O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

O'Reilly Security Conference 2016 - Amsterdam, Netherlands

Video Description

Security 2016 Amsterdam was O’Reilly Media’s first ever security conference in Europe. It gathered more than 65 of the top IT security experts from Europe, Silicon Valley, and the rest of the world to offer practical guidance on fending off the malware, spear-phishers, and DDoS attacks plaguing websites and the IoT everywhere. Containing specialized content on Euro-centric concerns like GDPR compliance, this video compilation offers a complete recording of every 40-minute session, 3.5-hour tutorial, and keynote delivered at the conference. You’ll hear from security pros at Google, Immuta, Farsight Security, Cloudera, Normation, PerimeterX, Fireglass, CoreOS, Snyk, Deloitte, Facebook, Lab Mouse, WhiteOps, and many more in this 50+ hour collection of cybersecurity wisdom and hard-knock experience.

  • Enjoy a front-row view for each of the conference's 46 sessions, 6 tutorials, and 7 keynotes
  • Hear from 65 of the top IT security experts from Europe and around the world
  • Watch detailed tutorials on Docker/container security, bot attacks, network forensics, and more
  • Listen to Google’s Thomas Dullien (aka Halvar Flake) on how to re-architect a defendable Internet
  • Take in practical GDPR-compliance strategies from Chiara Rustici and Steve Touw (Immuta)
  • Hear Dyn’s Phil Stanhope describe the DDoS attack on Dyn and the counter-measures to repel it
  • Watch Don Bailey (Lab Mouse Security) on the must-have processes for defeating IoT attacks
  • Learn about the value of DNS in cyber investigations from Merike Kaeo (Farsight Security)
  • Hear the latest on security tools like PAL, rkt, Inspec, Apache Drill, Rudder, and Macaroons
  • Learn the best practices for spreading security consciousness throughout the enterprise

Table of Contents

  1. O'Reilly Security Conference Keynotes
    1. Lessons learned from running big bug bounty programs - Katie Moussouris (Luta Security) 00:27:20
    2. The world will see (and just saw) an Internet zombie apocalypse - Phil Stanhope (Dyn) 00:19:44
    3. Innovation versus invasion: Inserting privacy controls and due process into semi-autonomous algorithms - Matthew Carroll (Immuta Inc) 00:05:18
    4. From possible to practical: The path for defense - Dan Kaminsky (White Ops) 00:27:36
    5. My heart depends on your code - Marie Moe (SINTEF) 00:25:44
    6. Conceptualizing attribution and why it matters - Benjamin Buchanan (Harvard University) 00:26:23
  2. Security in context (security datasci)
    1. Practical network forensics - Marcelle Lee (Fractal Security Group, LLC) and Lisa Foreman-Jiggetts (Women's Society of Cyberjutsu) - Part 1 1:25:20
    2. Practical network forensics - Marcelle Lee (Fractal Security Group, LLC) and Lisa Foreman-Jiggetts (Women's Society of Cyberjutsu) - Part 2 1:19:51
    3. Beyond matching: Applying data science techniques to IOC-based detection - Alex Pinto (Niddel) 00:53:51
    4. Moving beyond Threatbutt or: Threat Landscape 2039 - Trey Darley (Kingfisher Operations, sprl) 00:35:05
    5. Architectural design for legal analytics - Steve Touw (Immuta) 00:41:48
    6. Security analytics using big data and Apache Hadoop: Beyond the hype - Eddie Garcia (Cloudera) 00:39:46
    7. Expanding the blue team by building a security culture program - Masha Sedova (Salesforce) 00:39:57
  3. Tech, tools, and processes
    1. Hands on with InSpec - Mandi Walls (Chef) 1:23:35
    2. The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Ariel Sirota (PerimeterX) - Part 1 00:54:11
    3. The industrial age of website bots: How to detect and block automated attacks - Ido Safruti (PerimeterX) and Ariel Sirota (PerimeterX) - Part 2 1:06:05
    4. Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 1 1:24:56
    5. Drilling into network data with Apache Drill - Charles Givre (Booz Allen Hamilton) - Part 2 1:16:22
    6. PAL is your pal: Bootstrapping secrets in Docker - Nick Sullivan (CloudFlare) 00:37:31
    7. Common vulnerabilities and exposures in containers: What to know - Quentin Machu (CoreOS) 00:35:29
    8. Integrating security into DevOps - Ernest Kim (MITRE Corp.) 00:37:14
    9. Continuous auditing for effective compliance with Rudder - Jonathan Clarke (Normation) 00:39:23
    10. The bad things happen when you're not looking - Ryan Huber (Slack Technologies, Inc) and Nate Brown (Slack Technologies, Inc) 00:31:59
    11. From dev to production: Security best practices on managing Amazon Web Services (AWS) environments - Dan Amiga (Fireglass) and Dor Knafo (Fireglass) 00:44:20
    12. Developing a secure and scalable frontend - James Baker (LinkedIn) and Mira Thambireddy (LinkedIn) 00:31:49
    13. Macaroons: More cookie than cookie - Brian Sletten (Bosatsu Consulting) 00:52:32
    14. Machine learning to improve random number generators - Richard Freytag (Freytag & Company, LLC) 00:40:11
    15. Practical tips for web application security in the age of Agile and DevOps - Zane Lackey (Signal Sciences) 00:39:18
  4. Bridging business and security
    1. Continuous security - Stein Inge Morisbak (Bekk Consulting AS) and Erlend Oftedal (Blank Oslo) 00:42:46
    2. Scalable threat modeling with risk patterns - Stephen de Vries (ContinuumSecurity) 00:42:01
    3. Speak security and enter: Making security make sense for nontechnical users - Jessy Irwin (Mercury Public Affairs) 00:42:16
    4. Link complex regulation to practical security - Wayne Anderson (Avanade) 00:35:52
    5. Leveraging isolation technologies for improved security and productivity - Dan Amiga (Fireglass) and Dor Knafo (Fireglass) 00:48:40
    6. US and EU data security and data privacy issues in M&A transactions - Shannon Yavorsky (Kirkland & Ellis LLP) 00:43:01
  5. The human element
    1. Who owns open source security? - Guy Podjarny (Snyk) 00:44:23
    2. Security through design: Making security better by designing for people - Jelle Niemantsverdriet (Deloitte) 00:44:35
    3. Gamify security training with developer CTFs - Kyle Rankin (Final, Inc.) 00:38:46
    4. Security by consent - Brendan O'Connor (Malice Afterthought, Inc.) 00:40:17
    5. A technical dive into defensive trickery - Dan Kaminsky (White Ops) 00:43:38
    6. Threading the needle of mobile security and user privacy - James Plouffe (MobileIron) 00:42:34
    7. Building a cross-functional incident response team - Jennifer Martin (Covington & Burling) 00:49:07
    8. rkt’s architecture and security features - Frederic Branczyk (CoreOS) 00:32:06