Enigma 2023 has ended
Back To Schedule
Tuesday, January 24 • 3:10pm - 3:40pm
Navigating the Sandbox Buffet

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Buggy software is a fact of life, and preventing all security vulnerabilities is near impossible. Organizations often have no choice but to run potentially risky software, such as parsing, thumbnailing, or compression libraries, within their infrastructure to do even basic work. Such software is frequently implemented in memory-unsafe languages, by third-parties, and is seldom designed to handle hostile user input. It’s no surprise that security news is replete with bug names like “ImageTragick.”

Fortunately, sandboxing can be a powerful defense in these scenarios. In the past, sandbox technologies were often expensive, immature, and operationally fickle, so only well-resourced organizations could leverage them effectively at scale. But today, we live in a democratized era of the sandbox buffet, where there is a surfeit of different ways to virtualize, contain, and jail processing. With so many options, it’s easier than ever to pick the right combination of sandboxing techniques that provide the most appropriate set of tradeoffs for isolating your workloads.


Maxime Serrano

Max is an engineer on the production security team at Figma, where he’s contributed to various initiatives improving Figma’s security posture across different areas of security, from securing the core infrastructure and product to mitigating spam on the platform. Previously, he... Read More →

Tuesday January 24, 2023 3:10pm - 3:40pm PST
Santa Clara Ballroom