Fastly Security Speaker Series: Second Edition
In February, our Chief Security Officer Window Snyder announced the Fastly Security Speaker Series, which we created to share cutting edge security topics with the wider community. We hosted over 50 security researchers and engineers in an event focused on machine learning and reverse engineering.
Today, we’re happy to announce the second event in our Fastly Security Speaker Series, which will take place on May 25th from 6:00 to 8:45 pm. Join us at Fastly’s San Francisco headquarters for food, drinks, and ample opportunity for good discussion with your peers in the security research community. You can register to attend here.
The upcoming event will have a strong focus on hardware and firmware security, as presented by Teddy Reed and Jasper van Woudenberg. More about our May 25 speakers and the evening’s presentations:
Teddy Reed is a Security Engineer at Facebook, developing production security tools. He is very passionate about trustworthy, safe, and secure code development. He loves open source and collaborative engineering when scale, resiliency, and performance enable defensive and protective software design.
Teddy’s talk will take a different approach to hardware and firmware security by exploring how our enterprise defenders can recognize vulnerable systems and potential compromise:
Defense begins with visibility, that means baselining kernel drivers, kernels, boot loaders, ACPI table content, SMBIOS metadata; it then continues into logging real time OS API-generated hardware events. This data and pipeline can fuel existing correlation and IoC collections to identify known good and eventually known bad. Creating production deployable and repeatable recipes for these somewhat esoteric features is essential. We will present a summary of immediate tools and actions for “deep systems defense,” an analysis of where our defenders remain blind to compromise, and recommendations on where our industry can focus tailored effort to generate massive impact.
Jasper Van Woudenberg is CTO of Riscure North America. He serves as principal security analyst and is ultimately responsible for Riscure North America's technical activities. Jasper will discuss side channel analysis and fault injection, or how physical access can still imply security:
Hardware attacks, once a niche field restricted to military and early smartcard security researchers, are becoming more relevant with the explosion of embedded devices that surround us. On the technical side, this talk will introduce side channel and fault injection techniques, and how these affect the security of any device "out in the field,” and what software and hardware devs can do to mitigate these attacks. In the grand scheme of things, this talk will put these attacks in context of the future of (embedded/IoT) security.
If you’re curious about the state of the art in hardware security, and want to learn more about techniques you can use to defend your organization against these types of security issues, register here to join us.
We look forward to welcoming you on May 25!