Security
Past Presentations
Making Security Usable: Product Engineer Perspective
This is a story of going through typical security challenges: how to build products that reliably deliver security guarantees, avoid typical pitfalls, and are usable in a predictable fashion by real users. It's a tale of balancing religious adherence to security practices with keeping customer's...
7 Strategies for Scaling Product Security
Product Security and Application Security Engineering teams are tasked with fixing and preventing security vulnerabilities, developing security controls, building meaningful security automation, maintaining security review processes, building security capabilities into existing products and...
Developers as a Malware Distribution Vehicle
A malicious XCode injected malware into thousands of apps, stealing data of millions of users. Tokens committed to a GitHub repo exposed millions of Uber drivers and passengers. A phished developer gave the Syrian Electronic Army access to the Financial Times’ site. What do all...
Data Security Dreams and Nightmares
We don’t often hear about successes of data security programs, yet failures in securing data are trumpeted by the media leading to commercial disbarment of anyone associated with a data breach. What lessons did I learn by observing and assisting with data breaches? It is not only how to avoid...
How Blockchain Has Created a New Paradigm in Security
Cryptocurrencies and blockchain technology have put full control of digital money in the hands of individuals. With that power comes the responsibility of securing data so that only a single user can access it. Cryptocurrency companies have stepped up and created the building blocks for this...
Security Open Space
Presentation details to follow.
Interviews
Defense in Depth: In Depth
What will this talk cover?
We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.
Read Full InterviewData Security Dreams and Nightmares
What’s the focus of the work you do today?
We have done a lot of research over the years looking at information security, specifically around breaches. Whether it’s an honest mistake, a not so honest mistake, or pure negligence, breaches cause huge issues to a company and its victims. There’s a resulting correlation between good security and rewards.
Read Full Interview