Warning message

  • The service having id "twitter" is missing, reactivate its module or save again the list of services.
  • The service having id "facebook" is missing, reactivate its module or save again the list of services.
  • The service having id "google_plus" is missing, reactivate its module or save again the list of services.
  • The service having id "linkedin" is missing, reactivate its module or save again the list of services.

Track: The Dark Side of Security


Day of week:

There has always been a battle between The Makers and The Breakers. Increasingly, this battle is being played out on the cyber landscape. However, irrespective of where this battle takes place, one thing holds true: The Breakers have the decided advantage. As builders of software, we are The Makers. And if we hope to improve our odds we'll need the equalizing elixir: knowledge of our adversaries. How do they think, what do they do before AND after the compromise, where do they hangout, and...who are "THEY"? All this and more will be covered in this track.

Track Host:
Nwokedi Idika
Senior Research Scientist @Shape Security
Dr. Nwokedi Idika has nearly a decade of security research experience. After graduating summa cum laude from the University of Maryland Baltimore County with a B.S. in Computer Science in 2005, he joined Purdue University’s Center for Education and Research in Information Assurance and Security (CERIAS). While there, he began with a focus in malware detection and eventually migrated to a focus in security metrics, which ultimately became the focus of his dissertation. He joined what is now MIT Lincoln Laboratory’s Cyber Security Division in 2011 where he invented algorithms to model, assess, and predict security-relevant phenomena. In addition to algorithm design and development, he also led multiple teams in building prototypes to address cyber security problems of national interest. In April 2014, Dr. Idika joined Shape Security as a Senior Research Scientist.
10:35am - 11:25am

by Olaf Carlson-Wee
Head of Risk @Coinbase

Bitcoin is psuedonymous, instant, and digital. While these characteristics are core aspects of what make bitcoin valuable, it also renders bitcoin companies and their customers ideal targets for the hackers and scammers of the world. A variety of creative tactics have emerged in attempts to steal from bitcoin companies and their customers. Many bitcoin companies have failed due to some combination of security vulnerabilities, exploitation, and fraud. From stolen bank credentials and credit...

11:50am - 12:40pm

by Bryan Payne
LibVMI Creator, OpenStack Security Co-Founder, & Platform Security Team Lead @Netflix

When securing a system, what are the modern realistic threat scenarios that you should be protecting against? And how does use of an IaaS cloud provider shape these threats? This talk will take a deep dive into the murky world of offensive computing. You’ll gain a clear understanding of different types of attackers, their skill sets, and how compromises happen, with a specific focus on protecting cloud-based applications. Along the way you’ll laugh, you’ll cry, and you’ll shift uncomfortably...

1:40pm - 2:30pm

Open Space
2:55pm - 3:45pm

by Michael Coates
Trust & Information Security Officer @Twitter

The global cost of cybercrime is estimated at over US $100 billion per year, a financial impact that is comparable to major drug trafficking throughout the world. Accordingly the underground marketplace for vulnerabilities and compromised data is developed with powerful players backed by organized crime. These criminals seek accesses to financial systems, user data and anything that can be easily sold and converted to cash An important step in building secure software is to first learn from...

4:10pm - 5:00pm

by Tony Trummer
Creator of QARK and Mobile Security Lead @ Linkedin

You finished your last line of code ahead of schedule, confirmed the app builds properly, passed all your quality tests and now it’s time for that celebratory pizza and beer! A week after launch, you get a call at 3 AM…it’s your boss. Some teenager is tweeting about how your company sucks at security and spelling out all the gory details of where you failed at securing your Android app. How did this happen? Where did you go wrong? Must be some wunderkind hacker, using some serious ninja, 0...

5:25pm - 6:15pm

by Christina Camilleri
Penetration Tester & Social Engineer @BishopFox

The weakest link in a security chain is often between keyboard and chair. We have a natural instinct as humans to trust someone’s word and although various technical means have been developed to cope with security threats, human factors have been comparatively neglected. As the infosec industry matures, security attacks are relying more on targeting people personally, often through social engineering. People can’t be fixed the same way a bug in your software can -- they can’t be maintained...


Covering innovative topics

Monday Nov 16

Tuesday Nov 17

Wednesday Nov 18