Security
Past Presentations
Developers as a Malware Distribution Vehicle
A malicious XCode injected malware into thousands of apps, stealing data of millions of users. Tokens committed to a GitHub repo exposed millions of Uber drivers and passengers. A phished developer gave the Syrian Electronic Army access to the Financial Times’ site. What do all...
Data Security Dreams and Nightmares
We don’t often hear about successes of data security programs, yet failures in securing data are trumpeted by the media leading to commercial disbarment of anyone associated with a data breach. What lessons did I learn by observing and assisting with data breaches? It is not only how to avoid...
How Blockchain Has Created a New Paradigm in Security
Cryptocurrencies and blockchain technology have put full control of digital money in the hands of individuals. With that power comes the responsibility of securing data so that only a single user can access it. Cryptocurrency companies have stepped up and created the building blocks for this...
Privacy Tools and Techniques for Developers
Most of us care about the protection of end users’ personal information, but isn’t this a problem for security and legal teams? How could developers help with privacy? This talk is a developer’s survey of privacy engineering, from foundational principles like privacy by design...
How Much Does It Cost to Attack You?
How much does it cost to attack you and what are attackers getting out of it? Attacks, breaches, exploits, and malware are nearly a daily occurrence. Why aren’t billion-dollar products solving the problems we’ve had for decades? The problem is two-fold, attacks are getting...
Security War Stories
Over the past decade, the pace and impact of major data breaches and other information security incidents has dramatically increased. As society becomes increasingly interconnected through, and reliant upon, information technology, important questions are being raised about the long-term...
Interviews
Defense in Depth: In Depth
What will this talk cover?
We'll essentially be looking at the different layers at which security can be compromised. So those layers are ranging from the codebase to architecture to the product. Basically, I'll be looking at where holes happen in between those layers.
Read Full InterviewData Security Dreams and Nightmares
What’s the focus of the work you do today?
We have done a lot of research over the years looking at information security, specifically around breaches. Whether it’s an honest mistake, a not so honest mistake, or pure negligence, breaches cause huge issues to a company and its victims. There’s a resulting correlation between good security and rewards.
Read Full Interview