Conference: Jun 13-15, 2016
Tutorials: Jun 16-17, 2016
Track: Fraud Detection and Hack Prevention
Location:
- Robinson / Whitman
Day of week:
- Thursday
It's not a question of if your site will be attacked, but when. Are you ready?
Herein lie stories from the very people who fight the forces of evil -- the people who protect the Internet from spammers, hackers, abusers, and fraudsters. Come learn about real world fire fights and the secrets of the bad guys. Learn how to prevent an attack, how to defend your site from attack, and how to recover after an attack.
by Armon Dadgar
Creator of Consul and Co-founder of Hashicorp
Secrets management is a complex problem that all organizations ranging from startups to large enterprises face. Securely distributing of secrets is only a small part of the challenge, as operators and security teams must reason about key rolling, auditing, and incident management during a compromise.
Vault is a new tool designed to tackle these problems by centralizing secrets, access control and auditing policies.
In this talk we discuss the problems faced in secrets...
by Paul Moreno
Security Team Lead at Pinterest
This session will educate you on how to federate AWS IAM permissions, roles, and users with a directory service such as LDAP or Active Directory with an Identity Provider. Using the open-source IdP software Shibboleth, we'll describe how this uses the AWS Security Token Service to reduce the need for long lived credentials for both the Web Console and CLI. The CLI federation uses an open-source project, written in Python; code named Aeris, that runs on linux environments.
by Alex Holden
Founder and Chief Information Security Officer at Hold Security, LLC
Hackers are on the offense and they take time to understand our defenses. We, on the defense, do not always have time to understand the offenders. Taking a snapshot of the current threat landscape, we will derive practical lessons by analyzing a number of high profile breaches. We will examine hackers’ techniques, skills, and shortfalls. At the end, we should know more about our enemies to build better defenses against them.
by Rich Smith
Director of Security at Etsy
Understanding people, and not just technology, is critical in building a successful Security team. Much has been spoken about Etsy's engineering culture, and how continuous deployment and 'devops' have been embraced and developed, but how does security operate in such an environment? This presentation will discuss the progressive approaches taken by the Etsy security team to provide security while not destroying the freedoms of the Etsy engineering culture that are loved so much.
...
by Olaf Carlson-Wee
Head of Risk at Coinbase
Bitcoin is psuedonymous, instant, and digital. While these characteristics are core aspects of what make bitcoin valuable, it also renders bitcoin companies and their customers ideal targets for the hackers and scammers of the world. A variety of creative tactics have emerged in attempts to steal from bitcoin companies and their customers. Many bitcoin companies have failed due to some combination of security vulnerabilities, exploitation, and fraud.
From stolen bank credentials and...
Tracks
Wednesday Jun 10
-
Applied Data Science and Machine Learning
Putting your data to use. The latest production methods for deriving novel insights
-
Engineer Your Culture
Building and scaling a compelling engineering culture
-
Modern Advances in Java Technology
Tips, techniques and technologies at the cutting edge of modern Java
-
Monoliths to Microservices
How to evolve beyond a monolithic system -- successful migration and implementation stories
-
The Art of Software Design
Software Arch as a craft, scenario based examples and general guidance
-
Sponsored Solutions Track I
Thursday Jun 11
-
Emerging Technologies in Front-end Development
The state of the art in client-side web development
-
Fraud Detection and Hack Prevention
Businesses are built around trust in systems and data. Securing systems and fighting fraud throughout the data in them.
-
Reactive Architecture Tactics
The how of the Reactive movement: Release It! techniques, Rx, Failure Concepts, Throughput, Availability
-
Architecting for Failure
War stories and lessons learned from building highly robust and resilient systems
-
High Performance Streaming Data
Scalable architectures and high-performance frameworks for immediate data over persistent connections
-
Sponsored Solutions Track II
Friday Jun 12
-
Architectures You've Always Wondered about
Learn from the architectures powering some of the most popular applications and sites
-
Continuously Deploying Containers in Production
Production ready patterns for growing containerization in your environment
-
Mobile and IoT at Scale
Users, Usage and Microservices
-
Modern Computer Science in the Real World
How modern CS tackles problems in the real world
-
Optimizing Yourself
Maximizing your impact as an engineer, as a leader, and as a person
-
Sponsored Solutions Track III