Building a Secure Foundation
Abstract
Block, Inc. (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, Spiral, TIDAL, and TBD, we build tools to help more people access the economy. Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.
This session will cover my transition from academic security research at Northeastern’s Seclab into a role of industrial security engineering. We will dive into recent major infrastructure security projects at Block, such as a system to integrate acquisitions into the Block service mesh and bringing security infrastructure features from our Data Center and AWS EKS to AWS Lambda. Through these deep dives we will share how an academic background helps in industrial security engineering.
Michael Weissbacher is a Staff Security Engineer at Block where he develops infrastructure software that makes the business operate more securely. His primary area is providing identity to workloads in the cloud. Michael has a PhD from Northeastern University where he was working at the Secure Systems Lab. His main area of research was web security, he also worked on fuzzing for algorithmic slowdowns and integrating humans with automated program exploitation. His work was published in venues such as USENIX Security, ACM CCS, NDSS, and others. He has presented work on detecting privacy invasions of browser extensions at the FTC, which has been covered by various news outlets, such as Le Figaro and Heise. Michael’s recent industry work has been presented at Black Hat USA in 2021.