Attacks of the Industry: A View into the Future of Cybersecurity

Are there any attacks that are effective, reliable and almost always work? Of course! Even though an organization manages well the infrastructure, patches are regularly installed, the network is monitored – there are attacks that are still working perfectly as it is really a matter of misconfiguration rather than serious security vulnerability. Could cloud technologies help it? Are Office 365, Azure, Amazon Web Services etc. secure? How to measure it? Is it worth to move some of the services to the cloud and mitigate the risk of a breach? The problem is that some infrastructure mechanisms rely on the type of communication used within the attacks and they use it for the normal communication: single sign-on authentication, service accounts, network sharing etc. and in the vast majority of organizations that can be leveraged!

Join Paula during this keynote to become familiar what are the biggest mistakes in infrastructure security that from the attacker perspective can be pretty much always exploited and leave the conference with suggestions & ideas how to reach the next level of security in your workspaces.

Fatal Signs: 10 Symptoms When You Think You’ve Been Hacked

We all need the mandatory checklist of places to verify in case of being hacked or… at least when we are in doubt. It is all about these ‘little things and details’. For a hacker it is enough to get only one of them exploited, for Administrators it is so much harder – they need to know them all. What’s worse: they need to check them all! There are some OS behaviors that could indicate that there is something currently active, how can we spot what exactly is that? We will look at the places used by the system to store such information. Surprisingly your disk drive contains a lot of juicy information that can reveal a lot of secrets and history about what has happened did in the past. There are also places where data can be deliberately hidden by malicious software and it would be great to know what those are!

During this session you will become familiar with the symptoms that could indicate that have been hacked and tools and techniques to spot these kind of activities. You will also learn how you can mitigate hackers to exploit discussed OS areas.

Security Best Practices in Azure

With today’s DevOps culture, developers have more power in deciding the final means of their implementation – the cloud architectures. With great power comes great responsibility, and one important aspect developers should be aware of is the security of their deployed solutions.

In this presentation we’ll see some details of how Azure Cloud helps securing your architectures – what are the defaults, which aspects you need to pay attention to, and which specific tools you can use.

Practical Security in Web Applications

Explore effective methods to identify & avoid the most common and devastating security pitfalls in Web Applications. When it comes to an enterprise’s exposure to security vulnerabilities, one could easily argue that its web presence is by far its greatest threat. There are many ways to build vulnerable applications and a few effective ways to “build them right”. We’ll instrument you to stay on right side of this equation.

Dealing with Package Management Security

Let’s face it, us software developers, we’re people who love code. We spend our entire life writing it, reading it, reviewing it, and ultimately seeing its results with every production deployment. On the other hand, what we hardly enjoy is having to repeat ourselves, having to reinvent the wheel day in, day out. That gets to us everytime. Thankfully, with the advent of open source software, this anti-pattern is rarely an issue. We are now able to reuse our work, learn from each other’s experiences and, ultimately, continuously innovate.

But we can never have good things, right? This fantastic collaboration opportunity opens the door to numerous vulnerabilities, threats and exploits, issues which we need to admit, face and mitigate in a continuous process. Join this session to see what the major patterns of attack are, how to read red flags and how to protect your code from exploits.

0 to 1000 tests: The journey of Unit Testing in a Legacy Application

Many of us have had to work in legacy code, sometimes without the benefit and safety net of existing unit and integration tests. As good developers, we want to make sure the features we add are correct, so how do we go about testing our code when it shares a home with untested, or worse, untestable code?

Join us in following the journey of one project that went from having virtually no tests being run continuously to over 1000 in the span of a few months and let’s look at some specific strategies to help you get testing in the tangles of (badly) aged code.