Sam Freund

Sam Freund
Rally Health

(NB: In 3rd person, feel free to edit if 1st person is the norm.)

Sam has long been interested in security and cryptography, and has managed to make it official again since the beginning of the year at Rally Health, moving from leading a product-focused engineering team to leading application security. When not worrying about the future of the digital world, he can be found playing pinball, chasing his 7-year-old around, and trying to write a fully-functional relational database in malbolge.

Abstract

There are lots of threats out there, and just as many methods to combat them -- near to every developer's heart is application security, part of any layered defense against the bad guys, a field that has only recently gained traction in the Scala community. Come see how to improve your program!

Details

Application security, while not a new field, is often a "new to you" field for many developers. Depending the types of systems programmers work on, they have a completely different set of concerns -- this talk will focus on internet-facing websites and the problems they face, but a lot of the lessons learned are applicable everywhere, especially as it related to building security into a software development lifecycle.

Many of the common tools available to application developers -- specifically automated scanning -- is only recently available (and useful) to the Scala community, and is slowly gaining traction. This talk will primarily cover the basic concepts of application security, as well as some of the tools that are now available to you as Scala engineers, all in one whirlwind 15 minutes!

We'll end with a call to arms to get more Scala types involved in improving the tools that security professionals can use -- we have a lot to learn from each other, and there aren't too many efforts out there in the wild to make things better.