This is a story of going through typical security challenges: how to build products that reliably deliver security guarantees, avoid typical pitfalls, and are usable in a predictable fashion by real users. It's a tale of balancing religious adherence to security practices with keeping customer's needs in mind at all time inside the development team; listening to the customers and observing actual behavior outside in the wild; and trying to make the best decisions to empower customers with easy tools for encrypting data in their apps securely and without pain.
We'll take a look at the process through the eyes of one of our customers, who made all the things wrong before doing things right, and through the eyes of product engineer, responsible for learning the lessons to make security products even more usable and reliable for non-security-focused engineers.
Key takeaways:
Attendees will go through several stages of inception and implementation of database encryption/intrusion detection tools. They will see the "behind the scenes" work inside a cryptographic engineering company, will see how customers are one of the most useful people to learn from, and how getting over "we tell you what to do" mentality makes security tools better.
vixentael
ogijun2018
blackbracken
twada
usualoma
uhooi
kotomin_m
kentaroutakeda
j5ik2o
takahirom
masayaaoyama
mitchan
cocoeyes02
productmarketing
mraible
swwweet
destraynor
mza
bkeepers
rmw
chriscoyier
kneath
revolveconf
zakiyama
aki_iinuma