October 30–31, 2016: Training
October 31–November 2, 2016: Tutorials & Conference
New York, NY

Schedule: Tools and processes sessions

Add to your personal schedule
9:00am–12:30pm Monday, 10/31/2016
Location: Grand Ballroom West Level: Beginner
Ido Safruti (PerimeterX), Christopher Federico (PerimeterX)
Average rating: ****.
(4.50, 2 ratings)
Bots are a reality, and it’s hard to separate your users and good bots (e.g., search) from the bad ones (brute force, fraud, scrapers, etc.). Ido Safruti and Chris Federico review how bots work, explain how to operate a few common bots, and, most importantly, show what you can do to detect and block malicious activity while enabling your users and good bots to work uninterrupted. Read more.
Add to your personal schedule
9:00am–12:30pm Monday, 10/31/2016
Location: Trianon Ballroom Level: Beginner
Sam Newman (Independent)
Average rating: ***..
(3.50, 2 ratings)
Security is everyone’s job, even if you’re not a specialist. Sam Newman shares a model that shows how developers can think about application security and play their part. From there, Sam explores the specific challenges in microservice architectures and explains how application security principles can be applied to these often much more complex application architectures. Read more.
Add to your personal schedule
9:00am–12:30pm Monday, 10/31/2016
Location: Rendezvous Trianon Level: Beginner
Guy Podjarny (Snyk), Danny Grander (Snyk)
Average rating: ***..
(3.00, 1 rating)
Some of the very things that make JavaScript awesome can also leave it exposed. Guy Podjarny and Danny Grander use (and abuse) a vulnerable Node.js application called Goof to demonstrate various common vulnerabilities and dependencies. For each item, Guy and Danny explain the issue, show an exploit on Goof, and, most importantly, demonstrate how to avoid or defend against it. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, 10/31/2016
Location: Grand Ballroom West Level: Intermediate
Ben Hall (Katacoda | Ocelot Uproar)
Average rating: ****.
(4.00, 1 rating)
Docker offers a lot of advantages, simplifying both development and production environments, but there is still uncertainty around the security of containers. Ben Hall shares his experiences while leading a hands-on demonstration of Docker and container security. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, 10/31/2016
Location: Trianon Ballroom Level: Beginner
Andrea Doherty (EMC Corporation), Danny Dhillon (EMC Corporation)
Average rating: **...
(2.00, 1 rating)
Threat modeling is an essential element in building secure software that is resilient to attack. Yet threat modeling is often seen as too specialized and time consuming to include in the software development process. Andrea Doherty and Danny Dhillon walk you through a pragmatic approach to threat modeling that can be applied within your existing structured and Agile processes. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, 10/31/2016
Location: Rendezvous Trianon Level: Beginner
Philip Polstra (Bloomsburg University of Pennsylvania)
Average rating: *****
(5.00, 1 rating)
Philip Polstra offers an overview of Python basics and demonstrates how to leverage this popular scripting language in order to automate many common tasks found in forensic investigations. You'll gain a deeper understanding of FAT and NTFS filesystems and see firsthand how to glean pertinent information from a filesystem image in minutes with Python. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, 10/31/2016
Location: Mercury Ballroom Level: Intermediate
Charles Givre (Orbital Insight)
Average rating: ****.
(4.33, 3 ratings)
Drill is an open source, schema-free SQL engine that can query all kinds of data. Applying Drill to network security problems potentially offers a leap forward in network analysis. Charles Givre demonstrates how to use Drill to query simple data, complex data, and data from databases and big data sources and walks you through writing your own functions to extend Drill's functionality. Read more.
Add to your personal schedule
11:20am–12:00pm Tuesday, 11/01/2016
Location: Trianon Ballroom Level: Intermediate
Maarten Van Horenbeeck (Fastly), Lisa Phillips (Fastly), Tom Daly (Fastly)
Average rating: ****.
(4.67, 3 ratings)
Fastly operates the edge for many large web properties. To deal with emerging threats to its network, Fastly created a process that allows it to respond effectively to incidents: Incident Command, which rapidly coordinates teams during an incident. Maarten Van Horenbeeck, Lisa Phillips, and Tom Daly take you to the far side of the edge, demonstrating the protocols that work during an incident. Read more.
Add to your personal schedule
1:15pm–1:55pm Tuesday, 11/01/2016
Location: Trianon Ballroom Level: Beginner
Jessica Frazelle (Microsoft)
Average rating: ****.
(4.11, 9 ratings)
Overall, your applications will be more secure running in containers than not, but a common misconception is that containers will prevent attacks—they will not. Jessica Frazelle covers the benefits gained by using containers and outlines the ways containers lessen the destruction from an application compromise. Read more.
Add to your personal schedule
2:10pm–2:50pm Tuesday, 11/01/2016
Location: Trianon Ballroom Level: Intermediate
Bruce Potter (KEYW Corporation)
Average rating: ****.
(4.67, 9 ratings)
Performing a security risk analysis and documenting remediation actions is a critical step in every organization's security program. Unfortunately, there is no one single way to perform a risk analysis, and determining a process can be intimidating to new comers. Bruce Potter presents a simple assessment process that you can readily utilize to perform a risk assessment in your organization. Read more.
Add to your personal schedule
3:50pm–4:30pm Tuesday, 11/01/2016
Location: Trianon Ballroom Level: Beginner
Lenny Zeltser (SANS Institute)
Average rating: ***..
(3.71, 7 ratings)
If you're responding to a malware incident, you need to quickly derive relevant and actionable information about the malicious program and the context within which it was employed. Lenny Zeltser explains how to gather such open source intelligence. You'll expand your incident response skill-set and learn how to turn public data about adversaries and malicious programs into useful details. Read more.
Add to your personal schedule
4:45pm–5:25pm Tuesday, 11/01/2016
Location: Trianon Ballroom Level: Intermediate
Eric Lawrence (Google)
Average rating: ****.
(4.67, 3 ratings)
Security and privacy worries are scaring many people away from the Internet. In a world of increasingly hostile networks, we must deliver every site over HTTPS to help protect users and their information. Fortunately, moving to HTTPS has never been easier. From free HTTPS certificates to new browser features that ease the transition, Eric Lawrence demonstrates how to secure sites of any size. Read more.
Add to your personal schedule
11:20am–12:00pm Wednesday, 11/02/2016
Location: Grand Ballroom West Level: Intermediate
Kenneth Lee (Etsy), Kai Zhong (Etsy)
Average rating: ****.
(4.00, 10 ratings)
Need help managing security event logging? Looking for inspiration on how you can use logging to create a more agile security environment? Kenneth Lee and Kai Zhong introduce 411, a new open source tool to help build effective security alerts. Paired with ELK (Elasticsearch, Logstash, and Kibana), 411 allows you to quickly set up automated alerts on your infrastructure. Read more.
Add to your personal schedule
1:15pm–1:55pm Wednesday, 11/02/2016
Location: Grand Ballroom West Level: Intermediate
John Bullard (Distil Networks), Benji Taylor (Distil Networks)
Average rating: ****.
(4.00, 7 ratings)
When John Bullard and Benji Taylor were faced with the challenge of achieving PCI compliance in 90 days flat, they used what they had on hand: modern DevOps practices and tools. They not only passed but built a reusable set of PCI tools to help anyone through the process. You'll receive early access to this DevOps PCI toolkit and learn must-know tips before starting a PCI compliance project. Read more.
Add to your personal schedule
2:10pm–2:50pm Wednesday, 11/02/2016
Location: Grand Ballroom West Level: Intermediate
Aaron Weaver (Cengage), Matt Tesauro (Pearson plc)
Average rating: ****.
(4.43, 7 ratings)
A robust, scalable, and automated appsec program is not the sole province of Netflix and the other tech unicorns. Aaron Weaver and Matt Tesauro explain how you can achieve the automation and flow that you need to start paying down your company’s technical security debt by taking the best of DevOps, Agile development, and CI/CD into your appsec program. Read more.
Add to your personal schedule
3:50pm–4:30pm Wednesday, 11/02/2016
Location: Grand Ballroom West Level: Intermediate
Average rating: ***..
(3.67, 3 ratings)
In a multitenant CI/CD environment, developers trust and delegate CI/CD systems to deploy their applications to production. But what is the basis of this trust? What is the trustworthiness of the application deployed by CI/CD through automation? Binu Ramakrishnan highlights security risks with CI/CD deployments and offers solutions to mitigate those risks. Read more.
Add to your personal schedule
4:45pm–5:25pm Wednesday, 11/02/2016
Location: Grand Ballroom West Level: Intermediate
Andy Hoernecke (Netflix), Scott Behrens (Netflix)
Andy Hoernecke and Scott Behrens introduce Scumblr, an open source framework that has been successful in tackling a broad range of security challenges, and explain how to use Scumblr for vulnerability management, application risk tracking, and more. Read more.