September 19–20, 2016: Training
September 20–22, 2016: Tutorials & Conference
New York, NY

Schedule: Security sessions

2:25pm–3:05pm Wednesday, 09/21/2016
DevOps DevOps, Security Regent Audience level: Beginner
Guy Podjarny (Snyk)
Average rating: *****
(5.00, 1 rating)
Users expect us to keep their data private and trust the info we provide. Using HTTPS is a key part of maintaining this trust. If that weren't motivation enough, HTTPS also unlocks new tech, such as HTTP/2 and service workers, and can bump up your SEO. Guy Podjarny explains why you should prioritize using HTTPS and covers some of the easiest (and most cost-effective) steps to get started. Read more.
2:25pm–3:05pm Wednesday, 09/21/2016
Financial systems Continuous delivery, Security Gramercy Audience level: Intermediate
Average rating: **...
(2.50, 4 ratings)
Automation has reached a point where the CI/CD workflow from commit to deploy is controlled in some way by bots. Multitenant CI/CD platforms often have permissions to access a wide range of systems and services and hence can be an attractive target for attackers. Binu Ramakrishnan highlights current security risks and CI/CD threat modeling and offers novel solutions to mitigate those risks. Read more.
3:50pm–4:30pm Wednesday, 09/21/2016
Infrastructure reimagined Cloud, Security Beekman Audience level: Intermediate
Sam Bisbee (Threat Stack)
Average rating: ****.
(4.00, 3 ratings)
Many of today’s popular tools and architectures, like immutable infrastructure, promise security and compliance benefits. Yet their implementations do not always deliver, often because of overlooked complexities. Sam Bisbee offers a data-driven, semi-dystopian look at how organizations are actually implementing security in the cloud. Read more.
2:25pm–3:05pm Thursday, 09/22/2016
DevOps Cognitive systems, Security Nassau Audience level: Intermediate
Jan Schaumann (The Internet)
Average rating: *****
(5.00, 2 ratings)
Infosec failures are plentiful. Every day, we patch symptoms but fail to address the reasons for these behaviors. Jan Schaumann explains that it's time we come to terms with the fact we can't solve the (infosec) world's problems until we understand how people interact with the systems we build and how they make their choices. Read more.
3:50pm–4:30pm Thursday, 09/22/2016
Performance for the people Security, UX optimization Regent Audience level: Beginner
Sonia Burney (Akamai), Sabrina Burney (Akamai)
Average rating: ****.
(4.50, 4 ratings)
Security techniques have generally focused on protecting users by blocking requests going to the origin, but security is also a concern at the browser. Sonia Burney and Sabrina Burney explore how security can be enforced at the browser level through a combination of optimization techniques and security enhancements, which overall provide an optimal end-user experience. Read more.