Conference: Nov 13-15, 2017
Workshops: Nov 16-17, 2017
Presentation: Modern Web Security, Lazy but Mindful Like a Fox
Duration
Persona:
- Developer
- Security Professional
Abstract
The war between web application attackers and defenders have never ended. In reality, it is getting more and more severe. Looking at the tremendous ways of defending web applications, why attackers are still winning?
"Not knowing your enemy, a victory will always follow with another loss."
Real world attackers and bug bounty hunters are extremely capable nowadays. I'll go through some of the most interesting ones. You will probably be surprised with the determination and innovations that the attackers have to make the attacks work.
"To win without jeopardy, be familiar with yourself and your enemy."
I will explore some common ways of defending. Some are ugly and bad fixes. Why some of those are not usable at large. Why some solutions are overkilling. And what the misconceptions are. Looking through the attacker's lens, I will present a few viable, usable and effective defensive techniques that developers have often overlooked.
.
Tracks
Monday Nov 7
-
Architectures You've Always Wondered About
You know the names. Now learn lessons from their architectures
-
Distributed Systems War Stories
“A distributed system is one in which the failure of a computer you didn't even know existed can render your own computer unusable.” - Lamport.
-
Containers Everywhere
State of the art in Container deployment, management, scheduling
-
Art of Relevancy and Recommendations
Lessons on the adoption of practical, real-world machine learning practices. AI & Deep learning explored.
-
Next Generation Web Standards, Frameworks, and Techniques
JavaScript, HTML5, WASM, and more... innovations targetting the browser
-
Optimize You
Keeping life in balance is a challenge. Learn lifehacks, tips, & techniques for success.
Tuesday Nov 8
-
Next Generation Microservices
What will microservices look like in 3 years? What if we could start over?
-
Java: Are You Ready for This?
Real world lessons & prepping for JDK9. Reactive code in Java today, Performance/Optimization, Where Unsafe is heading, & JVM compile interface.
-
Big Data Meets the Cloud
Overviews and lessons learned from companies that have implemented their Big Data use-cases in the Cloud
-
Evolving DevOps
Lessons/stories on optimizing the deployment pipeline
-
Software Engineering Softskills
Great engineers do more than code. Learn their secrets and level up.
-
Modern CS in the Real World
Applied, practical, & real-world dive into industry adoption of modern CS ideas
Wednesday Nov 9
-
Architecting for Failure
Your system will fail. Take control before it takes you with it.
-
Stream Processing
Stream Processing, Near-Real Time Processing
-
Bare Metal Performance
Native languages, kernel bypass, tooling - make the most of your hardware
-
Culture as a Differentiator
The why and how for building successful engineering cultures
-
//TODO: Security <-- fix this
Building security from the start. Stories, lessons, and innovations advancing the field of software security.
-
UX Reimagined
Bots, virtual reality, voice, and new thought processes around design. The track explores the current art of the possible in UX and lessons from early adoption.