For every security engineer you train, there are 20 or more developers writing code with potential vulnerabilities. There’s no human way to keep up. We need to be more effective with less resources. It’s time to make security a fully integrated part of modern software development and operations.
It’s time to automate.
This year’s THREADS will focus exclusively on automating security. In this single forum, a selection of the industry’s best experts will present previously unseen in-house innovations deployed at major technology firms, and share leading research advances available in the future.
Buy tickets for THREADS now to get the early-bird special (expires 10/13).
DARPA Returns – Exclusive
If you attended THREADS’13, you know that our showcase of DARPA’s Cyber Fast Track was not-to-be-missed. Good news, folks. DARPA’s coming back with a brief of another exciting project, the Integrated Cyber Analysis System (ICAS). ICAS enables streamlined detection of targeted attacks on large and diverse corporate networks. (Think Target, Home Depot, and JPMorgan Chase.)
We’ll hear from the three players DARPA invited to tackle the problem: Invincea Labs, Raytheon BBN, and Digital Operatives. Each group attempted to meet the project goals in a unique way, and will share their experiences and insights.
World-Class Speakers at THREADS’14
Robert Joyce, Chief, Tailored Access Operations (TAO), NSA
As the Chief of TAO, Rob leads an organization that provides unique, highly valued capabilities to the Intelligence Community and the Nation’s leadership. His organization is the NSA mission element charged with providing tools and expertise in computer network exploitation to deliver foreign intelligence. Prior to becoming the Chief of TAO, Rob served as the Deputy Director of the Information Assurance Directorate (IAD) at NSA, where he led efforts to harden, protect and defend the Nation’s most critical National Security systems and improve cybersecurity for the nation.
Michael Tiffany, CEO, White Ops
Michael Tiffany is the co-founder and CEO of White Ops, a security company founded in 2013 to break the profit models of cybercriminals. By making botnet schemes like ad fraud unprofitable, White Ops disrupts the criminal incentive to break into millions of computers. Previously, Tiffany was the co-founder of Mission Assurance Corporation, a pioneer in space-based computing that is now a part of Recursion Ventures. He is a Technical Fellow of Critical Assets Labs, a DARPA-funded cyber-security research lab. He is a Subject Matter Advisor for the Signal Media Project, a nonprofit promoting the accurate portrayal of science, technology and history in popular media. He is also a Ninja.
Smten and the Art of Satisfiability-based Search
Nirav Dave, SRI
Reverse All the Things with PANDA
Brendan Dolan-Gavitt, Columbia University
Laszlo Szekeres, Stony Brook University
Static Translation of X86 Instruction Semantics to LLVM with McSema
Artem Dinaburg & Andrew Ruef, Trail of Bits
Transparent ROP Detection using CPU Performance Counters
Xiaoning Li, Intel & Michael Crouse, Harvard University
Improving Scalable, Automated Baremetal Malware Analysis
Adam Allred & Paul Royal, Georgia Tech Information Security Center (GTISC)
Integrated Cyber Attribution System (ICAS) Program Brief
Richard Guidorizzi, DARPA
TAPIO: Targeted Attack Premonition using Integrated Operational Data Sources
Gestalt: Integrated Cyber Analysis System
Federated Understanding of Security Information Over Networks (FUSION)
Building Your Own DFIR Sidekick
Scott J Roberts, Github
Operating system analytics and host intrusion detection at scale
Mike Arpaia, Facebook
Reasoning about Optimal Solutions to Automation Problems
Jared Carlson & Andrew Reiter, Veracode
Augmenting Binary Analysis with Python and Pin
Omar Ahmed, Etsy & Tyler Bohan, NYU-Poly
Are attackers using automation more efficiently than defenders?
Marc-Etienne M.Léveillé, ESET
Making Sense of Content Security Policy (CSP) Reports @ Scale
Ivan Leichtling, Yelp
Automatic Application Security @twitter
Neil Matatall, Twitter
Cleaning Up the Internet with Scumblr and Sketchy
Andy Hoernecke, Netflix
CRITs: Collaborative Research Into Threats
Michael Goffin, Wesley Shields, MITRE
GitHub AppSec: Keeping up with 111 prolific engineers
Ben Toews, GitHub
Don’t miss out. Buy tickets for THREADS now to get the early-bird special (expires 10/13). You won’t find a more comprehensive treatment of scaling security anywhere else.