Reusing Security Solutions in Novel Domains - Teaching an Old Dog New Tricks
Offered By: USENIX Enigma Conference via YouTube
Course Description
Overview
Explore how security tools and techniques can be repurposed to address challenges in performance, compliance, privacy, and data abuse in this 17-minute conference talk from USENIX Enigma 2022. Discover case studies from Meta, including how static taint flow analysis, originally developed for security purposes, was applied to ensure proper handling of user locations in Instagram Threads. Learn about additional examples where product security tools have been adapted to detect implementation flaws across various domains. Examine the limitations of this approach, considering tool constraints, organizational structures, and the need for defense in depth. Gain insights into innovative applications of existing security tooling for your organization, covering topics such as logging of passwords, performance regressions, bug bounty programs, data abuse prevention, encryption, and privacy solutions.
Syllabus
Introduction
About me
Motivation
Generalized Solutions
Meta
Generalized Tooling
Case Studies
Case Study 1 Instagram
Static Paint Flow Analysis
Static Chain Flow Analysis
Location Data
Tools
Logging of passwords
Performance regressions
Bug Bounty Program
Data Abuse Bounty Program
Defense in Depth
Encryption
Unsafe Data Access
Privacy
Solutions
Organizational Design
Defense and Depth
Conclusion
Review
Thank you
Taught by
USENIX Enigma Conference
Related Courses
NeuroethicsUniversity of Pennsylvania via Coursera Fundamentals of Online Education: Planning and Application
Georgia Institute of Technology via Coursera Understanding Media by Understanding Google
Northwestern University via Coursera Wiretaps to Big Data: Privacy and Surveillance in the Age of Interconnection
Cornell University via edX Internet, les autres et moi
Certificat informatique et internet via France Université Numerique