Presentation: How Much Does It Cost to Attack You?

Track: Trust, Safety, & Security

Location: Soho Complex, 7th fl.

Duration: 5:25pm - 6:15pm

Day of week:

Slides: Download Slides

More talks on:

This presentation is now available to view on InfoQ.com

Watch video with transcript

Abstract

How much does it cost to attack you and what are attackers getting out of it?   Attacks, breaches, exploits, and malware are nearly a daily occurrence. Why aren’t billion-dollar products solving the problems we’ve had for decades? The problem is two-fold, attacks are getting cheaper to perform and the value of an attack is increasing daily. This is leading to increasingly sophisticated tools attacking platforms that have not kept up.  

In this session, Jarrod will describe the cost vs value justification of an attack, how it shifts over time, and why it means that silver bullets just don’t exist. We’ll walk through the evolution of one of the cheapest modern attacks, credential stuffing, and see what attackers do after they have data and access.

Attackers are clever fraudsters, when you see how cheap it is to exploit you and how much value they wring out of your data it will help you prioritize better protection for yourself and in the software you write.

Speaker: Jarrod Overson

Software Engineer @ShapeSecurity

Jarrod is a Director of Engineering at Shape Security where he led the development of Shape's Enterprise Defense. Jarrod is a frequent speaker on modern web threats and cybercrime and has been quoted by Forbes, the Wall Street Journal, CNET among others. He’s the co-author of O’Reilly’s Developing Web Components, creator of Plato, a static analysis tool for web applications, and frequently writes and records topics about reverse engineering and automation.

Find Jarrod Overson at

Speaker page

https://twitter.com/jsoverson
http://www.linkedin.com/in/jsoverson

Similar Talks

Security Delusions (Not a Sales Pitch!)

Qcon

VP of Product Strategy @capsule8

Kelly Shortridge

Tracks

Tracks

Non-Technical Skills for Technical Folks

Trust, Safety, & Security

Data Engineering for the Bold

Machine Learning for Developers

Software Defined Infrastructure: Kubernetes, Service Meshes, & Beyond

21st Century Languages

High-Performance Computing: Lessons from FinTech & AdTech

Modern Java Innovations

Architecting for Success when Failure is Guaranteed

Building High-Performing Teams

Human Systems: Hacking the Org

Modern CS in the Real World

Developing/Optimizing Clients for Developers

Microservices / Serverless (Patterns & Practices)

Architectures You've Always Wondered About