Security 2016 Amsterdam was O’Reilly Media’s first ever security conference in Europe. It gathered more than 65 of the top IT security experts from Europe, Silicon Valley, and the rest of the world to offer practical guidance on fending off the malware, spear-phishers, and DDoS attacks plaguing websites and the IoT everywhere. Containing specialized content on Euro-centric concerns like GDPR compliance, this …
Security 2016 Amsterdam was O’Reilly Media’s first ever security conference in Europe. It gathered more than 65 of the top IT security experts from Europe, Silicon Valley, and the rest of the world to offer practical guidance on fending off the malware, spear-phishers, and DDoS attacks plaguing websites and the IoT everywhere. Containing specialized content on Euro-centric concerns like GDPR compliance, this video compilation offers a complete recording of every 40-minute session, 3.5-hour tutorial, and keynote delivered at the conference. You’ll hear from security pros at Google, Immuta, Farsight Security, Cloudera, Normation, PerimeterX, Fireglass, CoreOS, Snyk, Deloitte, Facebook, Lab Mouse, WhiteOps, and many more in this 50+ hour collection of cybersecurity wisdom and hard-knock experience.
O’Reilly Security Conference Keynotes
Lessons learned from running big bug bounty programs - Katie Moussouris (Luta Security)
The world will see (and just saw) an Internet zombie apocalypse - Phil Stanhope (Dyn)
Innovation versus invasion: Inserting privacy controls and due process into semi-autonomous algorithms - Matthew Carroll (Immuta Inc)
From possible to practical: The path for defense - Dan Kaminsky (White Ops)
Rearchitecting a defendable Internet - Thomas Dullien (Google)
My heart depends on your code - Marie Moe (SINTEF)
Conceptualizing attribution and why it matters - Benjamin Buchanan (Harvard University)
Security in context (security datasci)
Practical network forensics - Marcelle Lee (Fractal Security Group, LLC) and Lisa Foreman-Jiggetts (Women’s Society of Cyberjutsu) - Part 1
Practical network forensics - Marcelle Lee (Fractal Security Group, LLC) and Lisa Foreman-Jiggetts (Women’s Society of Cyberjutsu) - Part 2
Beyond matching: Applying data science techniques to IOC-based detection - Alex Pinto (Niddel)
Beyond Corp: Lessons learned from five years of endpoint attestation - Hunter King (Google) and August Huber (Google)
Moving beyond Threatbutt or: Threat Landscape 2039 - Trey Darley (Kingfisher Operations, sprl)
Architectural design for legal analytics - Steve Touw (Immuta)
Protecting your users with Google Safe Browsing - Noé Lutz (Google Inc.)
Security analytics using big data and Apache Hadoop: Beyond the hype - Eddie Garcia (Cloudera)
Expanding the blue team by building a security culture program - Masha Sedova (Salesforce)
Tech, tools, and processes
Hands on with InSpec - Mandi Walls (Chef)
The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Ariel Sirota (PerimeterX) - Part 1
The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Ariel Sirota (PerimeterX) - Part 2
Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 1
Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 2
PAL is your pal: Bootstrapping secrets in Docker - Nick Sullivan (CloudFlare)
Common vulnerabilities and exposures in containers: What to know - Quentin Machu (CoreOS)
Integrating security into DevOps - Ernest Kim (MITRE Corp.)
Continuous auditing for effective compliance with Rudder - Jonathan Clarke (Normation)
The bad things happen when you’re not looking - Ryan Huber (Slack Technologies, Inc) and Nate Brown (Slack Technologies, Inc)
From dev to production: Security best practices on managing Amazon Web Services (AWS) environments - Dan Amiga (Fireglass) and Dor Knafo (Fireglass)
Developing a secure and scalable frontend - James Baker (LinkedIn) and Mira Thambireddy (LinkedIn)
Macaroons: More cookie than cookie - Brian Sletten (Bosatsu Consulting)
Machine learning to improve random number generators - Richard Freytag (Freytag Company, LLC)
Large-scale implementation of wired 802.1X on an enterprise network - Pat Parseghian (Google)
Practical tips for web application security in the age of Agile and DevOps - Zane Lackey (Signal Sciences)
Bridging business and security
The case for HTTPS everywhere - Emily Schechter (Google)
Continuous security - Stein Inge Morisbak (Bekk Consulting AS) and Erlend Oftedal (Blank Oslo)
Scalable threat modeling with risk patterns - Stephen de Vries (ContinuumSecurity)
Speak security and enter: Making security make sense for nontechnical users - Jessy Irwin (Mercury Public Affairs)
Link complex regulation to practical security - Wayne Anderson (Avanade)
Leveraging isolation technologies for improved security and productivity - Dan Amiga (Fireglass) and Dor Knafo (Fireglass)
Talking to the bad guys - Nav Jagpal (Google)
US and EU data security and data privacy issues in M transactions - Shannon Yavorsky (Kirkland Ellis LLP)
The human element
Who owns open source security? - Guy Podjarny (Snyk)
Security through design: Making security better by designing for people - Jelle Niemantsverdriet (Deloitte)
Gamify security training with developer CTFs - Kyle Rankin (Final, Inc.)
Security by consent - Brendan O’Connor (Malice Afterthought, Inc.)
A technical dive into defensive trickery - Dan Kaminsky (White Ops)
Threading the needle of mobile security and user privacy - James Plouffe (MobileIron)
Building a cross-functional incident response team - Jennifer Martin (Covington Burling)
rkt’s architecture and security features - Frederic Branczyk (CoreOS)