It’s 2015, and it’s about time we started expecting more from our security systems. We often have static security controls that punish good users and only mildly annoy malicious ones. Good security looks for ways to increase security while decreasing friction and controls for legitimate users. Our security environments should be able to respond to the moment and adapt as things change. We need to stop showing a captchas just because we’re too lazy to figure out if someone is a bot. We need to rely more on the data that we have to make informed decisions about the intentions of users and respond in kind. Join Aaron as he walks through the ideas behind building a dynamic security response system and how to integrate it into your software. You will be introduced to easy ways to catch bad behavior as well as some tools that will help you get started.

Designing secure systems is a very difficult task. Even the smallest issues can have devastating consequences. As designers of these systems we have to do everything in our power to ensure that these systems function as intended. Join Aaron as he demonstrates techniques for formally verifying security systems. These tools demonstrate the power of functional languages as verification systems against both functional and imperative software systems. You will learn how to create functional models and use them to prove the correctness of your security systems.