November 15, 2016

Six Talks To Hear @Kiwicon 2016

It's Kiwicon week, and myself (@nickmalcolm), @jstr, and @richchetwynd from the ThisData team are going!

Kiwicon is New Zealand's biggest and best hacker / infosec conference. The atmosphere is always friendly (but don't trust the WiFi!), the con is happy to poke fun at itself, and the pyrotechnics are always A+++, would explode again. Here are six talks I'm excited to see this year, and why.

Pyrotechnics at Kiwicon Pyrotechnics at Kiwicon. Photo credit: @sedugconf

Pwning ML for Fun and Profit

Who: Davi Ottenheimer (@daviottenheimer)
Why: We use machine learning a lot at ThisData in our behaviour analytics & prediction engine, and we know there are some big risks in advanced attackers training the model to accept bad behaviour. I expect this talk to open my eyes to some of those possible risks, and in subsequent conversations at the con learn some tactics for tackling them.

Active Incident Response: Kiwicon Edition

Who: Brian Candlish & Christian Teutenberg
Why: Our product detects and automatically mitigates account takeovers, but incident response is a much much broader topic. On top of that, I believe discussing threats and responses with each other to be key in building stronger and safer online spaces for our users. This talk goes through the response an Australian company made during a year-long series of targeted security incidents.

Luring developers with candy and other evil tricks

Who: Eleanor Saitta (@dymaxion)
Why: Eleanor will be talking about the bridge between security teams and "everyone else", and the fear in that relationship. Making security approachable to everyone is something that really pushes my buttons, as there is so much room for improvement both within organizations, and in the way security vendors like ThisData sell to those organizations.

Attacking OSX for fun and profit

Who: Dan Tentler (@viss)
Why: One of my favourite videos for showing "regular folk" the risks of identity theft is "What Happens When You Dare Expert Hackers To Hack You". It shows just how easy it is for criminals to hack you with social engineering. Viss was also asked to hack a journalist, and I'm super interested to hear his experience first-hand.

Compliance in the Cloud: It's what you make of it

Who: "Geoff"
Why: Compliance is a big driver for organizations who reach out to ThisData for help. From this talk I hope to learn a new way to phrase cloud security problems and solutions, and therefore have better and more accessible discussions with potential customers.

Can applications contain themselves?

Who: Jess Frazelle (@jessfraz)
Why: This looks to be a talk which - I'm not afraid to say - will go over my head, and that's why I'm excited to see it. I'm not super familiar with docker's lower-level implementation details, nor its security risks. I can't wait to be scared/inspired/empowered to learn more!

What about you?

What talks are you looking forward to? The full schedule is online here: Tweet at us if you're going to be there, we'd love to meet up with you!!


The future of authentication

Today I’m excited to announce a deal that we have been working on for the past few months and how that will impact the future of contextual ...

Introducing custom security rules

For the past few years we’ve been working hard to create a plug and play adaptive risk engine. We designed our core service using a mix of b ...