The Diana Initiative 2022 has ended

Create Your Own Event

The Diana Initiative 2022

Welcome to Diana Initiative 2022 Virtual and In-Person Conference schedule.
For more information, please see our conference page here :
https://www.dianainitiative.org/

TBA

Security Misconfigurations in the Cloud - "Oh Look, something fluffy, poke, poke, poke

Threat modeling the human security risk, or as others might call it, Security Misconfigurations in the cloud and all the fun attack vectors they create. Yep, it’s clobberin time and this is what makes this job fun - helping others to find their own security problems before others do!

Speakers

Kat Fitzgerald

Security Engineering Mgr, Google

Based in Seattle and a natural creature of winter, you can typically find me sipping Grand Mayan Extra Anejo whilst simultaneously defending my systems using OSS, magic spells and Dancing Flamingos. Honeypots & Refrigerators are a few of my favorite things! Fun Fact: I rescue Feral... Read More →

Saturday July 16, 2022 TBA
TBA

TBA

The Empathic Pause: Taking Time for Self-Care and Psybersecurity

Feedback Survey

For information security and across all professions, empathy and the need for taking care of oneself are timeless truths that serve as the foundation for good mental health. But how does one actually take the time for empathy? And what does it mean? In this talk, the audience will receive an introduction to the empathic pause. Starting with a description of how the empathic pause is used in psychiatry and patient care, the audience will learn this technique and how it can be used for their own self-care during times of stress or uncertainty. Audience members will also learn how to apply the empathic pause to help detect possible mental health exploits that can be carried out by mal-intentioned actors. By understanding the empathic pause and including it into one's daily mindset, audience members can combine both mental health and cybersecurity practices to build stronger psybersecurity.

Speakers

Ryan K. Louie, MD, PhD

Psychiatrist, Washington Permanente Medical Group

Ryan K. Louie, MD, PhD, is a board-certified Psychiatrist focusing on the mental health impact of cybersecurity and with the specialty of psybersecurity. Ryan received his MD and PhD degrees from the Stanford University School of Medicine, and completed residency training in psychiatry... Read More →

Saturday July 16, 2022 TBA
Streamyard

8:00am PDT

Opening Remarks/Welcome

Opening Remarks/Welcome

Speakers

Jaime Borchert

Deputy Chief Operating Officer, Diana Initiative

Saturday July 16, 2022 8:00am - 8:30am PDT
Streamyard

Virtual Speaker Track

8:30am PDT

Keynote "Take the Initiative"

Feedback Survey

Our opening keynote

Speakers

Maggie Mayhem

Maggie Mayhem is a former sex worker and current full spectrum doula. She has spoken previously at HOPE as well as DefCon, Skytalks, SxSW, the United Nations Internet Governance Forum, as well as many events and universities around the world. Her website is MaggieMayhem.Com... Read More →

Saturday July 16, 2022 8:30am - 9:30am PDT
Streamyard

Virtual Keynote

9:30am PDT

“Threat Modeling your Mental Health: Strategies to identify, understand and mitigate threats to your emotional wellbeing”

Feedback Survey

Work. Family. Relationships. Covid-19. We are all under an inordinate amount of stress, from many sources. Specifically, cybersecurity professionals also deal with alert fatigue, increasing workloads and ever-changing job requirements, and understaffed, pressure-filled environments.

The TTPs (tactics, techniques, and procedures) of chronic stress are elusive. Stress can create havoc in our lives and impacts our ability to stave off burnout or physical shut down. How can we systematically identify when we are under attack and determine what the effective responses are to remediate and recover from compromised mental health?

In this talk I will provide conference participants with strategies to: determine the current state of their mental health and identify sources of stress, use data to determine type of intervention needed, document the severity of compromise through journaling and a daily point system, prepare for initial therapy or doctor visit (medical threat hunting and incident response team), and institute and follow an effective therapeutic response and remediation plan.

We will also review common attack vectors known to working professionals and discuss the implementation of interventions in the workplace for support of a healthy system (work accommodations, task management strategies, workday relaxation techniques). This presentation will equip participants to take the initiative to proactively protect their mental and emotional wellbeing through awareness, insight, evidence-based investigation, and timely response.

Speakers

Kassandra L. Pierre

Neurodiversity Affiliate Founder & President, WiCyS

Kassandra Pierre knows the power of advocacy and inclusion. As a volunteer and public health stakeholder, she has harnessed and leveraged strategic support to ensure that individuals in need of allyship received the support and resources necessary to unlock their potential.Kassandra’s... Read More →

Saturday July 16, 2022 9:30am - 10:00am PDT
Streamyard

Virtual Speaker Track

9:30am PDT

Mock Interviews/Resume Reviews

Hello TDI Attendees!

If you are interested in a resume review, resume advice, or a mock interview, we are offering services in Career Village according to this schedule:

We will use Discord for the entirety of the virtual event on 16 July from 9:30am - 5pm Pacific Time.
Once in our Discord please join the #Career-village channel

The #Career-village channel will be where we coordinate and communicate during the virtual event
If you come into the #Career-village channel, you can ask for a time slot and we will deconflict times against our available volunteers and add you to the list.

You will get an email on Saturday from EventBright to the email you registered with. This will have the link to join The Diana Initiative Discord server!

You will get a DM (Direct Message) in discord at your scheduled time from one of our Career Village volunteers who will initiate contact and then proceed with an audio and/or video call, whichever is preferred (via Discord).
Finding your Discord ID (needed to sign up for a resume review or mock interview):
https://youtu.be/oUkeUnSg88o

Discord Overview (if needed):
https://youtu.be/rnYGrq95ezA

Here is our Discord FAQ:
https://www.dianainitiative.org/about/faqs/#discord

Saturday July 16, 2022 9:30am - 12:30pm PDT
Discord

9:30am PDT

CTF

Feedback Survey

CTF

Saturday July 16, 2022 9:30am - 6:00pm PDT
Streamyard

9:30am PDT

IoT Village

Feedback Survey

IoT Village

Saturday July 16, 2022 9:30am - 6:00pm PDT
Streamyard

10:00am PDT

Pentesting Android Applications-Lab Setup to Get Started

Feedback Survey

As of January 2022, Android accounts for 69% of global market share. Thus it's very important to know how to perform penetration testing on Android Mobile applications. In this paper I would like to take over the audience on how to get started in Android pentesting.

Speakers

Anuradha Modi

I am a cybersecurity enthusiast and love to learn new technologies .I have 4 years of experience performing vulnerability assessments and penetration testing on various web applications and mobile applications

Saturday July 16, 2022 10:00am - 10:30am PDT
Streamyard

Virtual Speaker Track

10:00am PDT

Tinkercad Circuits

in this workshop we will be using Tinkercad circuits to simulate an ATTiny85 controlling 4 LEDS

Tinkercad Circuits information

Speakers

@TechGirlMN

Saturday July 16, 2022 10:00am - 11:00am PDT
Discord

10:30am PDT

Datadog

Join the Pack: Information Security Careers at Datadog

Come talk with datadog employees in Discord their voice channel.

Saturday July 16, 2022 10:30am - 11:00am PDT
Discord

10:30am PDT

Break

Feedback Survey

Break

Saturday July 16, 2022 10:30am - 11:00am PDT
Streamyard

Virtual Speaker Track

11:00am PDT

Monitoring Global Data Privacy Developments through Open-Source Intelligence (OSINT)

Feedback Survey

This talk presents Open-Source Intelligence (OSINT) as a mechanism to monitor, track and report key data privacy developments. The system uses free or low-cost tools and does not require programming or technical knowledge. The talk is divided into four parts. Part I provides a basic introduction to OSINT. Part II goes through the OSINT implementation process, from the diagnosis and planning stage through checking and evaluation. In Part III, the speaker will discuss their experience in implementing an OSINT privacy monitoring system. Part IV concludes with some recommendation

Speakers

Ana Trueba

Compliance Manager/DPO, Adam HCM

Ana Trueba de Buen is a native of the US- Mexico Border (Tijuana – San Diego area), who moved to Mexico City to work in policy and ended up in cybersecurity and privacy. Currently, she is a Data Protection Officer/Compliance Manager at a SaaS company, where she focuses on information... Read More →

Saturday July 16, 2022 11:00am - 11:30am PDT
Streamyard

Virtual Speaker Track

11:00am PDT

Soldering Demo 1

For this demo, we'll go over the basics of soldering with with this years "Dogtag" which will be available with any ticket at our in-person event

Speakers

@TechGirlMN

Saturday July 16, 2022 11:00am - 12:00pm PDT
Discord

11:30am PDT

Sharing is Caring: The Deeply Human Side to CTI Networking

Feedback Survey

In cyber threat intelligence, you often hear, “Security teams cannot successfully operate in an intel silo,” but breaking down silos is still very much a work-in-progress. This research-based talk peeks into the nebulous, even secretive, world of *human* CTI networking and its impact. What kinds of channels are CTI professionals using to collaborate - Twitter? Discord? Is raw data, finished intelligence, or technical support most important? How can you get started safely - and should you tell your team about it? The talk will examine key insights from Grace's 2022 research, with takeaways for individuals at all levels.

Speakers

Grace Chi

Cofounder, Pulsedive

Grace Chi is Cofounder and COO at Pulsedive. She works closely with defensive security and CTI practitioners all over the world, ranging from local consulting teams to enterprise operations. Paired with her unconventional and highly interdisciplinary background, she has unique insights... Read More →

Saturday July 16, 2022 11:30am - 12:30pm PDT
Streamyard

Virtual Speaker Track

12:00pm PDT

EasyEDA

in this workshop we will use EasyEDA to layout our virtual project into a Circuit board and convert it to a Simple Add On

materials

Speakers

@TechGirlMN

Saturday July 16, 2022 12:00pm - 1:00pm PDT
Streamyard

12:30pm PDT

Authentic Inclusion and Building Cultures that go Beyond Diversity. By putting People First using Servant Leadership

Feedback Survey

Several factors hinder organizations from moving beyond implicit racial and gender bias to a culture of authentic inclusion in the workplace. Implicit racial bias and implicit gender bias are two main diversity challenges. If organization does not combat racial and gender bias, these two issues will affect an organization in negative ways. Implicit racial and gender bias is as relevant today as it was years ago. Why? Because organizations are not using the correct frameworks or the right leaders to put people first. factors are why many organizations cannot move beyond diversity to become an authentic, inclusive workplace. Organizations must learn how to change the current work environment to become inclusive and managers play a key role in that change. Diversity implications for management are vital and the role leadership must take (Servant Leadership by putting people first) to help an organization become authentically inclusive.

Speakers

Dr. Mahasin Midgette

DHS

Dr. Midgette is a Transformative Diversity, Equity & Inclusion (DEI) Champion & Strategist of professional and educational experience in varying industries. She is the CEO of Midgette Family Services, a consulting firm that specializes in leadership, change management, and helping... Read More →

Saturday July 16, 2022 12:30pm - 1:00pm PDT
Streamyard

Virtual Speaker Track

1:00pm PDT

“Breaking into Cybersecurity”

These four distinguished cybersecurity personnel will be part of our panel on the topic of ‘Breaking into Cybersecurity’ for our 1-hour panel to be moderated by Vanessa.

You can watch the panel at The Diana Initiative Career Village YouTube Page - https://tdi.mobi/careervillagestreaming or
https://www.youtube.com/channel/UCgrbpCtc83CN8XqTkjmer3A

Speakers

Lynn Dohm

Executive Director, Women in CyberSecurity (WiCyS)

Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team. She has successfully collaborated with businesses, nonprofits and NSF-funded grants and helped produce outcomes that aligned with their cybersecurity business goals. As a solution-oriented... Read More →

Jasmine Henry

JupiterOne

Jasmine "Hex" Henry is Field Security Director at JupiterOne and lead author of The 2022 State of Cyber Assets Report (the SCAR). Previously, she was a Director of Security at a different SaaS startup where she became a JupiterOne customer in September 2019. She is an accidental career... Read More →

Meghan Jacquot

Security Engineer, Inspectiv

Meghan Jacquot is a cybersecurity professional and a curious lifelong learner with a commitment to sharing what she has learned. She is passionate about helping others, speaking at conferences to increase cyber awareness, and is particularly interested in cloud security, threat intelligence... Read More →

Dominique West

With 10 years in the Information Technology industry, Dominique West is an experience Security leader who specializes in Digital Cloud Transformation, Information Security Governance, Risk, and Compliance Management, as well as Cloud and Cybersecurity strategy and support across... Read More →

Vanessa Redman

Vanessa Redman is the AVP of Information Assurance at a financial services company in Las Vegas, Nevada. She has presented at BSidesLV, The Diana Initiative, Women’s Society of Cyberjutsu, and Women in Cybersecurity. You can also find her in the book 97 Things Every Information... Read More →

Saturday July 16, 2022 1:00pm - 2:00pm PDT
Streamyard

1:00pm PDT

Soldering Demo 2

This demo will be a preview of this years DIY electronic badge

Speakers

@TechGirlMN

Saturday July 16, 2022 1:00pm - 2:00pm PDT
Discord

1:00pm PDT

Getting into pentesting with Red Siege

Anyone can stop on it for a "Getting into pentesting" Q&A session as well as meet the Red Siege team.

Don't miss it as there will also be an apparel and sticker giveaway during this event (as well as during the course of the day, don't forget to stop by).

Speakers

Justin Connors

Molly Murdoch

Project Manager, Red Siege

Jason Downey

Security Consultant, Red Siege

Saturday July 16, 2022 1:00pm - 2:00pm PDT
Discord

1:00pm PDT

Lunch

Lunch

Saturday July 16, 2022 1:00pm - 2:00pm PDT
Streamyard

Virtual Speaker Track

2:00pm PDT

How I hacked into the OFO Bikes in Singapore

Feedback Survey

I would like to talk about how I hacked into the bluetooth low energy bikes from OFO that were all over Singapore in 2018, and was able to unlock it and ride it for free! This is a classic monster in the middle replay attack which I was able to exploit. I would walk over the steps of conducting the exploit and show a video of the same. I would end the talk with some recommendations to make devices safer against these kinds of attacks. This vulnerability report led the company to form its bug bounty program

Speakers

Sivaranjani Sankaralingam

I am a security researcher currently on a break . Previously , I worked on vehicle security at Desay SV , Singapore and prior to that I had a short stint at National University of Singapore, where I got the chance to hack into the OFO bikes. I also interned at NCC Group for a short... Read More →

Saturday July 16, 2022 2:00pm - 2:30pm PDT
Streamyard

Virtual Speaker Track

2:00pm PDT

Mock Interviews/Resume Reviews

Hello TDI Attendees!

If you are interested in a resume review, resume advice, or a mock interview, we are offering services in Career Village according to this schedule:

We will use Discord for the entirety of the virtual event on 16 July from 9:30am - 5pm Pacific Time.

Once in our Discord please join the #Career-village channel
The #Career-village channel will be where we coordinate and communicate during the virtual event

If you come into the #Career-village channel, you can ask for a time slot and we will deconflict times against our available volunteers and add you to the list.

You will get an email on Saturday from EventBright to the email you registered with. This will have the link to join The Diana Initiative Discord server!

You will get a DM (Direct Message) in discord at your scheduled time from one of our Career Village volunteers who will initiate contact and then proceed with an audio and/or video call, whichever is preferred (via Discord).

Finding your Discord ID (needed to sign up for a resume review or mock interview):
https://youtu.be/oUkeUnSg88o

Discord Overview (if needed):
https://youtu.be/rnYGrq95ezA

Here is our Discord FAQ:
https://www.dianainitiative.org/about/faqs/#discord

Saturday July 16, 2022 2:00pm - 5:00pm PDT
Discord

2:30pm PDT

Don’t settle for less - know your value!

Feedback Survey

You aced the interview and the hiring manager offered a salary but it was less than what you expected! Do you accept it, do you ask for more or do you decline it? According to research, women make 82 cents for every dollar earned by a man and the gap is even wider for women of color, LGBTQ and other underrepresented groups. The pandemic hit the economy hard and many women left the workforce. Unfortunately in some industries, taking a leave of absence or paternity leave negatively impacts opportunities into leadership positions and salary because it reduces the # of years when calculating experience. Will the gender pay gap widen as a result of the pandemic? The solution to closing the gap is to create a transparent culture and provide visibility to employees however it is easier said than done. Whether you’ve recently graduated or you are returning back to the workforce, or if you are considering your next move, negotiating what your next job offer, promotion, benefits and pay is important. In this session attendees will learn:
1- Why it is important to know your personal value
2- Who is responsible to correct the pay gap
3- When to negotiate and when to turn down an offer
4- Where to find resources so you know what you’re worth
5- What you can apply through 4 simple tips on negotiation strategies and tactics

Speakers

Aarti Gadhia

Principal Solution Specialist, Microsoft

Aarti Gadhia is a changemaker and has dedicated her entire career to breaking down barriers and boundaries to achieve equality for underrepresented groups in STEM and in leadership. She was honored for her contribution to the cybersecurity community by being named as one of the Top... Read More →

Sherifat Akinwonmi

Business Information Security Officer, TD Bank

Sherifat is a Cyber Security professional with work experience across diverse industries including Banking, Oil & Energy Services, Pharmaceuticals, and IT services. She is currently a Business Information Security Officer (BISO) with one of the top banks in Northern America. She holds... Read More →

Saturday July 16, 2022 2:30pm - 3:30pm PDT
Streamyard

Virtual Speaker Track

3:00pm PDT

Soldering Demo 3

This demo will be a preview of the SMD workshop

Soldering Demo Kit

Speakers

@TechGirlMN

Saturday July 16, 2022 3:00pm - 4:00pm PDT
Discord

3:30pm PDT

Break

Break

Saturday July 16, 2022 3:30pm - 4:00pm PDT
Streamyard

Virtual Speaker Track

4:00pm PDT

Soldering Demo 1

For this demo, we'll go over the basics of soldering with with this years "Dogtag" which will be available with any ticket at our in-person event

Speakers

@TechGirlMN

Saturday July 16, 2022 4:00pm - 5:00pm PDT
Discord

4:00pm PDT

Crossing the Finish Line – How to Train for and Achieve Your Goals in Security

Feedback Survey

So you know you want to get into security or increase your current skills – but what specifically do you need to do next to get there? It can feel paralyzing trying to sort through conflicting advice and suggested goals which might take years to accomplish, especially if also struggling with imposter syndrome, gatekeeping, or other issues. In this talk, I use the example of training for a running race such as a 10K to break down the needed steps into easy-to-understand analogies. This talk will be helpful for anyone who is newer to security and not quite sure where to begin, those with more experience who have identified their next goal but don’t yet have a structured plan to reach it, and those who may struggle with imposter syndrome or self-confidence issues.

Speakers

Elle Stehli

Application Security Analyst, GuidePoint Security

Anything!

Saturday July 16, 2022 4:00pm - 5:00pm PDT
Streamyard

Virtual Speaker Track

4:30pm PDT

Interview with Tracy Maleeff

Interview with Tracy Maleeff (@InfoSecSherpa on twitter)

Speakers

Tracy Maleeff

Security Researcher, Krebs Stamos Group

Previously worked at New York Times and GSK. A former librarian with a Master of Library & Information Science degree. Your guide up a mountain of information!

Saturday July 16, 2022 4:30pm - 5:00pm PDT
Streamyard

5:00pm PDT

Kicking Imposter Syndrome to the Curb

Feedback Survey

Have you struggled with Imposter Syndrome? Is Imposter Syndrome holding you back from becoming the best you can be? Let’s discuss how Imposter Syndrome has affected you and how you can kick it to the curb. I talk about how I realized I have Imposter Syndrome and my journey to overcome it. There are many tips and tricks to overcoming Imposter Syndrome. Let’s discover them and get you on your way to recovering from Imposter Syndrome.

Speakers

Elaine Harrison-Neukirch

Scythe

Elaine Harrison-Neukirch currently manages the Customer Support program at SCYTHE. Lead. Elaine has over 10 years of experience in cyber security working in the healthcare and financial services industries. She is the volunteer Education Director for Cyber Security Non Profit (CSNP.org... Read More →

Saturday July 16, 2022 5:00pm - 5:30pm PDT
Streamyard

Virtual Speaker Track

5:30pm PDT

Closing Remarks

Speakers

Nicole

Chief Operating Officer, Diana Initiative

Nicole Schwartz (a.k.a. CircuitSwan) speaks about DevSecOps, Agile, Diversity & Inclusion, and Women in Technology.She is currently the Product Manager at ActiveState, the deputy Chief Operating Officer in charge of Pre-Event Planning for The Diana Initiative and one of the organizers... Read More →

Saturday July 16, 2022 5:30pm - 6:00pm PDT
Streamyard

Virtual Speaker Track

TBA

Getting Real about Mental Health

Feedback Survey

From the pandemic, we have changed and transformed in ways we are still trying to discover. The effects have caused incredible burnout amongst colleagues and personal relationships, and has in ways, impacted managers, teams, and company structure and policies. It is not just burnout. We have another deeper issue that is becoming prevalent, Post-COVID Stress Disorder (PCSD). As an industry, we need to be aware of it and recognize it in order to be more strategic and integrated. This talk discusses PCSD, what that means for security and the well-being of companies, and solutions to support one another as we proceed into a new era post-pandemic.

Speakers

Chloé Messdaghi

CEO and Founder, Global Secure Partners

For over ten years, Chloé Messdaghi has advised and developed impactful solutions that have driven growth and innovation while transforming security teams to become resilient. Her work has helped businesses unlock opportunities to enhance trust, mitigate risk, and become purpose-driven... Read More →

Wednesday August 10, 2022 TBA
TBA

TBA

Leading with Intention: Lessons in Accountability & Compassion

Feedback Survey

In today’s world we hear words such as “self-care”, “authenticity”, and “live your best life,” yet what does that look like in a corporate environment? More importantly, how do we accomplish cultivating an inspiring but conducive environment as leaders that supports the principles behind these ideas while meeting deadlines? This presentation addresses the projections we attribute to these ideas, how they become twisted, and actionable takeaways on how to shape the culture as a leader by being the best follower. Derived from my own experience as a female leader in tech with a military background, I’ll walk through crafting goals, creating plans, conducting inventories, and cultivating feedback to create a team culture that allows everyone to live their best corporate life.

Speakers

Cat Self

Group Leader & Lead Adversary Engineer, MITRE

I (Cat Self) am the CTI Lead for MITRE ATT&CK® Evaluations, macOS/Linux Lead for MITRE ATT&CK® and a people leader at MITRE. At MITRE we separate professional leadership, technical leadership, and project leadership roles. This allows us to take on multiple facets of leadership... Read More →

Wednesday August 10, 2022 TBA
TBA

TBA

Read the Room

Feedback Survey

The old school way of treating everyone the same in an interview to imply fairness is actually not inclusive. Interviewers should apply emotional intelligence to every interview, eliminating bias and giving candidates a fair chance to show their capabilities. Managers can listen and learn from this and candidates can reverse engineer everything I offer here to turn the interview into a better experience for everyone involved.

The difference between a good or bad interview can come down to something as simple as prompting and patience. So beyond compliance measures and the basic measuring of required skills, I am sure we can get to the root of the ultimate qualifier: WILLINGNESS AND ABILITY, and eliminate behaviors that create extra challenges to individuals who are battling invisible obstacles like neurodiversity. This is just another proof point dispelling the Talent Shortage myth. I will walk through techniques and strategies to make every interview experience as effective and comfortable as possible, ultimately leading to success for all parties. Conducting an interview and making hiring decisions is a privilege, not to be abused or taken for granted. This will help candidates and employers and make our community at large stronger and more successful by removing one more unnecessary barrier.

Speakers

Kirsten Sireci Renner

National Security Recruiting Lead, Accenture Federal Services - Previously Novetta

Possibly best known as the co-organizer of Car Hacking Village and serial volunteer across our community, Kirsten has been in the recruiting space in InfoSec since 2010.For the last decade Kirsten has been on a mission to build a better candidate experience for everyone through strategic... Read More →

Wednesday August 10, 2022 TBA
TBA

8:00am PDT

Opening Remarks/Welcome

Feedback Survey

Opening Remarks/Welcome

Wednesday August 10, 2022 8:00am - 8:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

8:30am PDT

Keynote

Feedback Survey

Keynote

Speakers

Director Jen Easterly

Cybersecurity and Infrastructure Security Agency (CISA)

Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). Ms. Easterly was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Ms. Easterly leads CISA’s efforts to understand, manage... Read More →

Wednesday August 10, 2022 8:30am - 9:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:00am PDT

Makers Village

Makers Village

https://www.dianainitiative.org/event/maker-village/

https://sites.google.com/dianainitiative.org/makersvillage/home

Speakers

@TechGirlMN

Wednesday August 10, 2022 9:00am - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Hacking your way to better outcomes through negotiations

Feedback Survey

We’ve all heard you should never accept the first offer, you must negotiate! There’s data that shows candidates do not negotiate job offers for a variety of reasons. However, negotiating is a skill that will help you excel in your career and will help you navigate difficult situations well beyond your next job offer. This talk will walk through both negotiating your next job offer and how to apply these same skills to a work situation where you need to convince a team to fix a security issue but they seem unwilling to do so. This talk will cover negotiating myths, how to approach the negotiation, and tips and tricks for a successful conversation. The audience will walk out with a better understanding of negotiating, all the things that go into a successful outcome, and strategies that they can apply to a multitude of situations.

Speakers

Lea Snyder

Principal Security Engineer, Microsoft

Lea is a Principal Security Engineer at Microsoft. She’s worn a lot of hats over her career and mostly worked for companies that begin with the letter ‘A.’ You can read more at: https://tldrsec.com/guides/staffeng-security/stories/lea-snyder. Outside of work she can be found organizing security conferences or enjoying all the PNW has to offer... Read More →

Wednesday August 10, 2022 9:30am - 10:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Using S.M.A.R.T. Feedback to fight inappropriate communication at work

Feedback Survey

Keep your dignity against inappropriate and unconstructive feedback at work by implementing S.M.A.R.T. feedback guidelines. People are emotional beings. A small but significant percent of workers try to meet their emotional needs at their coworkers' expense, usually by targeting their LGBTQ and minority coworkers with negative social aggression disguised as "feedback". S.M.A.R.T. feedback can be your tool to combat unprofessional communication that provides no value to you or your employer. S.M.A.R.T. Feedback can also help you achieve more career growth and job satisfaction. Learn how S.M.A.R.T. feedback can keep your career going in a positive direction regardless of the emotional needs of others on your team.

Speakers

Sue Spencer

CEO, Seamly Systems, Inc.

Open source software, Next-gen design technology

Wednesday August 10, 2022 9:30am - 10:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Mock interviews/Resume Reviews/Career Coaching

Come get your resume reviewed and/or sign up for career coaching!

Reach out on in the Diana Initiative discord Career Village or stop by the Career Village room channel to sign up

The career village will be staffed during the lunch break to take signups for both resume reviews and mock interviews

Wednesday August 10, 2022 9:30am - 12:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

CTF

CTF

Wednesday August 10, 2022 9:30am - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Lockpick Village

Lockpick Village

Moderators

Lockpick Extreme

Lockpick Extreme

To sign up for the virtual lockpicking village, please register here by 7/10/22: https://www.lockpickextreme.com/product/2022-diana-initiative-lockex-remote-lockpicking-workshop/... Read More →

Wednesday August 10, 2022 9:30am - 6:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

Lockpick Village

10:00am PDT

Surface Mount Device (SMD) workshop Kit

Learn about surface mounted devices (SMD) by putting together your own blinky heart pendant!

You must purchase your kit in advance.

There will be one class of 25 on each day, August 10, and Aug 11.

These are hands on classes and we will provide all the required supplies.

Classes are 10 am to 11 am pacific (local) time.

Prerequisite you MUST have a Diana Initiative 2022 entry ticket for the In Person event on August 10-11, 2022. https://tickets.dianainitiative.org/

Maker Village Website https://www.dianainitiative.org/event/maker-village/

Maker Village Details https://sites.google.com/dianainitiative.org/makersvillage/home

Buy a SMD Kit https://www.eventbrite.com/e/diana-initiative-surface-mount-device-smd-workshop-kit-virtual-tickets-382669563967

Speakers

@TechGirlMN

Wednesday August 10, 2022 10:00am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

10:30am PDT

Break

Feedback Survey

Break

Wednesday August 10, 2022 10:30am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

10:30am PDT

Break

Feedback Survey

Break

Wednesday August 10, 2022 10:30am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

11:00am PDT

Leveraging Software Bill of Material(SBOM) to foster open source software security

Feedback Survey

In this presentation, we demonstrate a proof of concept illustrating how the accuracy and efficacy of the software bills of material generated from source code, build-time and run-time can assist an organization to systematically reduce the open source software security risk. First we walk you through the existing open source tools that we examined for SBOM generation, enumerate the challenges we faced employing them to generate SBOM. Then, we outline the use cases of SBOM. This includes how security teams can take initiatives based on the information extracted from SBOM to run a company-wide program for software life cycle management. We use a purple teaming approach to prioritize vulnerabilities based on information obtained from SBOM. This talk is an enabler for everyone who wants to improve their overall open source software security at scale.

Speakers

Hossein Siadati

Senior Security Engineer, Datadog

Hossein Siadati is a computer scientist and Sr Security Engineer at Datadog. He specializes in addressing software supply chain security, network security, user authentication and fraud issues using technical and social approaches. He holds a PhD from New York University, 2019, and... Read More →

Trupti Shiralkar

Sr Engineering Manager, Datadog

Trupti Shiralkar is a security engineering manager at Datadog. She is passionate about implementing a holistic approach to security and privacy by design and believes in scaling product security through “Shift-to-left” transformations. She holds a Master of Science degree in Information... Read More →

Wednesday August 10, 2022 11:00am - 12:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

11:00am PDT

From Failure to Big Tech: (A)typical Security Job Hunting Strategies

Feedback Survey

As privacy awareness and the number of cyber attacks increase, the need for competent security and privacy professionals is also on the rise. 64% of organizations currently oversee a cybersecurity talent shortage. Students like myself studying information security, however, face countless trouble seeking their first internships. After conducting workforce development research, I adjusted my job-searching strategy and was able to land my internship position at a major tech company. In this talk, I will share the strategies that I used to get my internship offer.

Speakers

Weijia Yan

Carnegie Mellon University - Information Networking Institute Student

A passionate InfoSec advocate, Weijia Yan is a student at Carnegie Mellon University and conducts research in cybersecurity workforce development for CyLab Security and Privacy Institute. She enjoys general cybersecurity education and raising awareness among her community.

Wednesday August 10, 2022 11:00am - 12:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

12:00pm PDT

Essential Guardrails for AWS Organizations

Feedback Survey

While service-level controls in AWS such as configuring security groups and scoping permission policies are important parts of securing your services and applications within an AWS account, it's easy to forget security beyond the account level. This talk will cover "the essentials" of securing your AWS Organization, including securing root account(s), logically organizing AWS accounts, and designing and applying Service Control Policies (SCPs) to restrict actions within multiple accounts. We'll walk through the implementation and testing of selected SCPs, discuss logging within Organizations, and wrap up with actionable takeaways.

Speakers

Cassandra Young (muteki)

Senior Scientist, Cloud Security, Security Risk Advisors

Cassandra (aka muteki) works full time in information security consulting, specializing in Cloud Security Architecture and Engineering. She holds a master’s degree in Computer Science, focusing on cloud-based app development and academic research on serverless security and privacy/anonymity... Read More →

Wednesday August 10, 2022 12:00pm - 1:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

12:00pm PDT

"Hacking" Your Career: How to Successfully Pivot to your Next Professional Role

Feedback Survey

Successfully hacking into your target requires both luck (and knowing when you have come upon that luck) and creativity. In that same regard: your career is not just about “following a path or a set of rules,” but also about knowing when you see an opportunity to seize. This talk will explore how to utilize the penetration testing methodology and a “hacker mindset” to pivot your professional role - whether you are interested in switching from another industry into cybersecurity or in making a career pivot within the cybersecurity industry itself. Attendees will walk away from this talk with not only the tools for a successful career pivot, but also an understanding of how the cybersecurity industry will benefit from the diversity of thought which professionals with varied backgrounds bring.

Speakers

Karishma Asthana

Product Marketing Manager - App Sec, Datadog

Karishma is a Product Marketing Manager at Datadog. She was previously with Accenture Security where she worked as a penetration tester, responsible for helping clients understand and manage their security vulnerabilities. At Accenture, she spent time training non-technical peers... Read More →

Wednesday August 10, 2022 12:00pm - 1:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

The Career Village will be staffed during the lunch break for in person sign ups for resume reviews and/or career coaching

Wednesday August 10, 2022 1:00pm - 1:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

Feedback Survey

Lunch

Wednesday August 10, 2022 1:00pm - 2:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

Feedback Survey

Lunch

Wednesday August 10, 2022 1:00pm - 2:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

Keep Your Enemies Close and Your Secrets Closer

Feedback Survey

Hackers can exploit lazy developers. Remember, an adversary can use detect secrets tools to find secrets in your codebase. If you are worried about leaving credentials in your codebase, you may have employed the very popular Open Source Yelp Detect Secrets. In this talk, she will showcase how she wrapped the Yelp Detect Secrets tool for use in Azure to take results and immediately export them to your backlog and how to use this extension to prevent access to your code.

Speakers

Audrey Long

Commercial Software Engineering (CSE) at Microsoft

Audrey Long is a Senior Security Software Engineer at Microsoft in the Commercial Software Engineering team (CSE), which is a global engineering organization that works directly with the largest companies and not-for-profits in the world to tackle their most significant technical... Read More →

Wednesday August 10, 2022 2:00pm - 2:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

Expedition Behavior: What mountaineers, astronauts, and cybersecurity practitioners have in common

Feedback Survey

What do mountain climbers, astronauts, and cybersecurity practitioners all have in common? High risk situations are a regular part of the job. Whether it’s the vacuum of space, avalanches, or losing customers' data, we have a shared need to collaborate well in adverse conditions. Expedition Behavior is a term originally coined by the National Outdoor Leadership School (NOLS) to describe successful teamwork in the adverse conditions that mountaineers often face. NASA has adopted Expedition Behavior is now part of the astronaut training curriculum. In this talk we will discuss the meaning of Expedition Behavior, how you can adopt it and how you can apply the underlying principles and teachings to a cybersecurity organization.

Speakers

Robin Shostack

Program Lead for Offensive Security (Red Team)Over a 16 year career at Google, Robin has worked in the security, privacy, and identity organizations - as well as several products with over a billion users. Robin is the Program Lead for Google’s Offensive Security (Red Team) operation... Read More →

Wednesday August 10, 2022 2:00pm - 2:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

Mock interviews/Resume Reviews/Career Coaching

Come get your resume reviewed and/or sign up for career coaching!

Reach out on in the Diana Initiative discord Career Village or stop by the Career Village room channel to sign up

The career village will be staffed during the lunch break to take signups for both resume reviews and mock interviews

Wednesday August 10, 2022 2:00pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:30pm PDT

Take the Initiative and Expand Your Network

Feedback Survey

Strengthening your network is essential no matter where you are in your career. This can be a daunting skill to hone as it takes initiative, time, and finding an approach that works best for you and your goals. There are different approaches for various career levels, as well as different approaches for online networking versus in-person networking events, like here at The Diana Initiative.</p> <p>Each speaker will share a story about one way networking has impacted them. Each speaker is at a different place in her career. Two of the speakers have pivoted to cybersecurity within the last five years and one is in a senior leadership role. After the three speakers share some of their stories and how networking impacted them, they will discuss specific Tactics, Techniques, and Procedures (TTPs) of effective networking for both in-person and virtual interactions. Additionally, strategies around what to do next after networking, how to balance, and how to say no to requests will be discussed. Finally, the speakers will close with a group structured workshop where there will be time to practice the learnings from the talk.

Speakers

Alyssa Miller

Chief Information Security Officer, Epiq Global

Alyssa Miller is a life-long hacker, programmer, and security executive. She’s always had a passion for computers. She bought her first PC at age 12 and taught herself BASIC programming. Her career began as a software developer and later pivoted to security as a penetration tester... Read More →

Meghan Jacquot

Security Engineer, Inspectiv

Meghan Jacquot is a cybersecurity professional and a curious lifelong learner with a commitment to sharing what she has learned. She is passionate about helping others, speaking at conferences to increase cyber awareness, and is particularly interested in cloud security, threat intelligence... Read More →

Chris Lemmon

Security Engineer, Secure Yeti

Chris Lemmon is a cybersecurity consultant helping high-profile clients understand and enhance their security landscape. As an Advanced Security Engineer for Secure Yeti, Chris is passionate about conducting security assessments and pentests to provide her clients with actionable... Read More →

Wednesday August 10, 2022 2:30pm - 3:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:30pm PDT

Android Application Hacking

Feedback Survey

Even though Google Play carefully chooses the Applications for the store, many Android Applications are still vulnerable.
Android App Hacking is a specialization area, so it is much less documented than other pentests. In this session, I will tackle this subject.
After providing instruction for a complete setup of an Android App pentest lab, a deeper dive into the process with static analysis, dynamic analysis, reporting, including video demo and detailed examples on purposefully vulnerable applications will occur.

Speakers

Gabrielle Botbol

Offensive Security Consultant, Desjardins

Gabrielle Botbol is a professional actress who became an ethical hacker.She created a self study program and is dedicated to educating others on how they can do the same.Gabrielle is the heart and the voice of cyber communities and she promotes the values of equality and justice... Read More →

Wednesday August 10, 2022 2:30pm - 3:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:30pm PDT

Break

Break

Wednesday August 10, 2022 3:30pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:30pm PDT

Break

Feedback Survey

Break

Wednesday August 10, 2022 3:30pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:00pm PDT

Red Teaming Cyber's Diversity Problem

Feedback Survey

The skills gap is one of the most pressing issues in cybersecurity, and, unfortunately, part of this problem comes from gatekeeping, unrealistic job requirements, discrimination, stereotyping and unimaginative thinking. Common problems in other male-dominated fields that require undoing decades of exclusion to solve. It’s incumbent upon all companies and communities in cybersecurity to champion inclusion and diversity for women and gender minorities, which puts The Diana Initiative and its audience at the heart of the solution.
In this presentation, we’ll discuss the origins of an online community of women hackers and how utilizing community and mentorship can remove barriers to inclusion for women, trans and nonbinary people, and others who identify as a gender minority. We’ll also discuss best practices and discuss lessons from the first six months of the program to help others interested in similar initiatives. If you are interested in breaking into offensive security or just building an inclusive offensive security community, this session is for you!

Speakers

Emily Peacock

Emily has always had a passion for bringing joy to others, whether that be through smiles, laughter, food, entertainment, acts of kindness or fostering a sense of community. Prior to Synack, Emily spent five years as a culture ambassador for tech start-ups building company-wide employee... Read More →

Ryan Rutan

After spending more than two decades building online communities for tech savvy enterprise developers, Ryan (@ryanrutan) returned to his hacker roots as the Sr. Director of Community at the Synack Red Team in 2019. He is a long-time developer/maker at heart and technology innovator... Read More →

Wednesday August 10, 2022 4:00pm - 4:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:00pm PDT

No parking, no problem!

Feedback Survey

What happens if one day you have control of all the parking meters in your city? In this talk we will talk about a problem that I encountered in a parking system in my city, and then you discover many cities with the same system! That talk includes nfc, sql, reverse engineering, and other herbs

Speakers

Ignacio Navarro

Sr Software Engineer, AttackIQ

My name is Ignacio, I am 24 years old and I am from Río Cuarto, Argentina.I am currently working as a Sr. Software Engineer at Attackiq.I started to enter the world of infosec about 5 years ago.My interests include code analysis, webapps security and cloud security.

Wednesday August 10, 2022 4:00pm - 4:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:00pm PDT

Cybersecurity Hiring - The Hiring Manager & Recruiters’ Viewpoint

Please note: This panel is in-person only and will not be live-streamed or recorded.

Speakers

Kirsten Sireci Renner

National Security Recruiting Lead, Accenture Federal Services - Previously Novetta

Possibly best known as the co-organizer of Car Hacking Village and serial volunteer across our community, Kirsten has been in the recruiting space in InfoSec since 2010.For the last decade Kirsten has been on a mission to build a better candidate experience for everyone through strategic... Read More →

Tracy Maleeff

Security Researcher, Krebs Stamos Group

Previously worked at New York Times and GSK. A former librarian with a Master of Library & Information Science degree. Your guide up a mountain of information!

Caitlin Cooke

Head of Talent Acquisition and Programs, Prelude

Caitlin is a startup talent coach with extensive recruiting experience spanning across Disney, Accenture, and Google. She was the first recruiting leader at GitHub, and has since joined smaller startups to scale their hiring from the ground up. Caitlin is now the Head of Talent Acquisition... Read More →

John Stoner

Cybersecurity Strategist, Booz Allen Hamilton

Mr. Stoner, a CISSP holder, has over 21 years of experience in the US Intelligence Community (USIC), DOD, and national security industry with 12+ focused in cybersecurity. He is a cybersecurity specialist who excels in an impactful, dynamic role, ideally across verticals, or serving... Read More →

Caroline Sullivan

Like many others in the recruiting industry, Caroline did not plan on this particular career. While job searching after being laid off, she interviewed with a staffing agency for an opening with one of their clients and they ended up offering her a position internally as an agency... Read More →

Wednesday August 10, 2022 4:00pm - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:30pm PDT

Breaking Silos: Your Operational Experience Is Needed in Legislative & Policy Spaces

Feedback Survey

Do you ever wonder how cybersecurity laws get crafted? Even how the ideas come up? Too often, legislators and their staffers are looking for ideas on how to close cybersecurity workforce gaps and increase security and resilience across critical infrastructure to combat the ever-increasing cyber-attacks and data breaches. However, not all cybersecurity practitioners are aware of the different avenues they can provide their operational experience, and how they can help legislators and their staffers understand the operational implication of their legislative proposals. If you are interested in learning how to participate in the conversations or pivot into cybersecurity policy to help improve how legal and regulatory frameworks are shaped – then attend this lightening talk! You can help policy decision makers avoid complicating the work of operators and analysts. I’ll go over why your experience and input is needed, which communities to join and events to participate in, and how to pivot into cybersecurity policy field at the Federal, SLTT, or Industry level (including Academia).

Speakers

Ayan Islam

Associate Policy Director, Cybersecurity and Emerging Threats, R Street Institute

Ayan Islam is the associate policy director of Cybersecurity and Emerging Threats at R Street Institute. She supports the oversight and development of the Cybersecurity and Emerging Threats program and provides subject matter expertise in public policy strategy development and implementation... Read More →

Wednesday August 10, 2022 4:30pm - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:30pm PDT

Open Source: Taking initiative as a Community

Feedback Survey

It’s estimated 98% of codebases contain open source code. Open Source at its root facilitates community driven innovation, collaboration, and development of new technologies. More transparency = more secure, right? The hard truth is, many vulnerabilities can lay dormant in a codebase for years before being exploited in the wild, leaving entire software supply chains under attack. This talk will discuss how we can continue to push and tackle these issues in the community.

How should we be engaging with maintainers and contributors?
What would you do if a critical piece of your application relies on a package that has been abandoned?
Are our threat modeling processes sufficient?

Log4Shell was a wakeup call for many, let’s talk about what meaningful actions we can take.

Speakers

Sara Garvey

Senior Security Researcher, Contrast Security

Sara is a Senior Application Security Researcher with Contrast Security. Her primary area of interest is within Open Source Security. Sara, in her free time, enjoys participating in CTFs and external vulnerability research.

Wednesday August 10, 2022 4:30pm - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

5:00pm PDT

Transforming Secure SDLC to Scale in a Continuous Deployment World: Building Roads

Feedback Survey

You probably hear the phrases 'continuous development', ‘continuous deployment’ or ‘CI/CD’ quite often, but they’re often used in ways that make their meanings unclear. In this talk we will go over common industry terms and how [Company X and Company Y] are managing this transition in our development processes while meeting and surpassing our security standards. At the end of the session, the audience will learn/understand:

Common continuous deployment terminology
Techniques to transition from process-based security controls to technical security controls
Avenues for enabling developers to make good security decisions

Speakers

Natalya Krecker

Wednesday August 10, 2022 5:00pm - 6:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

5:00pm PDT

Threat Modeling in 600 seconds or less (ok, I lied, more like 2,400)

Feedback Survey

Threat Modeling in only 10 minutes? I’m in!! Oh wait, it’s really 40 minutes? That’s cool, I can work that in. Yes, Threat Modeling is both FUN and EXCITING and can shave tons of time off SDLC - if done right. So let’s get down and dirty and see what it takes to do a good Threat Model!!

Speakers

Kat Fitzgerald

Security Engineering Mgr, Google

Based in Seattle and a natural creature of winter, you can typically find me sipping Grand Mayan Extra Anejo whilst simultaneously defending my systems using OSS, magic spells and Dancing Flamingos. Honeypots & Refrigerators are a few of my favorite things! Fun Fact: I rescue Feral... Read More →

Wednesday August 10, 2022 5:00pm - 6:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

6:00pm PDT

Volunteer & Staff Photo

Wednesday August 10, 2022 6:00pm - 6:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

6:00pm PDT

Abortion Tech

In order to protect abortion access in America, it is imperative to understand what abortion is in material terms. This primer will discuss clinical and underground abortion procedures, provider opsec, targeted legislation against abortion access, how abortion access & gender affirming care are linked, and demonstrate how to build a DIY vacuum aspiration device. This talk will be presented from the perspective that abortion should be available on demand, without apology as part of a spectrum of human reproductive rights including gender affirming care and expression of sexual orientation. Providing abortions safely requires a background in healthcare that exceeds the time and content limitations of this talk. Though abortion will be discussed in practical terms, attendees will not be taught how to perform abortions.

*this is a first come first served workshop based on equipment we have on hand

Speakers

Maggie Mayhem

Maggie Mayhem is a former sex worker and current full spectrum doula. She has spoken previously at HOPE as well as DefCon, Skytalks, SxSW, the United Nations Internet Governance Forum, as well as many events and universities around the world. Her website is MaggieMayhem.Com... Read More →

Wednesday August 10, 2022 6:00pm - 8:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

8:00am PDT

Opening Remarks/Welcome

Feedback Survey

Opening Remarks/Welcome

Thursday August 11, 2022 8:00am - 8:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

8:30am PDT

Fuzzing: A Must Have in Your Bug Hunting Arsenal

Feedback Survey

Fuzz testing aka fuzzing is a dynamic software testing mechanism designed to detect a wide spectrum of bugs and potential security vulnerabilities from memory corruption to deadlocks, from undefined behavior to exception handling. In combination with appropriate program instrumentation, fuzzing has proven its effectiveness to software developers, security validators as well as security researchers. Although, fuzzing can greatly assist in bug finding, it has its own sets of challenges such as coverage wall, effective input generation etc. In this talk, we will explore the common roadblocks in fuzzing and some of the best practices to overcome these challenges as well as how to best utilize the potential of fuzzing to find bugs and security vulnerabilities. In addition, this talk will highlight how fuzzing can be adopted in the firmware domain despite the tight coupling with the target hardware platform.

Speakers

Priyam Biswas

Offensive Security Researcher, Intel

Priyam Biswas is an Offensive Security Researcher at Intel. Her areas of expertise include secure system development via fuzzing, sanitization, static and dynamic analysis. Dr. Biswas earned her PhD in Computer Science from Purdue University where her research focus was on applied... Read More →

Thursday August 11, 2022 8:30am - 9:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

8:30am PDT

Building Secure Apps Starts With Secure Relationships

Feedback Survey

Secure Application Development is more than just the software itself; it's about knowing who is creating the software. One of the most important relationships we'll have as a security professional, is the one we have with teams across the business - we can't build a secure organization on our own! We'll cover some common problems that arise from insecure relationships, including teams not being aware of your existence or processes, requests for help arriving too late or being lost in the noise, and only finding out about new features or products after they've gone live. This talk aims to give you practical examples and actions to help you take the initiative, to facilitate better conversations with teams, and cultivate stronger partnerships that encourages teams to reach out for help earlier and more often.

Speakers

Yianna Paris

Offensive & Application Security Specialist

I’m an Offensive & Application Security specialist who loves to build things and find creative ways to break them. When I’m not developing attacks, I’m teaching how to protect against people like me. I bring red team curiosity into a collaborative approach by redefining purple... Read More →

Thursday August 11, 2022 8:30am - 9:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

8:30am PDT

Lockpick Village

Lockpick Village

Moderators

Lockpick Extreme

Lockpick Extreme

To sign up for the virtual lockpicking village, please register here by 7/10/22: https://www.lockpickextreme.com/product/2022-diana-initiative-lockex-remote-lockpicking-workshop/... Read More →

Thursday August 11, 2022 8:30am - 4:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

Lockpick Village

9:00am PDT

CTF

CTF

Thursday August 11, 2022 9:00am - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:00am PDT

Makers Village

Makers Village

https://www.dianainitiative.org/event/maker-village/

https://sites.google.com/dianainitiative.org/makersvillage/home

Speakers

@TechGirlMN

Thursday August 11, 2022 9:00am - 5:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

372 Million Data Points and a Few Strong Opinions on the State of Attack Surfaces

Feedback Survey

There have been profound changes in security as a result of industry shifts toward cloud-native development, resilient architecture, and microservices adoption. My analysis of 372 million cyber assets, findings, and policies at 1270 organizations reveals just how significant the changes in the average asset inventory have been, and the profound impact on security teams.

This talk will share original, peer-reviewed research on the state of asset inventories and attack surface management at contemporary organizations and analysis of what it means for security teams, providing insight and advice for blue teamers, security leaders, and cloud engineers.

In particular, research will cover the industry average (mean) of 120,561 findings in backlog means for security team burnout and how the ratio of cyber assets to practitioners has reached dire levels. The talk will also cover how current security skills training does not reflect the realities of our cloud-native asset architectures, and why ultra-reliable network architecture demands new approaches to security.

Finally, the talk will provide original research and analysis of supply chain risk, as well as insight into the most common blind spots for security practitioners - based on analysis of asset inventories compared to practitioner queries of their environments.

Speakers

Jasmine Henry

JupiterOne

Jasmine "Hex" Henry is Field Security Director at JupiterOne and lead author of The 2022 State of Cyber Assets Report (the SCAR). Previously, she was a Director of Security at a different SaaS startup where she became a JupiterOne customer in September 2019. She is an accidental career... Read More →

Thursday August 11, 2022 9:30am - 10:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Being Your Own Project Manager

Feedback Survey

Senior technologists are often tasked with “dealing with ambiguity”. It can be daunting to get started with project management when you are used to getting tickets. This framework will walk through the entire project process, from ideation to presentation. This includes practical exercises like Impact Effort Matrix for planning and Success Statements for reporting as well as techniques for delighting stakeholders while keeping your teammates from burning out. Owning your project management means knowing you are doing the right work while having a broad impact.

Speakers

Michelle Brenner

Senior Software Engineer, Netflix

Michelle (she/her) is a Senior Software Engineer, with 11 years of experience in tech, from engineering support to manager. A Philadelphia native that now calls Los Angeles home, she is an art school graduate and a self-taught engineer. She enjoys making it easier for others to create... Read More →

Thursday August 11, 2022 9:30am - 10:30am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

9:30am PDT

Mock interviews/Resume Reviews/Career Coaching

Come get your resume reviewed and/or sign up for a Career coaching!

Reach out on in the Diana Initiative discord Career Village or stop by the Career Village room channel to sign up

The career village will be staffed during the lunch break to take signups for both resume reviews and mock interviews

Thursday August 11, 2022 9:30am - 12:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

10:00am PDT

Surface Mount Device (SMD) workshop Kit

Learn about surface mounted devices (SMD) by putting together your own blinky heart pendant!

You must purchase your kit in advance.

There will be one class of 25 on each day, August 10, and Aug 11.

These are hands on classes and we will provide all the required supplies.

Classes are 10 am to 11 am pacific (local) time.

Prerequisite you MUST have a Diana Initiative 2022 entry ticket for the In Person event on August 10-11, 2022. https://tickets.dianainitiative.org/

Maker Village Website https://www.dianainitiative.org/event/maker-village/

Maker Village Details https://sites.google.com/dianainitiative.org/makersvillage/home

Buy a SMD Kit https://www.eventbrite.com/e/diana-initiative-surface-mount-device-smd-workshop-kit-virtual-tickets-382669563967

Speakers

@TechGirlMN

Thursday August 11, 2022 10:00am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

10:30am PDT

Break

Feedback Survey

Break

Thursday August 11, 2022 10:30am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

10:30am PDT

Break

Feedback Survey

Break

Thursday August 11, 2022 10:30am - 11:00am PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

11:00am PDT

AIs: ATS & Your Cybersecurity Job Search

Feedback Survey

Online job submission platforms can be frustrating. If you are in the process of searching for your next role, you’re likely interacting with an AI-powered ATS (Applicant Tracking System) at some point in the process. ATS is used by a large percentage of Fortune 500 companies for hiring. How are bots helping humans with hiring? Let’s talk about what ATS systems are, why companies use them, and how ATS automates certain processes using AI and NLP. We’ll also discuss how ATS systems impact your own search, cover letters, and formatting tips for your resume with ATS in mind.

Speakers

Christina Stokes

Christina Stokes is a vCISO and the Vice President of Operations at Salt Cybersecurity. She has earned an M.S. in Cybersecurity Policy and an MBA. She writes about different cybersecurity topics online. Christina started her career working on US and NATO military installations overseas... Read More →

Thursday August 11, 2022 11:00am - 12:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

11:00am PDT

Take a Deep Breadth

Feedback Survey

Often in our cybersecurity path we are given the message that we must specialize in one technical area. To tie ourselves to one domain, becoming the most technical person in the room to be successful, to have ‘made it.’ However, there are endless interesting areas of security; penetration testing, threat hunting, product security, malware reverse engineering - attack, defend, research, even develop products! Why should we choose only one?

We don’t have to.

I’ve spent most of my decade in security jumping around to different roles. From malware reverse engineer to cloud security engineer, engineering manager and now head of a new detection and response program. I want to present an argument for the benefits of breadth in your security career, through reviewing what I’ve learned about the most useful skill sets for mobility. I hope to leave you with a sense of freedom to try different types of domains - both technical and organizational, and end up building an impressive career.

Speakers

Jackie Bow

Head of Detection and Response, Asana

A Jackie-of-all- trades, master of some, Jackie seems to be physically unable to stop returning to threat detection and response. Her 10+ years in the industry have been spent in malware analysis, reverse engineering, and infrastructure and product security. She has been an analyst... Read More →

Thursday August 11, 2022 11:00am - 12:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

12:00pm PDT

The Kids Are All Right

Feedback Survey

The information security industry is facing a skills crisis, a cultural crisis, and a diversity crisis. Studies have found that this industry is facing one of the highest workforce shortages and facing a lack diversity within the workforce. The shortage of talented and motivated members is felt globally, with online safety something all members of our countries desire. This leaves many wondering: How can we address these crises and bridge that gap to engage, interest and empower the younger generations?

This talk focuses on youth community engagement and introduces Kids Securiday. We’ll discuss our experience bringing cyber security education to youth in Papua New Guinea (PNG), an island country in the southwestern Pacific Ocean. This country is known for its vibrant wildlife and rich diverse culture. However, women are disadvantaged in PNG socially, culturally, economically, and politically. The prevalence of violence against women and girls is one of the highest in the world. Highlighting the benefits, an overview of the education delivery model will be presented. We’ll cover how the workshops were formulated and share feedback from the participants and tutors. These insights can help those wishing to consider outreach activities to the younger generations and educators in areas where formal pathways may not be available.

Kids Securiday, established in Australia in 2017, has been running events for students all around the world. The program was recognized with Australian Information Security Association's "Best STEM Program" award in 2021. These events focus on being fun and inspirational – with the intent to share knowledge with passion. We will share this inspiration with attendees, along with ideas and information on how to education the next generation.

Speakers

Heidi Winter

Founder, Kids SecuriDay

Founding Kids SecuriDay in 2017 out of an interest in sharing knowledge and her passion in STEM with the younger generations, Heidi is an enthusiastic security professional. She has worked in IT for over 20 years, where she has had the opportunity to experience both government and... Read More →

Jessie Richardson

Mentor, Kids SecuriDay

Jessie has worked in ICT for nearly 10 years - from systems administration and web development to communications and training, hardware refresh programs and various security programs - Jessie has done a bit of everything. Jessie brings a passion for IT and security education to our... Read More →

Thursday August 11, 2022 12:00pm - 1:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

12:00pm PDT

GRC - The Swiss Army Knife

Feedback Survey

Governance, Risk, and Compliance is a necessary function of any organization. Unfortunately, GRC can often be seen as a blocker. Often stopping work due to not meeting compliance standards, risks, or other critical items.

When established correctly, GRC can actually be an enabler for the organization. Removing roadblocks, letting the organization move faster.

The reference to the Swiss Army Knife can demonstrate the functionality GRC can bring to any organization… enabler, liaison, confidant, advocate, communicator, trainer, and many more.

This topic will take a look at turning your GRC program into a Swiss Army Knife. Reduction in frustration when working with GRC, removing roadblocks, communication ahead of issues all in the pursuit of a guardrails approach to security and compliance. Ultimately allowing the business to work faster, while staying within the parameters of what we expect in Governance, Risk, and Compliance. Talk is non-industry, regulation specific and can be applied generically towards any GRC program. Takeaways will enable you to apply these concepts at your organization, not just for GRC but any team looking to improve overall functionality.

Speakers

Rose Songer

Sr. Manager, IT Compliance, Spring Health

Rose is a Sr. Manager of IT Compliance with Spring Health. Within her role, she develops and matures the overall IT Compliance department for Spring Health. She oversees all Governance, Risk, and Compliance activities. Prior to her role at Spring Health, she worked as consultant for... Read More →

Thursday August 11, 2022 12:00pm - 1:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

The Career Village will be staffed during the lunch break for in person sign ups for resume reviews and/or mock interviews

Thursday August 11, 2022 1:00pm - 1:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

Feedback Survey

Lunch

Thursday August 11, 2022 1:00pm - 2:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

1:00pm PDT

Lunch

Feedback Survey

Lunch

Thursday August 11, 2022 1:00pm - 2:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

Beginning Soldering - Hands on Workshop

This class teaches you the basics of soldering as you build the BiaSciLab Fluffy McGlitter Sparkle badge!
You can also order a badge on line and follow the lessons on my Girls Who Hack site.

This class is open to up to 20 people on a first come first serve basis - no fee!

https://biascilab.com/

Thursday August 11, 2022 2:00pm - 3:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

The Log4J Rollercoaster - from an incident response perspective

Feedback Survey

Log4J was a merry Christmas call for many teams around the world. This talk will share our story of how we were among the first to respond to in-the-wild attacks, helping the community manage and understand how to prepare for such an incident. Log4J did not catch us unaware, but we did not connect the dots at first. Who would have guessed that chatter of a new vulnerability in Minecraft is related to a wave of coinminer incidents we responded to? This talk will cover the line between threat intelligence, responding to cyber incidents, releasing open-source tools, and helping our customers and the community! We will not focus on the technical analysis of the vulnerability (there are plenty of talks like that already). Instead, our focus is on how an organization prepares for such incidents ahead of time. For example, laying the pieces in place to be ready for the unknown (e.g., being aware of vulnerabilities in vendor appliances before they are!)

Speakers

Guy Barnhart-Magen

CTO, Profero

In his role as the CTO for the Cyber crisis management firm Profero his focus is making incident response fast and scalable, harnessing the latest technologies and a cloud-native approach.Most recently, he led Intel’s Predictive Threat Analysis group which focused on the sec... Read More →

Brenton Morris

Brenton leads Incident Response engagements on a daily basis. From sophisticated cloud attackers to ransomware events. Brenton has a unique set of combined security research and developer experience, allowing him to resolve many cyber-attacks while fully understanding the impact on... Read More →

Thursday August 11, 2022 2:00pm - 3:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

The Real Cost of Free: What you need to know before downloading a free app.

Feedback Survey

With plenty of free security software options out there, it’s easy to wonder why you would want to pay for online protection. We all love free apps, right? The idea that one has to pay for software can drive away many users, whereas applications that offer free services, are always enticing. However, a basic fact which is often neglected is that the application owners advertising their creations for “free”, have to generate profits in some way.

Mobile devices are stores of sensitive information and believe it or not, we are constantly sending a lot of information to some third-party app all the time. Installing a free app on our device(s) may not seem like a big deal at first but we need to understand the monopoly and concentration issues surrounding companies that own these apps, and how these companies are tracking & handling our data.
So, Next time you find a free software, take a pause and think…is this free software truly free? Maybe if you are not paying for something, YOU are the product.

Speakers

Ruchira Pokhriyal

Associate Cloud Developer-Security, Amazon Web Services

Ruchira Pokhriyal is a seasoned Cybersecurity expert who holds specialization in Web-Application PenTesting, Cloud Security & Digital Forensics. Her educational qualifications include a Bachelor’s & a Master’s degree in computer Science & another Master’s degree in Cybersecurity... Read More →

Thursday August 11, 2022 2:00pm - 3:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

2:00pm PDT

Mock interviews/Resume Reviews/Career Coaching

Come get your resume reviewed and/or sign up for a mock interview!

Reach out on in the Diana Initiative discord Career Village or stop by the Career Village room channel to sign up

The career village will be staffed during the lunch break to take signups for both resume reviews and mock interviews

Thursday August 11, 2022 2:00pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:00pm PDT

Vendor Risk Management for Beginners

Feedback Survey

Companies of every size and industry must evaluate the security risks introduced by third-party apps and services. Getting compromised by an outsider is bad, but getting compromised through a vendor can be much worse due to their access to company data and use within closed networks. This talk will provide a primer for getting started on third-party vendor review and risk management, including tips to improve your organization's data and security posture. Attendees will learn how to classify the sensitivity of data, how to do this work within a team, what risk acceptance is and how it works, and what resources may be available to you within your company.

Speakers

Christina Liu

Enterprise Security Engineer, Cisco Meraki

Christina Liu is a ex-circus performer turned web developer turned Enterprise Security Engineer. She’s worked in highly regulated tech industries such as healthcare and finance. In her current role, she is the vendor review SME performing reviews and security integration liaison... Read More →

Thursday August 11, 2022 3:00pm - 3:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:00pm PDT

Connecting Dots Between Security Teams & Customer Expectations

Feedback Survey

When working in security organizations in a client facing role, it is important you are able to understand and manage client expectations, especially non-technical ones, whilst translating these to security teams to ensure the successful execution of security projects.

As a woman in cybersecurity that has moved from a technical role to a client facing one, I have a unique perspective on how to overcome client and technical team biases and stereotypes to ensure that everyone’s requirements are aligned and understood.

Doing so requires you to wear multiple hats (and to swap them at a moment’s notice!).

In this talk I will talk about what it takes to connect dots between security teams and customer expectations to deliver outstanding project management results.

Speakers

Shruthi Kamath

Customer Success Manager, Appsecco Limited

Shruthi has been heavily involved in the cybersecurity industry for nearly a decade, with her accomplishments including:Co-founding Infosecgirls, a community for women passionate about information Security.Being an invited panelist at AppSec USA, 2015, for a discussion on “Encouraging... Read More →

Thursday August 11, 2022 3:00pm - 3:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:30pm PDT

Break

Feedback Survey

Break

Thursday August 11, 2022 3:30pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

3:30pm PDT

Break

Feedback Survey

Break

Thursday August 11, 2022 3:30pm - 4:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:00pm PDT

You're Gonna Need A Bigger Boat: Building Technical Solutions to Ethical Problems

Feedback Survey

Last year I started working as a privacy engineer for a cybersecurity start up as it began building a privacy compliance product for the ad tech industry. I found myself navigating some complex ethical and legal tensions and trying to translate them into efficient business processing rules and control flows, with a compass that was constantly evolving. Our North Star has been that the further we stray from the consensus the less credibility we have as enforcers but where does that leave you when you’re building ahead of consensus or the consensus left out some major stakeholders? How do you protect consumer privacy while allowing your clients to keep operating effectively? How do you surface and attribute violations when there is no clear bad guy or your client may be the one at fault? And how do you distill laws and regulations into business processing rules and control flow logic?

Speakers

Kaileigh McCrea

Privacy Engineer, Confiant

Kaileigh is a Privacy Engineer at Confiant, where she researches violations of privacy regulations and user rights in ad tech and builds tools to detect them, and consumes huge amounts of cookies. Before joining Confiant she was a software engineer at Swing Left and Vote Forward where... Read More →

Thursday August 11, 2022 4:00pm - 4:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:00pm PDT

How to Become a Security Partner (and Why You Should)

Feedback Survey

Netflix, Microsoft, Meta, and many other companies are investing in security partner programs, hiring engineers to do internal education and security review across engineering teams. How do security partners elevate internal security competency, and how can you qualify to do this work? This talk will look at several security partner job descriptions and dive into what’s involved in the job from day to day from a first-person perspective. The audience will leave understanding a newer, specialized security role, why they might want to pursue this work, and how they can get the skills needed to successfully apply for these roles.

Speakers

Breanne Boland

Product security engineer - security partner, Gusto

Breanne Boland is a product security engineer with the Security Partnerships team at Gusto. Before moving into security, she was a site reliability engineer and an infrastructure engineer, working in healthcare and govtech. Prior to that, she was a professional writer, and she still... Read More →

Diana 2022 security partners talk Breanne Boland pdf

Thursday August 11, 2022 4:00pm - 4:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

4:30pm PDT

Keynote

Feedback Survey

Keynote

Speakers

Miki Demeter

Security Researcher, Intel

Miki’s career has encompassed everything from firmware to application space. Her last 10 years have had Security focus as a Security Researcher for Intel, working on Secure Development Lifecycle and as a Product Security Expert for Open Source Software. She is a writer, an Award... Read More →

Thursday August 11, 2022 4:30pm - 5:30pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109

5:30pm PDT

Closing remarks / Announcements

Feedback Survey

Clsoing remarks / Announcements

Thursday August 11, 2022 5:30pm - 6:00pm PDT
The Westin Las Vegas And Spa The Westin Las Vegas And Spa, 160 East Flamingo Road, Las Vegas, NV 89109