Past Presentations

The Security Challenges & Issues From SGX Practice

Intel® Software Guard Extensions (Intel® SGX) provides a trusted execution environment with hardware root of trust, brings powerful capability to build secure applications to solve data security problems. However applying SGX technology correctly and writing secure code are still a...

Xiaoning Li Chief Security Architect @Alibaba Cloud
From Threat Hunting to Crowd Defense

In this talk, I will first review practices and weapons to fight against cyber attackers, from repeat offenders to advanced targeted attackers where threat intelligence and artificial intelligence are well expected to change the game rule. However, at the real world, there are many victims...

Richard Zhao Chief Technology Officer, SVP Research @NSFOCUS
Connecting, Managing, Observing, and Securing Services

So our high-level agenda: What is the problem? What's the shape of the solution? What are some service meshes that are around that you could use today and then we'll talk a little bit about maybe when one might be more appropriate than another. And then we'll do the deep dive into Istio itself...

Zack Butcher Core Contributor @IstioMesh & Founding Engineer @tetrateio. Previously Software Engineer @Google
Security & Psychology: Demotivating Persistent Threats

Preventing advanced cybercriminals from accessing and exploiting your most sensitive data requires more than just a strong threat detection infrastructure — it demands a personal understanding of the attackers themselves. Once an attack group’s motivations are identified you can start...

Jarrod Overson Engineering Director @ShapeSecurity & JavaScript Expert
Using Data to Measure Risk in Cyber Systems

Risk analysis in cyber systems remains an immature field with significant potential. Despite widespread belief that cyber can't be quantified, the tools and data already exist to significantly improve risk management. In this talk, we'll review the literature on risk quantification and discuss...

Marshall Kuypers Director of Cyber Risk @QadiumInc
Taking the Canary Out of the Coal Mine

In this talk, we'll discuss how canaries can take all shapes and sizes: Web servers, network devices, cloud instances, and numerous token variants. We'll dig into what actually is a canary, modern canary tools and services, how deploying canaries will provide an early warning against even the...

Mike Ruth Staff Security Engineer @Cruise Automation


Isaac Potoczny-Jones Founder @Tozny & Authentication and Privacy Specialist

Abstractions to Help Developers Write Good Crypto

Tell us about what you are doing.

Tozny is a cryptography company that builds software tools for computer programmers. Just as cryptography is difficult for end users, cryptography software tools for developers are quite challenging too. Our focus is to make those tools easier to use for developers.

Read Full Interview
Isaac Potoczny-Jones Founder @Tozny & Authentication and Privacy Specialist

How to Use Encryption for Defense in Depth in Native and Browser Apps

What is the work you're doing today?

I work at the company I founded, Tozny. We are an encryption and cybersecurity company primarily focused on application layer and end-to-end encryption. The idea is how do we use these types of tools to build more security and privacy directly in the applications.

Read Full Interview
Natalie Silvanovich Security Researcher @Google

Small Is Beautiful: How to Improve Security by Maintaining Less Code

Please introduce yourself.

I'm Natalie Silvanovich and I'm on a team called Project Zero at Google. Our team's mission is to make zero day vulnerabilities less accessible to attackers. The biggest thing I do is find vulnerabilities so that they can be fixed so that they're not available to attackers. And I've done this in all sorts of...

Read Full Interview

Less than


weeks until QCon San Francisco 2020

Registration is $2200.00 ($665 off) for the 3-day conference if you register before Aug 29th