We're only a few weeks away from SnykCon 2021, Snyk's free annual developer conference that helps you learn how to build applications securely running October 5-7. We have a packed agenda full of expert talks, hands-on workshops, helpful demos, product roadmaps, opportunities to interact with some of the smartest speakers and leaders of developer security in the industry. It's one of the few events that brings together developers, security professionals, and cybersecurity enthusiasts for a few days of fun, learning, and community. Oh, and we're having our first ever SnykCon CTF: Fetch the Flag (more later).
This year's theme is Build Securely, and we have over 100 sessions to help you learn how to do just that. I'm excited about all of this year's talks, but as a developer and security practitioner for many years, I specifically wanted to highlight a few of the talks I'm most excited to see myself this year.
Troy Hunt, the well-known developer and security researcher responsible for building Have I Been Pwned, is going to be giving an interesting talk on the lessons he's learned from building Have I been Pwned and processing more than 11 billion records of breached data. He's going to be discussing how some of these breaches happened, as well as the immense amount of fallout these incidents can cause. If you haven't seen Troy speak before, he's incredible, so you certainly won't want to miss this!
Keren Elazari, the famous security analyst, researcher, author, and speaker will be giving a talk titled, The Future of Cyber Security from a Friendly Hacker's Perspective. I've been a huge fan of Keren's ever since I saw her TED talk, Hackers: The Internet's Immune System, many years ago!
Maud Nalpas, who focuses on privacy and security at Google on the Chrome team will be giving an incredibly interesting talk titled Haunted: Chrome's Vision for Post-Spectre Web Development, which will cover newer browser security headers and how to use them, how Chrome is shifting from an opt-in security model to security-by-default, and other security measures Chome will be adopting in the future! Since Chrome makes up approximately 70% of browser share worldwide, you won't want to miss this.
Zbyszek "Zb" Tenerowicz, of JavaScript security fame, will be giving a talk titled, My NPM Package Will Eat Your Lunch, which discusses how simple it is to get malicious packages hosted on widely used package managers like NPM, as well as how to prevent a lot of these security issues in your own environment. Regardless of whether or not you're a JavaScript developer, this talk will leave you with a lot to think about!
Oliver Crawford from SkyScanner will be running an hour-long workshop titled Applying the Developer Approach to a Fully Automated Security Lifecycle. In this workshop, you'll learn how to incorporate security detection into each layer of your stack, how to contextualize all your security data, how to think about (and build!) automated tooling, and how to close the loop between engineering and security. As someone who's struggled through a lot of these things on my own, I'm very much looking forward to hearing more about Oliver's experiences!
Snyk's very own Matt Jarvis will be giving a talk titled Cracking the Kernel: Adventures with Kernel Exploits in Kubernetes. Matt's going to be discussing kernel privilege escalation attacks, showcasing one, and discussing the various ways you can mitigate these issues in the real world. If you're at all interested in low-level security concepts and how they can have a massive impact, don't miss this one!
While this next talk may not help you write safer code, I think it'll teach you a lot about security more broadly. Jenny Radcliffe (Social Engineer and People Hacker) will be giving a talk about The Human Element of Security: How to Be a People Hacker. Jenny has made a career out of IRL penetration testing, breaking into physical premises to show the flaws in security systems, and the stories she tells sound like they're straight from the movie. Bring your whole family to this session and maybe make some popcorn.
We have a handful of 5-minute Lightning Talks, and one I'm really excited about is Farah Hawa's Your Personal Brand Speaks Louder Than Your CV! Her talk is all about taking control of your professional career by turning your interests into your job.
This year we're hosting our very first SnykCon CTF, Fetch the Flag! On October 5, participants will be able to show off (and level up) their security skills over 20 penetration testing challenges. You'll be able to compete against thousands of players to win prizes, including Nintendo Switches and Fetch the Flag branded swag. If you think you know some security tricks, register for Fetch the Flag today.
We'd love to see you at SnykCon, so register today for free. And as with last year, SnykCon will be fully virtual, so you can attend from the comfort of your couch!
Once you've registered and have looked at the agenda, let us know via Twitter (@snyksec) which talks you're most excited to attend. Be sure to use the #SnykCon hashtag!
Address:
3003 East Chestnut Expy
STE# 575
Springfield, Mo 65802
Phone: 1-844-277-3386
Fax:417-429-2935
E-Mail: contact@appdevelopermagazine.com