In the evolving landscape of cybersecurity, identifying vulnerabilities is only the beginning. True resilience often demands a complete security redesign – an intricate process that goes beyond patching flaws to fundamentally re-architect systems for long-term protection. This talk explores the art and science of driving security redesigns in complex and legacy environments, drawing from real-world experiences with critical Microsoft components such as Windows Boot and Windows Recovery. Attendees will gain practical strategies for overcoming technical and organizational hurdles, fostering alignment across stakeholders, and embedding security as a core design principle. Expect actionable guidelines, lessons learned, and a candid look at the challenges and triumphs of transforming security posture at scale.
Talk
Security-Driven Redesign: Navigating the Art and Politics of Securing Complex Systems
March 19, 10:30 (CLOUD)
Speaker
Amit Dori
Amit Dori (@AmitDori) is a Senior Security Research Manager working with the Security Testing and Offensive Research at Microsoft (STORM) team.
He specializes in vulnerability research and large-scale threat modeling across complex systems, including operating systems, cloud platforms, and automotive technologies. Prior to joining Microsoft, Amit led an automotive cybersecurity research team at Mercedes-Benz's R&D center in Israel.
