SESSION + Live Q&A

Encryption Without Magic, Risk Mngmnt Without Pain

In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data.

Apart from discussing general technical approaches, we will focus on what do we need to do after we’ve implemented some kind of encryption in our system: monitoring, intrusion detection, key management, key and code trust.

Speaker

Anastasiia Voitova

Head of Customer Solutions, Security Software Engineer @CossackLabs

Anastasiia is a software engineer with a wide background, she started her career as a mobile developer, then deepen into security engineering. Now she has focused on cryptography/applied security, she helps companies to build secure yet usable systems (oh yes, it takes efforts). Anastasiia...

Read more
Find Anastasiia Voitova at:

Speaker

Anastasiia Voitova
Anastasiia Voitova

Head of Customer Solutions, Security Software Engineer @CossackLabs

Location

St James, 4th flr.

Track

Security: Red XOR Blue Team

Topics

SecurityCryptographyEncryptionSecurity VulnerabilitiesMonitoring

Share

Share Share

From the same track

SESSION + Live Q&A Security

Bigger, Faster and More Secure

Many people don't care about security. It's OK, don't worry! I'm not judging. Security is the world of defense, of caution and of risk. Securing systems is hard and we don't have great solutions to the many challenges it poses. Security folk on the whole are the least exciting people to invite...

Laura Bell

Founder of SafeStack

UNCONFERENCE + Live Q&A Security

Security Open Space

SESSION + Live Q&A Security

Attack Trees, Security Modeling for Agile Teams

Agile software development and security often don’t feel like good bedfellows. Many traditional security methodologies for analysing risk and threats are based on old military or government based software development methodologies which favour traditional, slow moving, low change...

Michael Brunton-Spall

Independent Security Consultant, previously Deputy Director for Technology and Operation, & Head of CyberSecurity of Government Digital Service

SESSION + Live Q&A Security

Security Champions: Only YOU Can Prevent File Forgery

As a Developer, there will come a time when you realize that you have the power to not only ship awesome features, but also protect them so that no one else can tamper with all your hard work. Every Developer is responsible for coding securely, but there are a brave few among us that will take...

Marisa Fagan

Product Security Lead @Synopsys

SESSION + Live Q&A Security

EternalBlue: Exploit Analysis and Beyond

In this presentation we will analyze the EternalBlue exploit that was leaked in early 2017 which was then abused to great effect throughout the year.   Beginning a journey into InfoSec research can be daunting. We will discuss how targeted analysis can help develop security skills while...

Emma McCall

Security Analyst @RiotGames

View full Schedule