The Web Platform
March 7–8, 2016: Training
March 8–10, 2016: Conference
San Francisco, CA

Security conference sessions

Tuesday, March 8

9:00am–10:30am Tuesday, 03/08/2016
Salon 1/2
Charles Engelke (Google, LLC), Laurie White (Google, LLC)
Average rating: *****
(5.00, 4 ratings)
The Internet's security depends on cryptography. People use "secure" websites to take advantage of current cryptography methods. But what if users can't (or don't want to) trust the web server with their secrets? Web-page authors can use the Web Cryptography API to give their users end-to-end secrecy and authentication through web servers, not just to them. Charles and Laurie will show you how. Read more.
11:00am–12:30pm Tuesday, 03/08/2016
Salon 8
Ryan Jarvinen (Red Hat)
Average rating: ***..
(3.77, 13 ratings)
Building Docker images is easy; that’s why there are over 45,000 public images on Docker Hub today (albeit only 100 of them "official" images). Creating reproducible, secure images from source that are easily maintained and updated takes a bit more planning and automation. Ryan Jarvinen illustrates what it takes to create a successful (and secure) build strategy. Read more.
11:00am–12:30pm Tuesday, 03/08/2016
Salon 1/2
Charles Engelke (Google, LLC), Laurie White (Google, LLC)
Average rating: ****.
(4.00, 3 ratings)
The Internet's security depends on cryptography. People use "secure" websites to take advantage of current cryptography methods. But what if users can't (or don't want to) trust the web server with their secrets? Web-page authors can use the Web Cryptography API to give their users end-to-end secrecy and authentication through web servers, not just to them. Charles and Laurie will show you how. Read more.

Thursday, March 10

9:10am–9:30am Thursday, 03/10/2016
Salon 8/9
Average rating: ***..
(3.85, 46 ratings)
The Web has grown to become a hugely important medium, but it has also become horrendously complex, which extends development schedules and promotes bug formation. Douglas Crockford introduces Seif, an open source project started at PayPal with the goal of transitioning the Web into an application delivery system that will be safer, easier to use, and easier to develop for. Read more.
1:30pm–2:00pm Thursday, 03/10/2016
Club Room
Guy Podjarny (Snyk), Danny Grander (Snyk)
Average rating: ****.
(4.75, 4 ratings)
Using npm modules means your apps run strangers’ code. About 14% of packages carry a known vulnerability that may expose you. A compromised (or malicious) contributor can put a back door in your app. If it happens, would you know? Guy Podjarny and Danny Grander discuss how to mitigate this risk without losing productivity, show how to find and fix vulnerabilities, and suggest what to monitor. Read more.
2:15pm–2:45pm Thursday, 03/10/2016
Salon 12/13/14/15
Average rating: **...
(2.67, 3 ratings)
Douglas Crockford offers a deep dive into Seif, an open source project started at PayPal with the goal of transitioning the Web into an application delivery system that will be safer, easier to use, and easier to develop for. Douglas discusses the Seif project and its deliverables, including the vision for the entire project, and holds a Q&A.​ Read more.
2:15pm–2:45pm Thursday, 03/10/2016
Salon 8
Jarrod Overson (Shape Security)
Average rating: ****.
(4.19, 16 ratings)
How much do you know about security vulnerabilities? Why do high-profile companies with million-dollar security budgets have problems with account takeovers? What happens to those millions of passwords that get leaked every month? Jarrod Overson reveals the strategies and tactics of the dark side of security and explores how you might start protecting yourself and your sites. Read more.