Security issues seem to be all over the news—if it’s not another leak of millions of people’s personal data, it’s how hackers are subverting elections, company intel, and just maybe critical infrastructure. We’re encouraged to look back and perform retrospectives after delivering products, so how about we look back at the early days of security? Mike Andrews will review his past STAREAST presentations on security to see how they—and the testing techniques prescribed—held up. Through examples of server misconfigurations, SQL injection, and simple logic attacks, we’ll time-travel through...
Mike Andrews
Mike Andrews is the founding head of engineering at Open Raven, a brand-new VC-backed startup helping companies manage data security across their infrastructure. He has spent over 20 years working in academia, large corporations, and startups, blending knowledge as a software engineer and manager (building) and as a security practitioner (breaking). Mike led teams researching one of the first behavior-based antivirus systems, was responsible for ensuring Bing.com protected itself from abuse, designed the core messaging platform for Cortana, and directed multiple site reliability teams across Azure. A frequent author and speaker, Mike’s co-authored book How to Break Web Software: Functional and Security Testing of Web Applications and Web Services was released at the 2006 RSA conference, where it was the conference’s best seller, and a Jolt awards finalist.