Presentation: Building Secure Player Experiences At Riot Games



1:40pm - 2:30pm

Day of week:




In this talk, David will give you an overview of the Riot Games Application Security program. The talk will focus on the tech and social aspects of the program and why David feels both are important when it comes to writing secure code. Specifically David will talk about how we define Application Security at Riot, how we’ve grown to meet the demands of our fast paced engineering organisation, why we’ve hired software engineers into our team and the tools we’ve developed to help Rioters globally build fun and safe experiences for our players. David will also explain why he’s been working with a behavioural scientist from our Insights team to help level up security at Riot. Software will never be free security vulnerabilities so this talk will also explain why Riot runs a bug bounty program and how that’s changed our Application Security program.

Speaker: David Rook

Head of Application Security @RiotGames

David Rook is the Head of Application Security at Riot Games. He has held various application security roles in the financial services industry since 2006 before moving into the computer games industry in early 2014. He has contributed to several OWASP projects including the code review guide and the Cryptographic Storage Cheat Sheet. He has presented at leading information security conferences including DEF CON and RSA Europe.

Find David Rook at

Similar Talks

Principal Technologist for Cloud Foundry


Conference for Professional Software Developers