warning icon QCon New York 2020 has been canceled. See our current virtual and in-person events.

Security

Past Presentations

Addressing Security Regression By Unit Testing

Regression in codebases is a significant problem that proportionally significant amounts of effort have already been spent addressing. Regression is a similarly large problem in the realm of security, yet de-facto standards and approaches for addressing the issue remain absent. Even when security...

Christopher Grayson Founder and Principal Engineer @WebSightIO
Doorman - An Osquery Fleet Manager

Osquery allows you to easily ask questions about your Linux, Windows, and macOS infrastructure using standard SQL-based statements. But how? Organizations deploying osquery will need to engineer various solutions to accomplish this seemingly simple task. Enter Doorman. This simple...

Marcin Wielgoszewski Security Engineer
Trusting Mobile Clients with Remote Attestation

Everyone knows that in client-server systems, you can't trust the client. However, remote attestation gives us a way to change this. As Square provides financial services on unmanaged mobile devices, building more visibility into the client's runtime environment helps us fight fraud and offer...

Janek Klawe Security Engineer @Square
Defense in Depth: In Depth

Hindsight is often 20/20 for security vulnerabilities, and it is too easy to point fingers and cast blame when a security incident occurs. However, working to prevent a security compromise can feel like an unparalleled challenge, where no amount of planning can cover or foresee every point of...

Chelsea Komlo Software Engineer @HashiCorp
Engineering Secure Products at Facebook

In this talk we'll discuss how we build secure products at Facebook. Our strategy includes building safe by default frameworks, using code analysis in creative and powerful ways, building meaningful relationships with whitehat researchers, and deeply understanding risks to specialized products...

Teddy Reed Security Engineering Manager @Facebook NYC
Making Security Usable: Product Engineer Perspective

This is a story of going through typical security challenges: how to build products that reliably deliver security guarantees, avoid typical pitfalls, and are usable in a predictable fashion by real users. It's a tale of balancing religious adherence to security practices with keeping customer's...

Anastasiia Voitova Security Focused Product Engineer @CossackLabs & Co-Organizer CocoaHeads Ukraine

Interviews

Chelsea Komlo Software Engineer @HashiCorp

Defense in Depth: In Depth

What will this talk cover?

We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.

Read Full Interview
Alex Holden Founder and Chief Information Security Officer @HoldSecurity

Data Security Dreams and Nightmares

What’s the focus of the work you do today?

We have done a lot of research over the years looking at information security, specifically around breaches. Whether it’s an honest mistake, a not so honest mistake, or pure negligence, breaches cause huge issues to a company and its victims. There’s a resulting correlation between good security and rewards.

Read Full Interview

Less than

0

weeks until QCon New York 2020

Registration is $3055.00 ($0 off) for the 3-day conference if you register before Dec 31st
SAVE YOUR SEAT