A founding member of the Google security team; one of the seven key shareholders able to restore the Internet’s Domain Name System; a former instructor at an information warfare school; the co-inventor of the Yubikey; a principal investigator in the Zotob criminal investigation. These are the bona fide security backgrounds of just four of the 82 world-class experts O'Reilly Media gathered together for "Security 2016 …
A founding member of the Google security team; one of the seven key shareholders able to restore the Internet’s Domain Name System; a former instructor at an information warfare school; the co-inventor of the Yubikey; a principal investigator in the Zotob criminal investigation. These are the bona fide security backgrounds of just four of the 82 world-class experts O'Reilly Media gathered together for "Security 2016 New York," O'Reilly's first-ever conference on the threats facing today's Internet. This video compilation provides you with a front row seat for each of the 51 sessions, 8 half-day tutorials, and 6 keynotes delivered at the conference. Looking for new ways to fend off a targeted attack, eject persistent intruders from your environment, or recover quickly and effectively from a breach? Need to integrate new technology into your environment securely and successfully? Need to figure out how to keep your access controls (to data, network, or cloud) effective at scale—without losing your mind? Get this video compilation (more than 60 hours of material) and you’ll get answers to those questions and more.
The O’Reilly Security Conference Keynotes
Once Upon a Future - Heather Adkins (Google)
A Vision for Future Cybersecurity - Rebecca Bace (CFITS, University of South Alabama)
Playing Through the Pain - The Impact of Secrets and Dark Knowledge on Security and Intelligence Professionals - Richard Thieme (ThiemeWorks)
Security and Feudalism: Own or be pwned - Cory Doctorow (EFF)
Meet the World’s First Autonomous Computer Security Systems - Michael Walker (DARPA)
Security in context (security datasci)
Modern identity and access management for the Web - Jim Manico (Manicode Security) - Part 1
Modern identity and access management for the Web - Jim Manico (Manicode Security) - Part 2
Modern identity and access management for the Web - Jim Manico (Manicode Security) - Part 3
Security data science beyond operations - Jay Jacobs (BitSight Technologies)
Detecting anomalies efficiently at scale: A cybersecurity streaming data pipeline using Kafka and Akka clustering - Jeff Henrikson (Groovescale)
Security analytics: Machine learning applied in the SOC - Macy Cronkrite (Splunk)
The future of strong online identities: Simple, open, and mobile - Stina Ehrensvard (Yubico, Inc.)
Classifiers under attack - David Evans (University of Virginia)
Hello to the dark side: Understanding your adversaries without all those expensive threat intel tools - S. Grec (NovaInfosec Consulting)
Tools processes
The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Chris Federico (PerimeterX) - Part 1
The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Chris Federico (PerimeterX) - Part 2
Microservices and security - Sam Newman (Atomist) - Part 1
Microservices and security - Sam Newman (Atomist) - Part 2
Microservices and security - Sam Newman (Atomist) - Part 3
Writing secure Node code - Guy Podjarny (Snyk) and Danny Grander (Snyk) - Part 1
Writing secure Node code - Guy Podjarny (Snyk) and Danny Grander (Snyk) - Part 2
Writing secure Node code - Guy Podjarny (Snyk) and Danny Grander (Snyk) - Part 3
Applying Docker security - Ben Hall (Katacoda | Ocelot Uproar) - Part 1
Applying Docker security - Ben Hall (Katacoda | Ocelot Uproar) - Part 2
Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 1
Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 2
Using Python to automate forensics - Philip Polstra (Bloomsburg University of Pennsylvania) - Part 1
Using Python to automate forensics - Philip Polstra (Bloomsburg University of Pennsylvania) - Part 2
Using Python to automate forensics - Philip Polstra (Bloomsburg University of Pennsylvania) - Part 3
Incident Command: The far side of the edge - Maarten Van Horenbeeck (Fastly), Lisa Phillips (Fastly), and Tom Daly (Fastly)
Benefits of isolation provided by containers - Jessica Frazelle (Google)
Operationalizing risk - Bruce Potter (KEYW Corporation)
Migrating to HTTPS - Eric Lawrence (Google)
Infrastructure is code: A DevOps approach to PCI compliance - John Bullard (Distil Networks) and Benji Taylor (Distil Networks)
You don’t need to be a unicorn to have great security: Appsec programs for the rest of us - Aaron Weaver (Cengage) and Matt Tesauro (Pearson plc)
Securing application deployments in a multitenant CI/CD environment - Binu Ramakrishnan (Yahoo)
Bridging business security
User experience and security: Enemies or allies? - Peter Hesse (10Pearls)
A social scientist’s perspective on how the intersection of humans and technology will shape the future workforce - Andrea Limbago (Endgame)
Protecting your organization against ransomware (while ensuring no one sends you a Christmas card) - Allan Liska (Recorded Future) and Timothy Gallo (Symantec)
Criminal cost modeling - Chris Baker (Dyn)
Automating security in the cloud: Modernizing technology governance - Timothy Sandage (Amazon Web Services)
Hacker quantified security - Alex Rice (HackerOne)
Sponsored
Moving cybersecurity forward: Introducing Apache Spot - Rocky DeStefano (Cloudera)
Intrusion ≠ breach: Reducing risk via faster detection and response - Chris Martin (LogRhythm)
Why current security practices are ineffective against today’s hackers - Paul Poh (SecurityScorecard)
The third wave of application security - Jacob Hansen (Cobalt) and Caroline Wong (Cobalt)
The human element
Security FORCE: A model for highly reliable security behaviors and cultures - Lance Hayden (ePatientFinder)
Educating the steel pipeline - Jamesha Fisher (GitHub), Christina Morillo (wocintechChat.com), Quiessence Phillips (Barclays | JOURNi), Heather Adkins (Google), and Krystall Parrington (DePaul University)
The groupthink vulnerability: Impacts and countermeasures - Laura Mather (Unitive)
The future UX of security software - Audrey Crane (DesignMap)
Building a product security incident response team: Lessons learned from the hivemind - Kymberlee Price (Bugcrowd)
Privacy and threat in practice: Lessons from at-risk user populations - Sara “Scout” Brody (Simply Secure)
Saving time: How a few committed people helped hold up the Internet. . .again - Susan Sons (Center for Applied Cybersecurity Research, Indiana University)
The economics of cybersecurity - Fernando Montenegro (vArmour)
A technical dive into defensive trickery - Dan Kaminsky (White Ops)