Skip to content

Presentations and Publications

Presentations | Sample Feedback | Publications


December 2015

November 2015

  • “Auditing Big Data: The Ethics of Machine Learning”, SF ISACA Fall Conference
  • “Securing the Internet of Things”, SF ISACA Fall Conference

August 2015

  • “Building Secure Clouds”, VMworld

July 2015

  • “Compliance and Big Data: Can They Coexist?”, IANS Webinar

May 2015

April 2015

November 2014

  • “Practical Cloud Deployments and Secure OpenStack Strategies”, Fast and Secure Conference
  • “New Security Models for IoT”, IoT Expo
  • “Auditing Social Media”, ISACA Edu Panel
  • “Panel: Securing Mobile and BYOD”, ACSC Annual Conference

October 2014

  • “Babar-ians at the Gate: Data Protection at Massive Scale”, IANS Keynote
  • “Auditing an Internet of Things”, ISACA-SF 2014
  • “Auditor Tales from the Trenches of Big Data,” ISACA-SF 2014
  • “Realities of Securing Big Data,” 2014 CS Graduate Student Course, St. Polten
  • “7 Simple Ways to Deal With Serious Risks and Elephantine Security Challenges,” BlackHat EU 2014

September 2014

  • “Regulatory Compliant Cloud Computing and Content Distribution Networks,” IX Taller Internacional, Comision de Regulacion de Comunicaciones, Columbia
  • “Trusted IT: How EMC, VMware, Pivotal and RSA Together Redefine Security,” RSA Summit 2014
  • “The Pizza Box Zombie Mall Bank Accounts of Despair: Why CISOs Love Metaphors,” Yahoo Security Summit 2014

August 2014

  • “Babar-ians at the Gate: Data Protection at Massive Scale,” Blackhat USA 2014
  • “Role of Regulation in Protection – Continuous Diagnostic Monitoring (CDM), PCI, and more,” Blackhat Executive Summit 2014
  • “The Insider Threat and the Cloud: Harsh Reality in the Wake of Recent Security Breaches,” VMworld 2014
  • “Security Analytics: Challenges Opportunities, and New Directions,” UW CSE MSR Summer Institute

July 2014

  • “Cloud Trust Redefined: Eight Essential Steps in a Strong Defense,” RSA Conference Asia Pacific & Japan 2014
  • “How to Hadoop Without the Worry: Protecting Big Data at Scale,” RSA Conference Asia Pacific & Japan 2014
  • “Certificate Management in the Cloud,” BrightTALK Panel 2014

June 2014

May 2014

  • “Baby Got Risk: I like Big Data and I Can Not Lie,” BSidesNOLA
  • “Delivering Big Data, Security at Scale,” SOURCE Dublin
  • “Embracing a Zero Trust Security Model,” Cyphort Meetup
  • “Protecting Big Data at Scale,” CONFidence 2014

April 2014

March 2014

February 2014

January 2014

  • “Data Whales and Troll Tears: Beat the Odds in InfoSec,” ShmooCon

December 2013

November 2013

September 2013

  • “Auditing Big Data for Privacy, Security and Compliance,” ISACA-SF
  • “#HeavyD: Stopping Malicious Attacks Against Data Mining and Machine Learning,” ISACA-SF
  • “Active Defense 2013,” ISACA-SF

August 2013

June 2013

May 2013

  • “Big Data Security: Emerging Threats and How to Predict Them,” SOURCE Dublin

March 2013

  • “Is it Whack to Hack Back a Persistent Attack?” Panel with Trend Micro and CrowdStrike, 2013 RSA Conference, San Francisco
  • “Big Data, Pirates and Bourbon: Secure All the Things,” b:Secure Conference, Mexico City

February 2013

January 2013

  • “Big Data Risk,” Panel with Symantec, NetApp and Astute at ViaWest

December 2012

  • “Defending the Virtual Environment,” Hands-on Workshop, CONSEGI
  • Cyberfall: Active Defense 2012,” CONSEGI
  • “Hybrid Cloud Identity Management,” GigaOM Pro Webinar with Ping Identity

November 2012

October 2012

September 2012

August 2012

  • “Top 5 Considerations for Website Vulnerability Assessments,” Ziff Davis/Symantec Webinar
  • “Mind The Gap: Making PCI Compliance Reality Through Predictive Network Modeling and Visualization,” RedSeal Networks Webinar
  • “vSphere Hardening to Achieve Regulatory Compliance: Better, Faster, Stronger,” VMworld US 2012
  • “Securing a Virtualized PCI Environment Using vShield and vCenter Configuration Manager,” VMworld US 2012
  • “Securing the Virtual Environment: Defending the Enterprise Against Attack,” VMworld US 2012
  • “Encrypt Your Cloud,” RSA China 2012
  • “Message in a Bottle: Finding Hope in a Sea of Security Breach Data,” RSA China 2012
  • Encryption for Clouds,” RSA Europe 2012 Podcast

July 2012

June 2012

May 2012

April 2012

March 2012

  • “Big Data Security, Big Challenges: Start Here”: A Chat with Dave Asprey, VP Cloud Security at Trend Micro, Structure:Data 2012
  • “Data Protection in the Cloud”, TechTarget Webcast

February 2012

January 2012

December 2011

  • “Sharpening the Axe: How to Chop Down a Cloud”, BayThreat

November 2011

October 2011

September 2011

August 2011

June 2011

May 2011

April 2011

March 2011

  • “Cloud Computing: A Multi-Disciplinary View from Technology, Business and Law”, IEEE, Riverbed, Santa Clara University School of Engineering and Leavey School of Business

February 2011

January 2011

  • “vCloud Engineering Update: Monitoring and Logs”, VMware/LogLogic Kickoff

December 2010

  • “Cloud Investigations and Forensics”, RSA Podcast
  • “All Clouds Love Logs. Yes, Logs”, BayThreat, Hacker Dojo

November 2010

October 2010

September 2010

August 2010

July 2010

June 2010

April 2010

  • “Top 10 Security Breaches”, RSA Conference Webcast
  • “Segmentation for PCI Compliance”, Crossbeam San Francisco Executive Briefing

March 2010

January 2010

September 2009

June, 2009

May 2009

April 2009

March 2009

February 2009

January 2009


2007 and earlier

  • “False Voices: the Impact of Culture on Information Security”, Central States Anthropological Society (CSAS) Meetings, April 2007
  • “False Harmony: Racial, Ethnic, and Religious Stereotypes on the Internet”, National Association for Ethnic Studies (NAES) Conference, November 2006
  • “Maintaining Your Organization’s Privacy”, Las Positas Chapter of the International Association of Administrative Professionals (IAAP), July 2006
  • “Maintaining Your Organization’s Privacy”, Annual Education Forum for the International Association of Administrative Professionals (IAAP), June 2006
  • “Manage Identities and Keys for the Retail Risk Model”, Retail Security Forum, November 2005
  • “Retailer Panel — More than One Way to Safety: Practitioners Discuss Their Methodology”, Retail Security Forum, November 2005
  • “Urgent/Confidential — An Appeal for your Serious and Religious Assistance”, Central States Anthropological Society (CSAS) Meetings, April 2004
  • “How to Build your own Information Security Assessment Practice”, Secure IT Conference, April 2004
  • “A Practical Approach to Implementing ISO/IEC 17799″, Secure IT Conference, April 2004
  • “Auditing Technology for Sarbanes-Oxley Compliance” San Jose State University, Information Systems Audit and Control Association (ISACA) Club, August 2003
  • “Should the Government Regulate Corporate Security?” Lighthouse Venture Forum breakfast discussion, June 2003
  • “Urgent/Confidential — An Appeal for your Serious and Religious Assistance”, National Association for Ethnic Studies (NAES) Conference, April 2003
  • “Secure Software Distribution”, Microsoft Certified Professional (MCP) TechMentor Summit on Security, July 2002
  • “Auditing Windows 2000″, Silicon Valley Information Systems Audit and Control Association (ISACA) Chapter Meeting, December 2002
  • “Shintiri: The Secret Language of the Comoros”, Central States Anthropological Society (CSAS), 1984


Sample Feedback

VMworld Conference 2011 LV: Penetration Testing the Cloud

  • “Excellent! Similar sessions needed,there’s a lot to cover!”
  • “Need more like this.”
  • “Great material, a lot too look into after session.”
  • “The instructor exceeded my expectations. His knowledge of the subject was deep and his passion for it also showed. Great stuff!”
  • “Excellent material. Speaker researched and developed the information exceptionally well. Extremely well presented.”
  • “This had to be one of the best sessions I have had at VMworld.”
  • “Very useful and applicable to my current situation.”
  • “This guy was an awesome speaker.”
  • “Great speaker – good use of real world examples / humor. Kept crowd engaged”
  • “Great speaker. Good insights. Need more speakers with this kind of technical content.”

VMworld Conference 2010 SF: Compliance in the Cloud

  • “Davi’s talk on compliance is a disguise; it’s a fantastic talk on (security) quality & managing risk from an audit perspective #VMworld” — @Beaker (Christopher Hoff)
  • “Great session, incredibly valuable. The speaker did a very impressive job.”
  • “This was one of the better classes.”
  • “OVERALL AVERAGE: 4.23- highest score in [cloud] track!!!”

RSA Conference 2010: Top 10 Security Breaches

  • The Webcast was excellent and I would like to direct several colleagues to sign up and watch it. One of the best I have seen in a long time.
  • Best presentation of the day!
  • Excellent info.
  • Good content.
  • Great material.
  • Very relevant.
  • Best yet. Tells the story. Very effective.
  • Excellent and engaging – delivered exchanged info in highly engaging and funny manner.
  • Excellent, engaging speaker. One of the best I’ve heard.
  • Excellent.
  • Great speaker.