08-15, 16:00–19:00 (US/Eastern), Workshop B / Tobin 221
This workshop is a hands-on exercise in building a good security program. The presenters have built security programs from scratch at multiple companies and have found that, while the companies can vary, the fundamentals remain roughly the same. The goal here is to bridge the gap between common infosec vendor jargon and practical security engineering work. There’s no shortage of acronyms being invented every week in the realm of security engineering. Instead of wading through these buzzwords that might not even be around by the end of the year, this workshop will dig into the principles that make for a good security program. These principles will then be applied with practical hands-on exercises where you’ll use free and open source security tools to build continuous security automation and alerting similar to ones that have been built when starting new security programs.
Mark El-Khoury started as an offensive security consultant, doing penetration testing and code and design reviews. Mark then expanded his skillset into the defensive side, leading cybersecurity at various organizations and industries, including: gaming, fintech, and biometrics. Mark is a conference speaker, holds security certifications, and was an instructor at a Columbia University cybersecurity bootcamp for over four years. Mark is now Director of Security Engineering at Movable Ink.
Omar is a security engineer who focuses on building secure and reliable systems and in general enabling people to do their best work safely. Omar enjoys doing offensive security research and finding ways to integrate that into his day to day work to make it more impactful. Omar has spoken at multiple conferences on a wide range of topics such as reverse engineering, exploitation techniques, and building useful security tools. Omar is currently a Senior Staff Security Researcher at Betterment.
