Security
Presentations
How to Use Encryption for Defense in Depth in Native and Browser Apps
Encryption is one of the most effective technical security measures. It massively reduces the impact and cost of a data breach. But encryption is typically focused on “infrastructure-level” elements like TLS and full-disk encryption. These are important tools, but they rely on...
Security Culture: Why You Need One and How to Create It
Strong cultures permeate people’s mentality and the way that they behave, their receptiveness to new ideas and thoughts, and their motivation to do security tasks. Organizations with a positive security culture have immense capability to build resilient products and reduce security...
Reflecting on a Life Watching Movies and a Career in Security
Things change, and people and industries adapt. Individuals and businesses that can spot the trends and adjust quickly are likely to be more successful. With this as an underlying thesis, we'll talk about some trends in the movie industry that relate well to similar changes in technology and...
Small Is Beautiful: How to Improve Security by Maintaining Less Code
Project Zero has reported over 1500 vulnerabilities in commonly used software, including Windows, Android, iOS, browsers and may others. A common factor in many of these vulnerabilities is unnecessary attack surface. This presentation explains several causes of unnecessary attack surface and how...
Interviews
How to Use Encryption for Defense in Depth in Native and Browser Apps
What is the work you're doing today?
I work at the company I founded, Tozny. We are an encryption and cybersecurity company primarily focused on application layer and end-to-end encryption. The idea is how do we use these types of tools to build more security and privacy directly in the applications.
Read Full InterviewSmall Is Beautiful: How to Improve Security by Maintaining Less Code
Please introduce yourself.
I'm Natalie Silvanovich and I'm on a team called Project Zero at Google. Our team's mission is to make zero day vulnerabilities less accessible to attackers. The biggest thing I do is find vulnerabilities so that they can be fixed so that they're not available to attackers. And I've done this in all sorts of...
Read Full Interview