We invite proposals from practitioners who want to have real conversations about security: security analysts, engineers, and administrators, developers, testers, results-focused QA researchers of all kinds, chief security officers, leaders in risk and audit, and security data scientists. If you’re on the front lines of defense with stories of great success and worthy failure, especially if they provide clear ideas for what to do next, let us hear from you. And while people need a sense of what’s possible, bring concrete technical solutions above all else.

Security in context: Data, research methods, and the sciencification of security
Security in general has a mindset that the problems being faced are unique and in some ways they are, but analyzing large sets of complex data is the bread and butter of data scientists. How can practitioners leverage the methods of data science, from collection through analysis, to make improvements to security and operations? How can data be used to make good, actionable decisions, particularly when much of the existing data is from vendor reports?

WWDSD: What would data scientists do if security was their problem?
How to work with, or around, threat intel
The right data to collect: What’s the role of external, easily available data sources in an internal security program?
How are security exposures, issues, performance, and investments measured?
What is the role of user-level data in a security program?
Data visualization tricks and tips to get situational awareness, improve detection and response
Statistics 101 for security: How to read your data and evaluate research results
A/B testing applied to Dev, Ops, & Security
Affordable and accessible data tools for security pros
Finding and leveraging benchmarks and metrics
Using attacker tools/methods to generate ground truth for data-driven defense