FuzzCon brings together software security experts and industry leaders from various sectors to share the benefits of fuzzing, a proven and accepted security testing technique. Through education, community building, and networking, FuzzCon aims to make this advanced technique accessible and help organizations realize the value of this emerging trend in continuous software testing.
FuzzCon 2021 will be a hybrid event, both in-person in Las Vegas, NV** and streaming online through a virtual event platform.
**The Industrial: 2330 S Industrial Rd, Las Vegas, NV 89102
ForAllSecure CEO, David Brumley, received his Ph.D. in Computer Science from Carnegie Mellon University, MS in Computer Science from Stanford University, and a BA in Mathematics from the University of Northern Colorado. Brumley became a tenured Professor of Electrical & Computer Engineering at Carnegie Mellon University in 2016 and went on to become the Director of CyLab Security & Privacy Institute. With over 20 years of cybersecurity experience in academia and practice, Brumley is the author of over 50 publications in computer security and has received numerous awards, including the US PECASE award from President Obama, the highest award in the US for early-career scientists and engineers. In 2012, Brumley, along with his graduate students Athanasios Avgerinos and Alexandre Rebert, co-founded ForAllSecure with the mission to secure the world's critical software. In 2016, ForAllSecure went on to win the DARPA Cyber Grand Challenge with Mayhem, ForAllSecure’s autonomous cyber security system.
Brook S.E. Schoenfield is the author of Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). His latest, Building In Security At Agile Speed (with Dr. James Ransome, Auerbach, 2021), focuses on software security for continuous development practices and DevOps. Brook helps clients with their software security and secure design practices. He mentors technical leaders to effectively deliver security strategies. He consults as a technical leader for IOActive Inc. and SEC Consult America’s holistic security architecture services. Previously, he led product security architecture at McAfee (Intel), Cisco Engineering, IT Security Architecture at Autodesk, and Web and Application Security for Cisco Infosec. He is a founding member of IEEE’s Center for Secure Design and is a featured Security Architect at the Bletchley Park Museum of Computing. He is the originator of Baseline Application Vulnerability Assessment (BAVA), Just Good Enough Risk Rating (JGERR), Architecture, Threats, Attack Surfaces and Mitigations (ATASM), and developer-centric security. He contributed to Core Software Security (CRC Press, 2014), and co-authored Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017).
Rob Cameron is a Technical Director of Infrastructure at Roblox. As a self-described “tech nerd who wants to make gaming infrastructure amazing” Rob has been solving hard technical challenges for 20 years in the industry, consulting with over one thousand different organizations around security and scalable infrastructure. Before focusing on the technical challenges facing the gaming industry, he spent most of his career working in the security space. Most recently he has been focused on gaming as that has been his lifelong passion
Robert Vamosi is a CISSP and award-winning infosec journalist. He is the author of two books -- When Gadgets Betray Us [Basic Books: 2011] and The Art of Invisibility (with Kevin Mitnick) [Little, Brown & Co.: 2017] ‐‐ and is featured in Code 2600 , a feature-length documentary on the history of computer hacking.
Welcome to FuzzCon 2021 with David Brumely, ForAllSecure CEO & Co-founder
It’s no secret that “Hacker Summer Camp” is a lot of fun. But, security conferences remain a long way from celebrations of victory. The breaches just keep rolling in, while the cadence of compromise increases. Fingers get pointed; blamestorming ensues. And yet, we keep applying the same, tired, often simplistic solutions to this thorny, complex, multi-dimensional problem that we call, “AppSec” or software security. Are our assumptions flawed? Is what “everybody knows” i.e., industry folklore, holding us back? And what part do testing techniques like fuzzing play in creating challenges, while at the same time offering us potential solutions? Please join author, security architect, and technical leader, Brook S.E. Schoenfield, to explore these questions and their possible answers.
Moderated by The Hacker Mind podcast host, Robert Vamosi.