Track: Security, Incident Response & Fraud Detection


Day of week:

Master-level classes on building security into your system and responding to incidents when things go wrong.

Track Host:
Olaf Carlson-Wee
Head of Special Projects @Coinbase
Olaf is the Head of Special Projects at Coinbase, the largest bitcoin company in the world, where he was the first employee. He received a BA from Vassar College after completing his thesis on distributed networking, the implications of the mass adoption of bitcoin, and the development of open source cryptographic technologies. At Coinbase, he has built a 40 person operations team, conducted agent training for the FBI, HSI, and Treasury Department, and designed fraud prevention and account security mechanisms protecting billions of dollars in transactional value occurring in over 30 countries. He is an expert in decentralized ledger protocols, crypto-based financial instruments, and anti-fraud systems at scale.
10:35am - 11:25am

by Jim Webber
Chief Scientist @Neo4j

Finance is awash with data, but much of it is discrete items locked up in silos waiting to be joined up to provide insights. Graph data is different: it's joined by default and oozes domain-specific insight.

In this talk we'll discuss several kinds of fraud common in financial services and see how each naturally decomposes into a straightforward graph use-case. To demonstrate the power of connected data, we'll explore use-cases using Neo4j and the (now open standard) Cypher query...

11:50am - 12:40pm

by Richard Kasperowski
Author of The Core Protocols: A Guide to Greatness

Open Space
1:40pm - 2:30pm

by Olaf Carlson-Wee
Head of Special Projects @Coinbase

Bitcoin allows for new applications that utilize programmatic nanopayments smaller than a penny. Alternatively, bitcoin also allows millions of dollars to be stored on a flash drive, on a piece on paper, or in a passphrase. These disparate ways of using the same underlying bitcoin protocol require vastly different security models.

This talk explores micropayment and wealth storage use cases for bitcoin and examines the various novel cryptosystems used to facilitate micro-penny...

2:55pm - 3:45pm

by Zane Lackey
Founder & CSO @SignalSciences, Previously @Etsy

Continuous deployment and the DevOps philosophy have forever changed the ways in which businesses operate. This talk with discuss how security adapts effectively to these changes, specifically covering:

  • Practical advice for building and scaling modern application and infrastructure security programs
  • Lessons learned for organizations seeking to launch a bug bounty program
  • How to run realistic attack simulations and learn the signals of compromise in your...
4:10pm - 5:00pm

by Ryan Huber
Security at Slack Technologies, Inc

Monitoring for potentially malicious activity in an environment and handling the resulting alerts is vital to the success of a defensive security program. Powerful centralized logging is accessible to all of us, but it is only useful if we understand and take action on the data collected.

How do we also ensure that we have eyes on potential issues while keeping noise to a minimum? What tools and techniques can we use to enhance the effectiveness and responsiveness of a security team...

5:25pm - 6:15pm

by Christina Camilleri
Penetration Tester & Social Engineer @BishopFox

by Shubham Shah
Security Analyst @BishopFox

The fault of the computer system is that it can only follow instructions. The fault of the human is that it can only make judgement calls. When we think about this in relation to information security, it presents an interesting opportunity to destructively combine the two and use it for evil.

We often assume that out of all the elements within our organisations and systems, people are most likely to expose us to risk. People create technical systems and people man these systems. The...


Covering innovative topics

Monday, 7 March

Tuesday, 8 March

Wednesday, 9 March