Security
Past Presentations
Security War Stories
Over the past decade, the pace and impact of major data breaches and other information security incidents has dramatically increased. As society becomes increasingly interconnected through, and reliant upon, information technology, important questions are being raised about the long-term...
How Much Does It Cost to Attack You?
How much does it cost to attack you and what are attackers getting out of it? Attacks, breaches, exploits, and malware are nearly a daily occurrence. Why aren’t billion-dollar products solving the problems we’ve had for decades? The problem is two-fold, attacks are getting...
Lessons Learned from Fighting Nation States in Cyber Space
Dmitri Alperovitch is Co-Founder & CTO of CrowdStrike, the company that had discovered and attributed the hack of the DNC last year. With his 2 decades of experience in the industry, Dmitri has been at the forefront of identifying and investigating nation-state intrusions from China, Iran,...
Security Delusions (Not a Sales Pitch!)
Security teams are frequently the gatekeepers of adopting new technology in the enterprise. In fact, information security represents perhaps the biggest tech laggard among technical functions today. “Because security” can understandably feel like an unsatisfying answer to why security...
BLESS: Better Security and Ops for SSH Access
How can using SSH certificates improve security and simplify operations for instance access at Netflix-scale? How can you smoothly transition existing infrastructure to use SSH Certificates? Netflix created and uses BLESS, an SSH Certificate Authority that runs as an AWS Lambda function and is...
Practical mTLS: Security Without the Headaches
Over the last few years, more and more system administrators and developers have become concerned about guaranteeing the authenticity, integrity, and confidentiality of their network communications. TLS has emerged as the solution recommended by security practitioners for all these problems....
Interviews
Defense in Depth: In Depth
What will this talk cover?
We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.
Read Full InterviewData Security Dreams and Nightmares
What’s the focus of the work you do today?
We have done a lot of research over the years looking at information security, specifically around breaches. Whether it’s an honest mistake, a not so honest mistake, or pure negligence, breaches cause huge issues to a company and its victims. There’s a resulting correlation between good security and rewards.
Read Full Interview