Training: 8–9 November 2016
Tutorials & Conference: 9–11 November 2016
Amsterdam, NL

Protecting your users with Google Safe Browsing

Noé Lutz (Google Inc.)
11:20–12:00 Friday, 11 November, 2016
Security in context (security datasci)
Location: G102 Level: Beginner
Average rating: ****.
(4.80, 5 ratings)

What you'll learn

  • Understand the various threats facing users online and how your site and app may be abused by attackers to harm users
  • Gain exposure to Google's Safe Browsing APIs, which are made freely available to developers and site owners, so you can start leveraging those technologies to protect your platforms and users

Description

Web and application developers face significant challenges defending their platforms and users from attackers who try to co-opt these platforms to launch and distribute attacks on users—for example, a platform hosting user-generated content that gets abused to host phishing attacks or hacked to distribute malware. Protecting your web platform and your users from malware, phishing, social engineering, or similar threats is becoming exceedingly difficult. Attackers are constantly evolving and evading existing detection techniques. Keeping up in this arms race and building out appropriate defenses is tremendously resource intensive for developers.

Applications that host user-generated content or accept user comments are particularly vulnerable to attacks that host and distribute content that is harmful to users. In addition, the more reputable and popular a site is, the more attractive of a target it becomes to attackers because these sites provide a large user base of potential victims and raise less suspicion for harmful activity.

The more successful your app or website, the more damage such an attack will cause to your brand and reputation. Once hacked, your site may get flagged by security vendors as being unsafe, damaging your reputation. Users may subsequently desert your platform if they perceive it as being insecure.

Noé Lutz showcases example attacks on web platforms that target end users, touching on the lessons that the Google Safe Browsing team has learned over the past 10 years of protecting more than two billion Internet devices from various types of web threats. Noé focuses on tools app and website developers can use to protect their users and specifically explores how developers can apply Google’s free Safe Browsing APIs to protect their websites and users from harm to make the Internet a safer place.

Photo of Noé Lutz

Noé Lutz

Google Inc.

Noé Lutz is a senior staff software engineering and tech lead on the Safe Browsing team at Google. Noé leads the antiphishing and social engineering efforts within Safe Browsing and is responsible for protecting Google and its users from deceptive web content that might put users’ digital identity or devices at risk. He also leads the Safe Browsing API and clients effort within Safe Browsing, whose mission is to bring Safe Browsing protection to over two billion devices. Noé received an MSc in computer science and information security from ETH Zurich, Switzerland, and is currently pursuing an MBA part time at the Haas School of Business at UC Berkeley.