Talking in Public
Use Your Words: Communication for Tough Security Transformations, 19 May 2023 for Day of Shecurity. Read No Adversaries and Read the Fantastic Manual to get a sense of the content of this one.
New Apps, Good Snacks: Effective Threat Modeling for New Territory, 22 April 2023 for BSides San Francisco and 20 May 2023 at BSides Seattle
No Adversaries: Getting Users on Your Side for Tough Transformations with Amy Martin, 22 April 2023 for BSides San Francisco
How to Become a Security Partner (and Why You Should), 11 August 2022 for the Diana Initiative
Reinventing Cybersecurity: Tales of Rebellion and Resistance (panel), June 2022 for DevOps Connect 2022 at RSAC
Read the Fantastic Manual, 4 June 2022 for BSides SF
The System Call Is Coming from Inside the House: Appsec Horror Stories, 16 July 2021 for the Diana Initiative
Women in Security and Privacy Roundtable, 23 August 2020 for Bugcrowd LevelUp0x07
How to Do Chrome Extension Reviews, 22 August 2020 for Bugcrowd LevelUp0x07
How an SRE became an Application Security Engineer, 28 January 2020 for Secure Diversity in San Francisco and 22 August 2020 for The Diana Initiative
You Can Put WHAT in DNS TXT Records?!?!, 2 March 2020 at !!con West
/etc/services Is Made of Ports (and People!), 23 February 2019 at !!con West
Man, ‘splained: 40-Plus Years of Man Page History, 13 December 2016 at Systems We Love
Writing Elsewhere
Finding the Less-Risky Path Together: Security Partnership at Gusto, Gusto Engineering blog, 8 August 2022 (companion to my August 2022 Diana Initiative talk)
How an SRE became an Application Security Engineer (and you can too), Salesforce Engineering on dev.to, 28 October 2020
When laziness is efficient: Make the most of your command line, Stack Overflow blog, 12 February 2020
Bringing Structure to Infrastructure, Nylas blog, 19 June 2019
Man, ‘splained: 40-Plus Years of Man Page History (the written companion to the talk linked above), Truss blog, 13 December 2016
Engineer How-To: Access & Make Awesome Your PATH System Variable, Truss blog, 26 February 2016