Track: Security War Stories
Day of week:
Building secure infrastructure, networks, and office spaces is not just an intellectual exercise or a means to be compliant with law. Real-life adversaries are constantly attempting to defraud, abuse, infiltrate, socially engineer, and compromise any network that holds value. These adversaries are creative - we, as defenders, can learn more from their real-world tactics than we can from any academic study or hypothetical strategy discussion. This track explores real attacks, the lessons learned, and the improved systems that are built in response.
by Ryan Huber
As developers, we use logs and metrics every day. Modern development and operations teams use this data to guide their decisions. We can find performance issues, hotspots, memory leaks, and broken networks or hosts. We also use this information to help with capacity planning and to prioritize our development time.
In this talk, I will discuss the ways an organization should approach looking at this information to make informed...
by Olaf Carlson-Wee
Head of Risk @Coinbase
Cryptocurrency allows millions of dollars to be stored on a flash drive, on a piece on paper, or in a passphrase. Running a cloud-based bank means keeping private keys secure and offline, yet accessible with little notice. This talk examines various novel cryptosystems used to facilitate the secure storage billions of dollars in global crypto banks.
by Dan Guido
Co-Founder & CEO @TrailOfBits
iOS applications have become an increasingly popular targets for hackers, reverse engineers, and software pirates. In this presentation, we discuss the current state of iOS attacks, review available security APIs, and reveal why they are not enough to defend against known threats. For high-risk applications, novel protections that go beyond those offered by Apple are required. As a solution, we discuss the design of the...
by Chris Rohlf
Director - Penetration Testing / Red Team @Yahoo
We know that scale, size, and complexity affects security in huge ways. As our deployments grow in size, the requirement for automation brings with it the inherent challenges of authentication, authorization, and a long list of other security controls. But, how do scale, size, and complexity affect your adversaries’ offense operations?
This talk will explore how we look at offense in a world of large containerized deployments...
by Richard Kasperowski
Author of The Core Protocols: A Guide to Greatness
by Christina Camilleri
Penetration Tester & Social Engineer @BishopFox
The fault of the computer system is that it can only follow instructions. The fault of the human is that it can only make judgement calls. However, when we think about this in relation to information security, what happens when these two factors collide? Hint: bad stuff.
Together, we will explore how social engineering can be used in conjunction with technical attacks to create sophisticated and destructive attack chains, share...
Monday, 13 June
Architectures You've Always Wondered About
Case studies from: Google, Linkedin, Alibaba, Twitter, and more...
Stream Processing @ Scale
Technologies and techniques to handle ever increasing data streams
Culture As Differentiator
Stories of companies and team for whom engineering culture is a differentiator - in delivering faster, in attracting better talent, and in making their businesses more successful.
Practical DevOps for Cloud Architectures
Real-world lessons and practices that enable the devops nirvana of operating what you build
Incredible Power of an Open-Sourced .NET
.NET is more than you may think. From Rx to C# 7 designed in the open, learn more about the power of open source .NET
Sponsored Solutions Track 1
Tuesday, 14 June
Better than Resilient: Antifragile
Failure is a constant in production systems, learn how to wield it to your advantage to build more robust systems.
Innovations in Java and the Java Ecosystem
Cutting Edge Java Innovations for the Real World
Modern CS in the Real World
Real-world Industry adoption of modern CS ideas
Containers: From Dev to Prod
Beyond the buzz and into the how and why of running containers in production
Security War Stories
Expert-level security track led by well known and respected leaders in the field
Sponsored Solutions Track 2
Wednesday, 15 June
Microservices and Monoliths
Practical lessons on services. Asks the question when and when to NOT go with Microservices?
Modern API Architecture - Tools, Methods, Tactics
API-based application development, and the tooling and techniques to support effectively working with APIs in the small or at scale. Using internal and external APIs
Commoditized Machine Learning
Barriers to entry for applied ML are lower than ever before, jumpstart your journey
Keeping life in balance is always a challenge. Learning lifehacks
Sponsored Solutions Track 3