Dwayne McDaniel
Developer Advocate at GitGuardian and huge fan of open source
Chicago, Illinois, United States
Actions
Dwayne has been working as a Developer Relations professional since 2015 and has been involved in tech communities since 2005. He loves sharing his knowledge, and he has done so by giving talks at over a hundred events worldwide. Dwayne currently lives in Chicago. Outside of tech, he loves karaoke, live music, and performing improv.
Badges
Area of Expertise
Topics
Who Goes There? Actively Detecting Intruders With Cyber Deception Tools
Intrusion detection works best when you can discover the attacker while they are still in the system. Finding out after the fact does little to protect your systems and your data.
Ideally, you would want to set an alarm that an attacker would trigger while limiting the damage to your environment. We can use these behavioral patterns to our advantage by engaging in defensive cyber deception.
You might already be familiar with the concept of honeypots, false systems, or networks meant to lure and ensnare hackers. There is a subclass of honeypots, called honeytokens, that require almost none of the overhead, are simple to deploy, are used by many industries, and lure attackers to trigger alerts while they are trying to gain further access.
Takeaways:
- Analysis of recent breaches for common attack behaviors
- A history of cyber deception and the evolution of honeypots in defensive strategies.
- Understanding how honeytokens work
- Maximizing the impact of honeytokens
Solving Secrets Sprawl Takes More Than Security: Why Machine Identity Is Everyone's Problem
When a security event occurs, most teams tend to jump into a circle of blame. Everyone takes their turn saying, "It can't be my fault." Unfortunately, for many companies, the Security team is ultimately seen as at fault when a breach happens; after all, it is a security incident.
Long-lived credential leaks, aka secrets sprawl, are possibly the single largest security risk every organization is currently facing. No security team can solve this growing issue on its own. This is going to take a full team effort and rethinking some of the relationships and silos we have become accustomed to in the tech world. There has never been a better time to rethink how we build complex applications and how they interact with the world.
In this talk, you will:
- Get an update on the latest secrets security research
- Ask who really owns security and identity
- Map possible routes for a secrets-free future
- Rethink git and pull requests workflows and see why that is more involved than you think
Secrets Security End-To-End
Credentials allow human-to-machine and machine-to-machine communication. According to recent research, 93% of organizations had two or more identity-related breaches in the past year. It is clear that we need to address this growing issue. Unfortunately, many organizations are OK with using plaintext credentials, which we should all know not to do by now.
These go beyond just adding these credentials to build systems and into our code. Secrets sprawl into our local scripts, communication tools, and project management tickets daily. Attackers know this and are counting on you not getting a handle on the problem by the time they break in.
Given the scope of the problem, what can we do? Let's make a plan!
- Secrets Detection
- Secrets Management
- Developer Workflows
- Secrets Scanning
- Automatic Rotation
By the end of this session, you should have a clear roadmap for taming the machine identity mess in your code and pipelines.
PHP Tek 2025 Sessionize Event
Devnexus 2025 Sessionize Event
CodeMash 2025 Sessionize Event
Chattanooga DevOpsDays 2024 Sessionize Event
AI Summit Vancouver Sessionize Event
BSides Orlando 2024 Sessionize Event
Agile + DevOpsDays Des Moines 2024 Sessionize Event
DevSecCon 2024 : Developing AI Trust Sessionize Event
Drupal GovCon 2024 Sessionize Event
AppSec Village - DC32 Sessionize Event
Agile2024 Sessionize Event
CloudNativeSecurityCon North America 2024 Sessionize Event
BSides Boulder 2024 Sessionize Event
php[tek] 2024 Sessionize Event
Atlanta Cloud Conference 2024 Sessionize Event
Civo Navigate North America 2024 - Austin, TX Sessionize Event
HashiTalks: Deploy Sessionize Event
Cloud With Chris Sessionize Event
Live! 360 Orlando 2023 Sessionize Event
TechBash 2023 Sessionize Event
2023 All Day DevOps Sessionize Event
API World 2023 Sessionize Event
Momentum 2023 Sessionize Event
DevOpsDays DC 2023 Sessionize Event
dev up 2023 Sessionize Event
DeveloperWeek CloudX 2023 Sessionize Event
DevOpsDays Seattle 2023 Sessionize Event
SEI Secure Software by Design Sessionize Event
php[tek] 2023 Sessionize Event
HashiTalks: Secure Sessionize Event
Nashville DevOpsDays 2023 Sessionize Event
WeAreDevelopers Live 2023 (Season 5) Sessionize Event
CloudConnect 2023 Sessionize Event
BSides SLC Sessionize Event
Devfest Florida 2022 Sessionize Event
HashiTalks: Deploy Sessionize Event
Automation + DevOps Summit 2022 Sessionize Event
Festive Tech Calendar 2022 Sessionize Event
DeveloperWeek Enterprise 2022 Sessionize Event
GitKon 2022
This unique virtual conference presented by GitKraken will bring together developers, technical teams, managers, executives and thought leaders, united by their passion for software development and team collaboration, which Git empowers.
Get ready for 3 days of lively, informative sessions:
2 days for developers and teams
1 day for dev team leads and tech executives
We’ll keep the sessions brief (think TikTok style) and the days short (we’re talking only 3 hours of your time each day), so you’ll walk away feeling educated, energized and inspired, rather than overloaded and burned out. Here’s the kicker: it’s 100% free!
Day 1 topics will be all about Git:
Git tips & tricks
Git internals & concepts
Git with services & frameworks
Day 2 will be about teams and DevOps:
Distributed team collaboration
DevOps/GitOps best practices
Security at every step
Program/platform specific talks
Day 3 topics will be presented by a variety of notable tech executives:
Lessons learned building/scaling efficient teams
Developer productivity & DORA metrics
Leading teams & promoting effective teamwork in chaotic times
Emerging trends
Apply to speak at https://gitkon.com/call-for-speakers/
JConf.dev 2022 Sessionize Event
DevOpsDays Chicago 2022 Sessionize Event
RMISC 2022 Conference Sessionize Event
JCON 2022 ONLINE (virtual) Sessionize Event
WorldFestival 2022 Sessionize Event
SQL Start! 2022 Sessionize Event
Mautic Conference Global 2022 Sessionize Event
Azure Spring Clean 2022 Sessionize Event
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top