Samuel Hotop & Andrey Kim
Sam loves building high quality software in complex domains. It's demanding, it's challenging, it requires knowledge, persistence and creativity - and it's awesome when it works well. A software tester himself with over 10 years experience, Sam's greatest professional achievement is the team of software testers he's assembled at Kenna Security and the comprehensive strategy by which they test the Kenna platform. Together with his team, Sam builds innovative software that enables people to keep their data safe. Outside of work, Sam studies the Russian language, plays guitar in a jazz band, learns about computers and enjoys spending time with his family at their home in Chicago.

Andrey is a Senior QA Analyst at Kenna Security, a leading software-as-a-service Risk and Vulnerability Intelligence platform that accurately measures cyber security risk. A tester for over 10 years, he has extensive experience testing data-intensive software platforms, with a focus on data analytics, visualization and user experience. Andrey is passionate about exploratory testing, he doesn't believe in scripted testing. He believes that testing is all about discovering the truth. It's a thrilling mix of craftsmanship, storytelling, endless curiosity and even a little magic. With a Master's degree in International Economics, Andrey approaches testing problems from many different angles and constantly uses his experience to inform and improve his holistic approach to exploratory testing.


Speech title: Cybersecurity is a Data Problem: Integrating a Vulnerability Intelligence Engine with VMware

How do you know which security vulnerabilities pose the most risk to your organization? You have 100 million vulnerabilities across your infrastructure and applications - can you fix them all? Should you fix them all? After 5 years working on software that seeks to answer these questions, we'd like to discuss our experiences and lessons learned as testers working on complex, data-heavy cybersecurity problems. This talk will detail our experiences building and testing Kenna Security's Vulnerability Intelligence Engine and its integration into VMware's 'VSphere Platinum' series of virtual machines. We will detail our holistic approach to testing this software, which required innovation, modern tooling, and clear communication with our partners at VMware.

Delegates will learn about the challenges we faced and the solutions we implemented, which were composed of everything from infrastructure as code, bash scripting, and vulnerability scanning, to deep exploratory analysis and the search for an elusive truth buried in mountains of data.  
Back to main page