensive security investments effectively useless.
AI review
Competent, practitioner-level talk covering real attack surface that genuinely gets ignored in enterprise shops. The four vectors are legit, the defensive guidance is actionable, and Sharma clearly knows this infrastructure from the inside. But none of this is new — CT log recon, Gray Cloud misconfigs, Redis bound to 0.0.0.0, 403-vs-404 enumeration have all been covered extensively, and there's no original research, novel tooling, or data behind the claims.