Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Tutorials

On Monday, October 30, choose from half-day tutorials. These expert-led presentations give you a chance to dive deep into the subject matter. Please note: to attend, you must be registered for a Gold or Silver pass; does not include access to training courses.

Monday, October 30

Add to your personal schedule
9:00am–12:30pm Monday, October 30, 2017
Location: Beekman
Amanda Berlin (NetWorks Group)
Average rating: ***..
(3.50, 4 ratings)
Everyone talks about the cyber kill chain, but much of it is misinformation and scare tactics. Amanda Berlin explores the most effective steps you can take to protect your organization from the vast majority of threats with defensive mitigation and monitoring. Read more.
Add to your personal schedule
9:00am–12:30pm Monday, October 30, 2017
Location: Sutton North
Bart Miller (University of Wisconsin-Madison), Elisa Heymann (University of Wisconsin-Madison)
Drawing from their experience performing vulnerability assessments of critical middleware, Bart Miller and Elisa Heymann walk you through the programming practices that can lead to security vulnerabilities and demonstrate how to automate tools for finding security weaknesses. You'll learn skills critical for software developers and analysts concerned with security. Read more.
Add to your personal schedule
9:00am–12:30pm Monday, October 30, 2017
Location: Regent
Kevin Poniatowski (Security Innovation)
Kevin Poniatowski teaches you how to shorten the time it takes to find common web vulnerabilities while also decreasing the risk of an OWASP Top 10 vulnerability making it into the production server, demonstrating how to collect useful data that will reveal where the vulnerabilities are hiding. Read more.
Add to your personal schedule
9:00am–12:30pm Monday, October 30, 2017
Location: Sutton South
Ben Hall (Katacoda | Ocelot Uproar)
Average rating: ****.
(4.00, 3 ratings)
Drawing on his experience building Katacoda, a platform that provides users with a sandboxed learning playground—with the side effect that they can execute malicious code and hack the system from inside the container—Ben Hall walks you through implementing Docker and container security. You'll learn about the Linux and Docker security model and how to maximize your container’s security. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, October 30, 2017
Location: Regent
Venky Anant (McKinsey & Company), Joy Smith (McKinsey & Company)
Average rating: *****
(5.00, 1 rating)
The lack of transparency between executive decisions and those who implement them can muddle the response to a fast-moving cyber-crisis. Venky Anant and Joy Smith take you through a crisis, from the response from the board and executive members to the experience of front-line responders, giving you an opportunity to question and ultimately improve the harmony between the respective approaches. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, October 30, 2017
Location: Sutton North
John Studarus (JHL Consulting), Cynthia Thomas (Midokura)
John Studarus and Cynthia Thomas demonstrate how to service-chain traffic through multiple security functions using virtualization and software-defined networking (SDN). John and Cynthia walk you through configuring and modifying layer 2 service chains with open source cloud security tools to monitor and block malicious traffic originating from a network of virtual machines. Read more.
Add to your personal schedule
1:30pm–5:00pm Monday, October 30, 2017
Location: Sutton South
Ido Safruti (PerimeterX), Amir Shaked (PerimeterX)
Average rating: ***..
(3.00, 2 ratings)
Ido Safruti and Amir Shaked offer an overview of the data analysis tools that every web security analyst should be familiar with in their daily work, including ELK, BigQuery, and Python as well as other helpful online services. These tools will help you analyze incidents on your web application and network and alert you when an attack starts. Read more.

Wednesday, November 1

Add to your personal schedule
1:15pm–1:55pm Wednesday, November 1, 2017
Location: Sutton Center
Taylor McCaslin (Duo Security)
Duo recently launched Duo Beyond, the first commercial implementation of Google’s BeyondCorp security model. Taylor McCaslin offers an overview of BeyondCorp and explains how a company that doesn’t have the resources of a company like Google can achieve a similar security posture. Read more.