Skip to content


Presentations and Publications

Presentations | Sample Feedback | Publications


Presentations

October 2014

  • "Auditing an Internet of Things" ISACA-SF 2014
  • "Auditor Tales from the Trenches of Big Data," ISACA-SF 2014

August 2014

  • "Babar-ians at the Gate: Data Protection at Massive Scale," Blackhat 2014
  • "Role of Regulation in Protection – Continuous Diagnostic Monitoring (CDM), PCI, and more," Blackhat Executive Summit 2014
  • "The Insider Threat and the Cloud: Harsh Reality in the Wake of Recent Security Breaches," VMworld 2014
  • "Security Analytics: Challenges Opportunities, and New Directions," UW CSE MSR Summer Institute

July 2014

  • "Cloud Trust Redefined: Eight Essential Steps in a Strong Defense," RSA Conference Asia Pacific & Japan 2014
  • "How to Hadoop Without the Worry: Protecting Big Data at Scale," RSA Conference Asia Pacific & Japan 2014
  • "Certificate Management in the Cloud," BrightTALK Panel 2014

June 2014

May 2014

  • "Baby Got Risk: I like Big Data and I Can Not Lie," BSidesNOLA
  • "Delivering Big Data, Security at Scale," SOURCE Dublin
  • "Embracing a Zero Trust Security Model," Cyphort Meetup
  • "Protecting Big Data at Scale," CONFidence 2014

April 2014

March 2014

February 2014

January 2014

  • "Data Whales and Troll Tears: Beat the Odds in InfoSec," ShmooCon

December 2013

November 2013

September 2013

  • "Auditing Big Data for Privacy, Security and Compliance," ISACA-SF
  • "#HeavyD: Stopping Malicious Attacks Against Data Mining and Machine Learning," ISACA-SF
  • "Active Defense 2013," ISACA-SF

August 2013

June 2013

May 2013

  • "Big Data Security: Emerging Threats and How to Predict Them," SOURCE Dublin

March 2013

  • "Is it Whack to Hack Back a Persistent Attack?" Panel with Trend Micro and CrowdStrike, 2013 RSA Conference, San Francisco
  • "Big Data, Pirates and Bourbon: Secure All the Things," b:Secure Conference, Mexico City

February 2013

January 2013

  • "Big Data Risk," Panel with Symantec, NetApp and Astute at ViaWest

December 2012

  • "Defending the Virtual Environment," Hands-on Workshop, CONSEGI
  • "Cyberfall: Active Defense 2012," CONSEGI
  • "Hybrid Cloud Identity Management," GigaOM Pro Webinar with Ping Identity

November 2012

October 2012

September 2012

August 2012

  • "Top 5 Considerations for Website Vulnerability Assessments,” Ziff Davis/Symantec Webinar
  • "Mind The Gap: Making PCI Compliance Reality Through Predictive Network Modeling and Visualization,” RedSeal Networks Webinar
  • "vSphere Hardening to Achieve Regulatory Compliance: Better, Faster, Stronger,” VMworld US 2012
  • "Securing a Virtualized PCI Environment Using vShield and vCenter Configuration Manager," VMworld US 2012
  • "Securing the Virtual Environment: Defending the Enterprise Against Attack,” VMworld US 2012
  • "Encrypt Your Cloud," RSA China 2012
  • "Message in a Bottle: Finding Hope in a Sea of Security Breach Data," RSA China 2012
  • "Encryption for Clouds," RSA Europe 2012 Podcast

July 2012

June 2012

May 2012

April 2012

March 2012

  • "Big Data Security, Big Challenges: Start Here": A Chat with Dave Asprey, VP Cloud Security at Trend Micro, Structure:Data 2012
  • "Data Protection in the Cloud", TechTarget Webcast

February 2012

January 2012

December 2011

  • "Sharpening the Axe: How to Chop Down a Cloud", BayThreat

November 2011

October 2011

September 2011

August 2011

June 2011

May 2011

April 2011

March 2011

  • "Cloud Computing: A Multi-Disciplinary View from Technology, Business and Law", IEEE, Riverbed, Santa Clara University School of Engineering and Leavey School of Business

February 2011

January 2011

  • "vCloud Engineering Update: Monitoring and Logs", VMware/LogLogic Kickoff

December 2010

November 2010

October 2010

September 2010

August 2010

July 2010

June 2010

April 2010

  • "Top 10 Security Breaches", RSA Conference Webcast
  • "Segmentation for PCI Compliance", Crossbeam San Francisco Executive Briefing

March 2010

January 2010

September 2009

June, 2009

May 2009

April 2009

March 2009

February 2009

January 2009

2008

2007 and earlier

  • "False Voices: the Impact of Culture on Information Security", Central States Anthropological Society (CSAS) Meetings, April 2007
  • "False Harmony: Racial, Ethnic, and Religious Stereotypes on the Internet", National Association for Ethnic Studies (NAES) Conference, November 2006
  • "Maintaining Your Organization's Privacy", Las Positas Chapter of the International Association of Administrative Professionals (IAAP), July 2006
  • "Maintaining Your Organization's Privacy", Annual Education Forum for the International Association of Administrative Professionals (IAAP), June 2006
  • "Manage Identities and Keys for the Retail Risk Model", Retail Security Forum, November 2005
  • "Retailer Panel — More than One Way to Safety: Practitioners Discuss Their Methodology", Retail Security Forum, November 2005
  • "Urgent/Confidential — An Appeal for your Serious and Religious Assistance", Central States Anthropological Society (CSAS) Meetings, April 2004
  • "How to Build your own Information Security Assessment Practice", Secure IT Conference, April 2004
  • "A Practical Approach to Implementing ISO/IEC 17799", Secure IT Conference, April 2004
  • "Auditing Technology for Sarbanes-Oxley Compliance" San Jose State University, Information Systems Audit and Control Association (ISACA) Club, August 2003
  • "Should the Government Regulate Corporate Security?" Lighthouse Venture Forum breakfast discussion, June 2003
  • "Urgent/Confidential — An Appeal for your Serious and Religious Assistance", National Association for Ethnic Studies (NAES) Conference, April 2003
  • "Secure Software Distribution", Microsoft Certified Professional (MCP) TechMentor Summit on Security, July 2002
  • "Auditing Windows 2000", Silicon Valley Information Systems Audit and Control Association (ISACA) Chapter Meeting, December 2002
  • "Shintiri: The Secret Language of the Comoros", Central States Anthropological Society (CSAS), 1984

Publications


Sample Feedback

VMworld Conference 2011 LV: Penetration Testing the Cloud

  • "Excellent! Similar sessions needed,there's a lot to cover!"
  • "Need more like this."
  • "Great material, a lot too look into after session."
  • "The instructor exceeded my expectations. His knowledge of the subject was deep and his passion for it also showed. Great stuff!"
  • "Excellent material. Speaker researched and developed the information exceptionally well. Extremely well presented."
  • "This had to be one of the best sessions I have had at VMworld."
  • "Very useful and applicable to my current situation."
  • "This guy was an awesome speaker."
  • "Great speaker – good use of real world examples / humor. Kept crowd engaged"
  • "Great speaker. Good insights. Need more speakers with this kind of technical content."
  • "OVERALL AVERAGE: 4.63"

VMworld Conference 2010 SF: Compliance in the Cloud

  • "Davi's talk on compliance is a disguise; it's a fantastic talk on (security) quality & managing risk from an audit perspective #VMworld" — @Beaker (Christopher Hoff)
  • "Great session, incredibly valuable. The speaker did a very impressive job."
  • "This was one of the better classes."
  • "OVERALL AVERAGE: 4.23- highest score in [cloud] track!!!"

RSA Conference 2010: Top 10 Security Breaches

  • The Webcast was excellent and I would like to direct several colleagues to sign up and watch it. One of the best I have seen in a long time.
  • Best presentation of the day!
  • Excellent info.
  • Good content.
  • Great material.
  • Very relevant.
  • Best yet. Tells the story. Very effective.
  • Excellent and engaging – delivered exchanged info in highly engaging and funny manner.
  • Excellent, engaging speaker. One of the best I've heard.
  • Excellent.
  • Great speaker.