" rel="stylesheet">
Skip Main Navigation
Page Content
This event has ended

Eventbrite Tech Talk: Security


Wednesday, November 13, 2013 from 6:00 PM to 9:00 PM (PST)

Eventbrite Tech Talk: Security

Ticket Information

Type End Quantity
RSVP Ended Free  

Who's Going

Loading your connections...

Share Eventbrite Tech Talk: Security

Event Details

It's time for another round of Tech Talks at Eventbrite, and this month we're tackling Security with a lineup of experts including our very own "Firewall Paul", Alex Smolen of Twitter and Tom Maher who keeps things safe at Heroku

Join us for good conversation, drinks + food and 3 (or more!) awesome talks.

6:00 - Doors open + kegs tapped
7:00 - Talks Start
9:00 - Wrap Up


Paul Pieralde, Eventbrite

Paul Pieralde heads up a variety of security and engineering initiatives for Eventbrite. Prior to Eventbrite, Paul was with the Paranoids at Yahoo!. You can follow his obnoxiously boring Twitter at @ppierald if you are into that kind of thing.

Securing Cryptography Keys and Data-At-Rest With Python 

Eventbrite's applications are written mostly in Django. Being a big Python fan and crypto nerd, Paul will outline some of Eventbrite's application architecture and how it goes about securing cryptography keys and data-at-rest in its many data stores using Django, Keyczar, and nginx/uwsgi.



Alex Smolen, Twitter

Alex is a security engineer at Twitter. He has a Masters of Information Management Science (MIMS) from the School of Information at UC Berkeley. Previously, he was a security consultant at Foundstone, a division of McAfee.

Defending the Bird

The product security team is responsible for ensuring the security of all code Twitter ships. This means proactively finding and fixing vulnerabilities using automation, working closely with engineering teams throughout the company to design and implement secure systems, and building security features into the product. To make all this happen and execute at a fast pace, we practice an agile process and build tools to support rapid information transfer. 

Tom Maher, Heroku 

Tom Maher is a member of the Heroku Security Team. He has previously worked at various large companies and universities, and is sad when he has to XML. His professional interests include authentication, web application security, and Unix arcana. Outside of work, his interests include his cat and beards. And gentlemen, he's available.

OAuth: An Implementation Case Study

Deservedly so, the OAuth 2 specification has a reputation for needlessly byzantine complexity, leading to implementation bugs which weaken overall authentication security.  Unfortunately, it's the best widely-used public standard we have at the moment (anyone mention SAML and I swear to Bruce Schneier I will cut you).  Join Heroku Security Engineer Tom Maher as he walks through the growing pains of centralizing login and replacing static, singleton, never-expiring API keys with a cavalcade of OAuth tokens.  He'll discuss our deviations from the spec, interesting bugs, and best practices around using OAuth as an internal SSO system.

Have questions about Eventbrite Tech Talk: Security? Contact Eventbrite

When & Where

Eventbrite HQ
651 Brannan St
San Francisco, CA 94107

Wednesday, November 13, 2013 from 6:00 PM to 9:00 PM (PST)

  Add to my calendar



At Eventbrite, we’re passionate about building a platform that brings people together around live experiences of all kinds. So we’re developing the technology that powers live events of all kinds.

  Contact the Organizer
Eventbrite Tech Talk: Security
San Francisco, CA Events Conference

Interested in hosting your own event?

Join millions of people on Eventbrite.

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.