Past Presentations

Practical mTLS: Security Without the Headaches

Over the last few years, more and more system administrators and developers have become concerned about guaranteeing the authenticity, integrity, and confidentiality of their network communications. TLS has emerged as the solution recommended by security practitioners for all these problems....

Ying Li Security Engineer @Docker
Addressing Security Regression By Unit Testing

Regression in codebases is a significant problem that proportionally significant amounts of effort have already been spent addressing. Regression is a similarly large problem in the realm of security, yet de-facto standards and approaches for addressing the issue remain absent. Even when security...

Christopher Grayson Founder and Principal Engineer @WebSightIO
Doorman - An Osquery Fleet Manager

Osquery allows you to easily ask questions about your Linux, Windows, and macOS infrastructure using standard SQL-based statements. But how? Organizations deploying osquery will need to engineer various solutions to accomplish this seemingly simple task. Enter Doorman. This simple...

Marcin Wielgoszewski Security Engineer
Trusting Mobile Clients with Remote Attestation

Everyone knows that in client-server systems, you can't trust the client. However, remote attestation gives us a way to change this. As Square provides financial services on unmanaged mobile devices, building more visibility into the client's runtime environment helps us fight fraud and offer...

Janek Klawe Security Engineer @Square
Defense in Depth: In Depth

Hindsight is often 20/20 for security vulnerabilities, and it is too easy to point fingers and cast blame when a security incident occurs. However, working to prevent a security compromise can feel like an unparalleled challenge, where no amount of planning can cover or foresee every point of...

Chelsea Komlo Software Engineer @HashiCorp
Engineering Secure Products at Facebook

In this talk we'll discuss how we build secure products at Facebook. Our strategy includes building safe by default frameworks, using code analysis in creative and powerful ways, building meaningful relationships with whitehat researchers, and deeply understanding risks to specialized products...

Teddy Reed Security Engineering Manager @Facebook NYC


Chelsea Komlo Software Engineer @HashiCorp

Defense in Depth: In Depth

What will this talk cover?

We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.

Read Full Interview
Alex Holden Founder and Chief Information Security Officer @HoldSecurity

Data Security Dreams and Nightmares

What’s the focus of the work you do today?

We have done a lot of research over the years looking at information security, specifically around breaches. Whether it’s an honest mistake, a not so honest mistake, or pure negligence, breaches cause huge issues to a company and its victims. There’s a resulting correlation between good security and rewards.

Read Full Interview

Less than


weeks until QCon New York 2020

Registration is $3055.00 ($0 off) for the 3-day conference if you register before Dec 31st

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.