Conference Presentations

Google employees regularly present at security conferences around the world. We believe this sharing of research can improve collaboration, help advance the state of security, and ultimately make the Internet a safer place.

Googler Conference Date Presentation
Max Moroz ZeroNights 2016 2016-11 Modern fuzzing of C/C++ Projects
Emily Schechter O'Reilly Security Amsterdam 2016-11 The case for HTTPS everywhere
Hunter King, August Huber O'Reilly Security Amsterdam 2016-11 BeyondCorp: Five years of remote attestation
Robert Swiecki PWNing Conference 2016 2016-11 Control Flow Path Tracking for Security Researchers (pl)
Eric Lawrence O'Reilly Security New York 2016-11 Migrating to HTTPS
Ilya Mironov, Ananth Raghunathan ACM CCS 2016 2016-10 Frodo: Take off the ring! Practical, Quantum-Secure Key Exchange from LWE
Martin Abadi, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, Li Zhang ACM CCS 2016 2016-10 Deep Learning with Differential Privacy
Gábor Molnár Hacktivity 2016 2016-10 War Stories from Google’s Vulnerability Reward Program
Jeff Vander Stoep Linux Security Summit 2016 2016-08 Android: Protecting the Kernel
Jorge Lucangeli Obes Linux Security Summit 2016 2016-08 Minijail: Running Untrusted Programs Safely
Kees Cook Linux Security Summit 2016 2016-08 The State of Kernel Self Protection Project
Nicolas Ruff SSTIC 2016 2016-06 Mac OS X System Integrity Protection
Dan Austin Qualcomm Mobile Security Summit 2016 2016-05 Overcoming Stagefright: Integer Overflow Protection in Android
Max Moroz Positive Hack Days 2016 2016-05 Scalable and Effective Fuzzing of Google Chrome Browser
Tara Matthews, Kerwell Liao, Anna Turner, Marianne Berkovich, Rob Reeder, Sunny Consolvo CHI 2016 (ACM Conference on Human Factors in Computing Systems) 2016-05 “She’ll just grab any device that’s closer”: A Study of Everyday Device & Account Sharing in Households
Juan Lang, Alexei Czeskis, Dirk Balfanz and Marius Schilder Twentieth International Conference on Financial Cryptography and Data Security 2016-02 Security Keys: Practical Cryptographic Second Factors for the Modern Web
Christoph Kern OWASP AppSec California 2016-01 Preventing Security Bugs through Software Design
Christoph Kern German OWASP Day 2015-12 Technical Keynote: Robuste und Praktikable Ansätze zur Verhinderung von Sicherheitsdefekten
Nicolas Lidzborski ACM IMC 2015 2015-10 Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security
Jeff Vander Stoep Linux Security Conference 2015-08 Ioctl Command Whitelisting in SELinux
Paul Lawrence and Mike Halcrow Linux Security Conference 2015-08 Linux and Mobile Device Encryption
Christoph Kern 25th USENIX Security Symposium 2015-08 Preventing Security Bugs through Software Design
Natalie Silvanovich BlackHat USA 2015-08 Attacking ECMAScript Engines with Redefinition
Chris Evans and Natalie Silvanovich Shakacon 2015-07 I am the 100% (terms and conditions apply)
Julien Tinnes SSTIC 2015 2015-06 Keynote: Security and engineering (in Chromium)
Nicolas Ruff SSTIC 2015 2015-06 RowHammer in 15'
Nicolas Ruff Insomni'hack 2015 2015-03 Security by Google
James Forshaw Syscan/Infiltrate 2015-03 A Link to the Past
Chris Evans CanSecWest 2015-03 Taming wild copies: from hopeless crash to working exploit
Emilia Kasper Real World Crypto 2015 2015-01 We <3 SSL
James Forshaw Smoocon/Nullcon 2015-01 The Windows Sandbox Paradox
Michele Spagnuolo Hack in the box: Malaysia 2014-10 Abusing JSONP with Rosetta Flash
Mateusz Jurczyk, Gynvael Coldwind CONFidence 2013 2013-05 Beyond MOV ADD XOR – the unusual and unexpected in x86
Mateusz Jurczyk NoSuchCon #1 2013-05 Abusing the Windows Kernel: How to Crash an Operating System With Two Instructions
Mateusz Jurczyk, Gynvael Coldwind SyScan 2013 2013-04 Bochspwn: Exploiting Kernel Race Conditions Found via Memory Access Patterns
Thomas Dullien SyScan 2013 2013-04 Checking the Boundaries of Static Analysis
Eduardo Vela TetCon 2013 2013-01 Tyranny of small decisions
Thai Duong ekoparty 2012-09 The CRIME attack
Fermin Serna Blackhat (Las Vegas) 2012-07 The Case of the Perfect Infoleak
Artur Janc 28C3 2011-12 Rootkits in your Web application
Felix Gröbert 27c3 2010-12 Automatic Identification of Cryptographic Primitives in Software
Eduardo Vela OWASP AppSec 2010-06 Security and HTTP Redirects
Chris Evans Conference on Cyber Conflict, CCDCOE 2010-06 The Future of Browser Security
Eduardo Vela BlackHat Europe 2010-04 Universal XSS via IE8s XSS Filters
Tavis Ormandy, Julien Tinnes CanSecWest, BlackHat USA 2010-03 There's a party at Ring0, and you're invited
Julien Tinnes, Tavis Ormandy PacSec 2009-11 Virtualization security and the Intel privilege model
Julien Tinnes, Chris Evans Hack in The Box (Malaysia), BlackHat Europe 2009-10 Security in Depth for Linux Software
Chris Evans, Billy Rios PacSec, Hack in The Box (Dubai) 2009-04 Cross-domain leakiness