Real World Security

Location: Soho Complex, 7th fl.

Day of week: Friday

The Real World Security Track brings together stories about various successful approaches to reducing the risk of running real systems in production. Come learn what has worked to protect others while being targeted by increasingly sophisticated adversaries. Come ask questions about how to make good security tradeoffs when writing software. And do all of this with some of the top security practitioners in the industry today!

Track Host:
Bryan Payne
Leads Product & Application Security @Netflix

Dr. Bryan D. Payne has dedicated his career to the complex field of computer security. He currently leads the Product and Application Security team at Netflix where they provide the security expertise and create systems that protect Netflix’s large cloud footprint. Over the years he has worked on both offensive and defensive security projects for government, academia, and industry. As a result, Dr. Payne brings a unique perspective to modern security issues.

10:35am - 11:25am

by Anastasiia Voitova
Security Focused Product Engineer @CossackLabs & Co-Organizer CocoaHeads Ukraine

This is a story of going through typical security challenges: how to build products that reliably deliver security guarantees, avoid typical pitfalls, and are usable in a predictable fashion by real users. It's a tale of balancing religious adherence to security practices with keeping customer's needs in mind at all time inside the development team; listening to the customers and observing actual behavior outside in the wild; and trying to make the best decisions to empower customers with...

11:50am - 12:40pm

by Alex Holden
Founder and Chief Information Security Officer @HoldSecurity

We don’t often hear about successes of data security programs, yet failures in securing data are trumpeted by the media leading to commercial disbarment of anyone associated with a data breach. What lessons did I learn by observing and assisting with data breaches? It is not only how to avoid them, but also what can be done to emerge successfully from a bad situation. This is a thrilling ride with a behind-the-scenes look into many major data breach dynamics. Let’s learn from their mistakes...

1:40pm - 2:30pm

by Angelo Prado
Senior Director, Application Security Engineering @Jet

Presentation details to follow soon.

2:55pm - 3:45pm

by Chelsea Komlo
Software Engineer @HashiCorp

Presentation details to follow soon.

4:10pm - 5:00pm

by Teddy Reed
Security Engineering Manager @Facebook NYC

In this talk we'll discuss how we build secure products at Facebook. Our strategy includes building safe by default frameworks, using code analysis in creative and powerful ways, building meaningful relationships with whitehat researchers, and deeply understanding risks to specialized products and features. We’ll show examples of past bugs, and introduce the challenges we face going forward. Come find out our approach to securing 2+ billion people!