Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Schedule: Security usability sessions

Add to your personal schedule
9:00am–12:30pm Monday, October 30, 2017
Location: Beekman
Amanda Berlin (NetWorks Group)
Average rating: ***..
(3.50, 4 ratings)
Everyone talks about the cyber kill chain, but much of it is misinformation and scare tactics. Amanda Berlin explores the most effective steps you can take to protect your organization from the vast majority of threats with defensive mitigation and monitoring. Read more.
Add to your personal schedule
11:20am–12:00pm Tuesday, October 31, 2017
Location: Beekman
Bobby Filar (Endgame), Richard Seymour (Endgame)
Average rating: ****.
(4.00, 1 rating)
The security industry continues to struggle with alert fatigue as the talent shortage grows. Security has yet to fully embrace the power of UX to help security workers do more with less. Bobby Filar and Rich Seymour explain how they developed a chatbot, combining machine learning within an intuitive UI to expedite data search and discovery and enhance detection and response to security threats. Read more.
Add to your personal schedule
3:50pm–4:30pm Tuesday, October 31, 2017
Location: Beekman
Michee Smith (Google)
Since the launch of the Email Encryption in Transit transparency report, Google has seen a 40% increase in encrypted emails going in and out of Gmail. Can public accountability really be used to drive the adoption of security practices inside a company and the industry at large? Michee Smith explores the successes and pitfalls of sharing this type of data and how to approach similar endeavors. Read more.
Add to your personal schedule
4:45pm–5:25pm Tuesday, October 31, 2017
Location: Beekman
Jason Hoenich (Habitu8)
Jason Hoenich explores the risks related to delivering poor awareness programs rather than adapting to changing needs and demands of the attack surface and learning behaviors of humans. Incorporating the key fundamental behavioral psychology nodes for establishing true culture change, and making the experience of the end user will move our programs to Security Awareness 2.0. Read more.
Add to your personal schedule
4:45pm–5:25pm Tuesday, October 31, 2017
Location: Sutton South
Kelly Harrington (Google)
Kelly Harrington explores how web security initiatives work with webmasters to clean up malware attacks and fix other security issues that affect the web ecosystem. Along the way, Kelly explains how to strike the right balance between providing help to site owners and protecting data from bad actors. Read more.
Add to your personal schedule
1:15pm–1:55pm Wednesday, November 1, 2017
Location: Beekman
Christoph Hartmann (Chef Software), Dominik Richter (Chef Software)
It's still very cumbersome to implement best practices for server hardening and patching. As a result, many servers are still unsecured. Christoph Hartmann and Dominik Richter offer an overview of InSpec—an open source tool for infrastructure, security, and compliance testing—and demonstrate how patch and security level can be assessed in CI/CD and production environments. Read more.
Add to your personal schedule
1:15pm–1:55pm Wednesday, November 1, 2017
Location: Sutton North
Jessy Irwin (Jessysaurusrex)
Average rating: *****
(5.00, 2 ratings)
When a major security incident hits the news, security practitioners are quick to place the blame on users for being the weakest link in security. Jessy Irwin debunks the myth that users are the root of all failure and explores how security teams can even the playing field to transform people into an extra line of defense when we need them the most. Read more.
Add to your personal schedule
1:15pm–1:55pm Wednesday, November 1, 2017
Location: Sutton South
Neal Mueller (Google), Max Saltonstall (Google)
Average rating: *****
(5.00, 2 ratings)
Most companies today use some variation of the firewall or “fortress” model for perimeter security. This model assumes everything on the outside is dangerous and everything in the inside is safe and worked well when employees worked on desktop computers at the company HQ. Neal Mueller and Max Saltonstall offer an overview of Google’s BeyondCorp, a new model for today's dispersed BYOD workforce. Read more.