Keynote: Lessons Learned from Fighting Nation States in Cyber Space
Location:
- Broadway Ballroom, 6th fl.
Day of the Week:
- Tuesday
What You’ll Learn
- Learn about some of the war stories CrowdStrike has seen stopping breaching from nation-state actors and criminal groups worldwide.
- Understand how the threats are evolving and what actual steps you can take to make your systems more resilient.
- Hear some of the approaches used by cybersecurity companies to secure and protect resources.
Abstract
Dmitri Alperovitch is Co-Founder & CTO of CrowdStrike, the company that had discovered and attributed the hack of the DNC last year. With his 2 decades of experience in the industry, Dmitri has been at the forefront of identifying and investigating nation-state intrusions from China, Iran, North Korea, Russia and other countries. This talk will cover important lessons learned from these incidents, including Dmitri’s thoughts on the path ahead towards a safe and secure Internet for the future generations
Interview
Dmitri: CrowdStrike is a cyber security company focused on stopping breaches. We protect organizations around the world from intrusions such as nation-state actors, criminal groups, activists, and threat actors. We're stopping about 300 breaches every single week across that huge customer base.
My job is to drive our technology innovation to make sure that we are always staying one step ahead of the bad guys, and to run the team that's responding to and investigating these intrusions on a daily basis.
Dmitri: Our technology consists of an endpoint agent that we can install on servers, desktops, laptops, and cloud resources within the organization. Those agents’ job is to collect kernel/OS level information from the system and stream it to our cloud where we're applying big data analytics/machine learning on these the mass amounts of data. We process overt 45 billion events per day. Literally, we do what Twitter does in a year (in terms of tweets) in four days. These events contain all the execution metadata about what processes are executing and what network connections are being made.
Dmitri: As I mentioned, we detect and stop about 300 intrusions across our customer base every single week.
We find some fascinating activities from a variety of nation states, such as Russia, China, Iran, and North Korea all the time (as well as criminal groups). What I want to do in this keynote is to give some of the fascinating examples of the investigations we have conducted and the lessons learned from those investigations.
Dmitri: Yeah absolutely. So we had a fascinating incident a few years ago where we were dealing with a Chinese nation-state affiliated actor there was breaking into a large Internet Service Provider.
One of the things that differentiated this incident from one of our usual ones is that they were like a dog with a bone. They just would not let it go. We would stop it, and in the next five minutes (or the next hour) they would be back. This continued for three months and included even a discovery of a Zero-Day Windows Vulnerability that we had to report to Microsoft. So it's a fascinating story about what we had to do and the process that we went through fighting these guys on a daily basis for three months.
Tracks
Monday, 26 June
-
Microservices: Patterns & Practices
Practical experiences and lessons with Microservices.
-
Java - Propelling the Ecosystem Forward
Lessons from Java 8, prepping for Java 9, and looking ahead at Java 10. Innovators in Java.
-
High Velocity Dev Teams
Working Smarter as a team. Improving value delivery of engineers. Lean and Agile principles.
-
Modern Browser-Based Apps
Reactive, cross platform, progressive - webapp tech today.
-
Innovations in Fintech
Technology, tools and techniques supporting modern financial services.
Tuesday, 27 June
-
Architectures You've Always Wondered About
Case studies from the most relevant names in software.
-
Developer Experience: Level up Your Engineering Effectiveness
Trends, tools and projects that we're using to maximally empower your developers.
-
Chaos & Resilience
Failures, edge cases and how we're embracing them.
-
Stream Processing at Large
Rapidly moving data at scale.
-
Building Security Infrastructure
How our industry is being attacked and what you can do about it.
Wednesday, 28 June
-
Next Gen APIs: Designs, Protocols, and Evolution
Practical deep-dives into public and internal API design, tooling and techniques for evolving them, and binary and graph-based protocols.
-
Immutable Infrastructures: Orchestration, Serverless, and More
What's next in infrastructure. How cloud function like lambda are making their way into production.
-
Machine Learning 2.0
Machine Learning 2.0, Deep Learning & Deep Learning Datasets.
-
Modern CS in the Real World
Applied, practical, & real-world dive into industry adoption of modern CS.
-
Optimizing Yourself
Maximizing your impact as an engineer, as a leader, and as a person.
-
Ask Me Anything (AMA)