OWASP Meetup - Jan 2017 (1 of 2) - SF

Important Notes:


1. There is an OWASP Chapter event in SF on January 11th and also an event in Redwood City on January 12th. Please select the event most convenient to you.


2. Important - For building security you must supply your first and last name as it appears on your ID or you won't be granted access to enter.
If your full name isn't listed on your meetup account you must message an organizer and supply it. If you have a +1 you must list their full name when registering.

• 6:30 Doors Open
• 6:45 - 7:30 Talk 1
Robert Wood - Bringing Red Teaming to the Board Room

• 7:45 - 8:30 Talk 2
Rob Witoff - Security Automation With Immutable Infrastructure

• 8:30+ Networking
• 9 Doors Close

Name:
Robert Wood

Bio:
Robert Wood runs the security team at Nuna, whose core directive is to protect one of the nation's largest collective healthcare data sets. Previously, Robert was a Principal Consultant at Cigital where he founded and led the red team assessment practice and worked with strategic clients across the United States in an advisory capacity. Throughout his career, Robert has approached problems from the red teaming perspective, identifying how and why things might fail when instigated from an adversary.

Title:
Bringing Red Teaming to the Board Room

Brief Abstract:
Red teaming as an infosec practice has centered lately around showy exploits, social engineering, and ski-mask style hacking. This is just the tip of the iceberg, to better align security teams with what business leaders need, we need to get back to our adversarial roots by focusing on a broader spectrum of threats, how businesses can be harmed, and how to uncover them from a process perspective. This talk will focus on how and where we as security practitioners can apply red teaming techniques in the corporate environment, going beyond the same old live fire hacking exercises with war games, business process reviews, and competitor/market analysis. The goal of this talk is to empower security teams to better align themselves with not only IT and engineering departments, but the core business objectives and directives in place at their respective organizations.

Name: Rob Witoff, Director of Infrastructure, Coinbase

Title: Security Automation With Immutable Infrastructure

Abstract:
In the past two years Coinbase has grown from one service in production to over 100. We've quadrupled in size, launched in 20 countries and found ourselves targeted by new adversaries and faced with new security challenges. Along with our growth we've invested heavily in security automation around an immutable infrastructure. This talk will take a deep dive through a recent "Scorched Earth" event where we patched and rebuilt our infrastructure from scratch in 24 hours. Tech includes AWS, Docker, deployment, monitoring and scanning at scale.

Bio:
Rob is an infrastructure and security leader who delivers usable solutions to novel problems.

Currently a Director at Coinbase, his infrastructure powers scalable solutions to uncompromising security challenges. His team is responsible for providing these services to 5+ million users around the globe. He is a deep believer in automation and finding hard truths in the data we generate along the way.

Previously, he led Data Science in the IT CTO’s office at NASA’s Jet Propulsion Laboratory. Rob helped expand the agency’s access, opportunities and capabilities with their data. His work included the infrastructure powering massive martian telemetry and imagery analysis, redesigning data infrastructure for the Astronaut Office and driving growth in Amazon's GovCloud.

He has also worked on extend earth’s interstellar infrastructure as a lead engineer on the International Space Station’s laser communication system, OPALS. Rob drove the development of SpaceX's Launch Capabilities and led Space Station Systems Engineering. His work contributed to the first successful American optical communication link with the International Space Station.

When his head is out of the clouds, Rob is a longtime entrepreneur endurance runner, Co-Organizer of QConNY and Y Combinator founder of Apigy inc.