Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Keynotes

Hear how some of the most innovative thinkers in infosec are defending their companies from attacks and breaches. Keynotes take place Tuesday, October 31 and Wednesday, November 1.

Alex Kassirer

Alex Kassirer
Director of Counterterrorism, Flashpoint

Alex Kassirer is director of counterterrorism at Flashpoint and an on-air analyst for NBC. She has assisted law enforcement and intelligence agencies in terrorism investigations and prosecutions and consults private sector organizations on both physical and cybersecurity. Alex is... Read More.

9:55am Wednesday, November 1, 2017
While the cyber skills of jihadists are often limited, the reach and impact of their physical incidents is, unfortunately, wide and well known. Alex Kassirer explains why synergy between physical security and cybersecurity teams is crucial to mitigate the hybrid risk posed by jihadists, particularly as it pertains to brand reputation, terror financing, execution protection, and insider threats. Full Details

Fredrick Lee
Head of Information Security, Square

Fredrick “Flee” Lee is the head of information security at Square. Fredrick has a history of solving security problems for a range of organizations all the way from large enterprises (Bank of America) to small startups (Twillio) and building and... Read More.

10:10am Tuesday, October 31, 2017
Traditionally we security professionals have been viewed as gate keepers, rule enforcers, and the people who say "no." Fredrick Lee shines a light on the ways security has allowed the world to do more and encourages security professionals to solve the difficult problems that will allow us to say "yes." Our profession needs to reach beyond being gatekeepers and move toward being gate openers. Full Details
Haroon Meer

Haroon Meer
Founder, Thinkst

Haroon Meer is the founder of Thinkst, the company behind the well-loved Thinkst Canary. Haroon has contributed to several books on information security and has published a number of papers on various topics related to the field. Over the... Read More.

9:45am Tuesday, October 31, 2017
The frequency and impact of recent high-profile breaches has been positively depressing. However, a new type of security engineering is taking root, which suggests hope for effective corporate security at enterprise scale. Haroon Meer highlights these hopeful examples in a bid to encourage more people to plot a course toward achievable security. Full Details
Allison Miller

Allison Miller
Product Management, Google

Allison Miller works in product management at Google, mitigating risks to Google and end users. Previously, Allison held technical and leadership roles in security, risk analytics, and payments/commerce at Electronic Arts, Tagged.com, PayPal/eBay, and Visa International. Allison is a proven... Read More.

10:20am Wednesday, November 1, 2017
The second annual O’Reilly Defender Awards acknowledge and celebrate our security heroes and heroines who have demonstrated exceptional leadership, creativity, and collaboration in the defensive security field. These honors will be presented during keynotes. Full Details
10:30am Tuesday, October 31, 2017
Program chairs Rachel Roumeliotis and Allison Miller close the first day of keynotes. Full Details
9:00am Tuesday, October 31, 2017
Security Conference program chairs Rachel Roumeliotis and Allison Miller welcome you to the first day of keynotes. Full Details
9:00am Wednesday, November 1, 2017
Security Conference program chairs Rachel Roumeliotis and Allison Miller welcome you to the second day of keynotes. Full Details
Katie Moussouris

Katie Moussouris
Founder and CEO, Luta Security

Katie Moussouris is the founder and CEO of Luta Security, which specializes in helping businesses and governments work with hackers to better defend themselves from digital attacks. Katie is a noted authority on vulnerability disclosure and bug bounties and... Read More.

9:25am Tuesday, October 31, 2017
Computing has infiltrated society faster than we have been able to secure it. Defenders struggle with quantifying risk so that it translates into supported organizational changes and budget. Katie Moussouris explains how to transmute our suffering into kinetic and organizational changes and how to turn the forces that resist our defense activities into our biggest supporters in our organizations. Full Details
Rachel Roumeliotis

Rachel Roumeliotis
Strategic Content Director, O'Reilly Media

Rachel Roumeliotis is a strategic content director at O’Reilly Media, where she leads an editorial team that covers a wide variety of programming topics ranging from full stack to open source in the enterprise to emerging programming languages. Rachel is... Read More.

10:20am Wednesday, November 1, 2017
The second annual O’Reilly Defender Awards acknowledge and celebrate our security heroes and heroines who have demonstrated exceptional leadership, creativity, and collaboration in the defensive security field. These honors will be presented during keynotes. Full Details
10:30am Tuesday, October 31, 2017
Program chairs Rachel Roumeliotis and Allison Miller close the first day of keynotes. Full Details
9:00am Tuesday, October 31, 2017
Security Conference program chairs Rachel Roumeliotis and Allison Miller welcome you to the first day of keynotes. Full Details
9:00am Wednesday, November 1, 2017
Security Conference program chairs Rachel Roumeliotis and Allison Miller welcome you to the second day of keynotes. Full Details
Runa Sandvik

Runa Sandvik
Director of Information Security for the Newsroom, New York Times

Runa Sandvik is the director of information security at the New York Times, where her primary focus over the past year has been the newsroom, helping reporters better understand the challenges they are facing. Runa loves to travel and has... Read More.

9:05am Wednesday, November 1, 2017
The New York Times has staked its future on being a destination for readers. As a result, the company is working to incrementally improve the security of its environment. Drawing on this work, Runa Sandvik shares practical lessons on how to build and foster a culture of security across an organization. Full Details
Window Snyder

Window Snyder
Chief Security Officer, Fastly

Window Snyder is CSO at Fastly, where she oversees Fastly’s expanding security offerings through its global edge infrastructure platform. Window has been a key contributor to the evolution of security in our connected world. At Apple, she developed security... Read More.

9:30am Wednesday, November 1, 2017
You can spend your entire security budget on signal-based technologies (such as endpoint security, antimalware, and vulnerability detection) and incrementally improve the security of your environment. But the real value is in people. Join Window Snyder to learn why the basics are hard to implement consistently but will get you a lot further than yet another set of signal-based tools. Full Details
Matt Stine

Matt Stine
Cloud Native Polymath and Software Architect, Pivotal

Matt Stine is the global CTO for architecture at Pivotal, where he spends much of his time helping customers develop cloud native application architectures. Matt is an 18-year veteran of the enterprise IT industry, 8 of them... Read More.

10:05am Tuesday, October 31, 2017
Matt Stine offers an overview of the three principles of cloud-native security—rotate user credentials frequently, so they are only useful for a short time; repave servers and applications from a known good state often; and repair vulnerable software as soon as updates are available—and explains how this approach helps you deal with the exponentially increasing volume and velocity of threats. Full Details
Chris Wysopal

Chris Wysopal
Cofounder and CTO, Veracode

Chris Wysopal is cofounder and CTO of SaaS application security company Veracode, which was recently acquired by CA Technologies. Chris is one of the original vulnerability researchers and a member of the hacker think tank the L0pht. He has... Read More.

9:05am Tuesday, October 31, 2017
If great software is secure software, why are there still so many vulnerabilities? Don’t architects and developers want to build great systems? Chris Wysopal details how defenders can enable developers to create secure software through coaching, shared code, and services. Full Details