Important notice about SecAppDev 2020

Due to the current situation with COVID-19 (Corona), with deep regret, we feel bound to postpone SecAppDev 2020 indefinitely. While there have been no official instructions to postpone events such as ours or reduce travel, both attendees and speakers have informed us that they are unable to attend SecAppDev.

We hope everyone in SecAppDev stays healthy, and wish everyone the best for the coming months.

SecAppDev 2020 Lecture Details

Trust & safety II - Best practices & current topics

Lexi Galantino
Thursday March 12, 09:00 - 10:30
Short description

Following “Intro to trust & safety”, this session will concern more advanced trust & safety design problems. We’ll also look at the current edge of research and recent product experiments and discuss their implications.


In “Intro to Trust & Safety” earlier, we learned about how to identify and prevent the most common types of abuse vectors. In this session, we’ll take a deeper dive into more advanced best practices and current topics in the field. Specifically, we will look at research, features, and outcomes that we’ve seen so far that have shaped our decision-making today. Then, we’ll tour a selection of user stories to illustrate currently unsolved problems. As a warning, this session will discuss domestic violence and various topics related to online harassment.

Key takeaway

Trust & safety is an evolving field with active research. Attendees will get a tour of the current state and consider some advanced user stories.

Content level


Target audience

This session is intended for anyone who designs, builds, or secures software for users.


I recommend to first attend “Intro to Trust & Safety” earlier this week. A working understanding of trust & safety-type abuse vectors is needed.

SecAppDev is the most immersive application security course you have ever seen

Book your seat now

Lexi Galantino

Lexi Galantino

Software Engineer, Community & Safety team, GitHub

Lexi is a software engineer on GitHub's Community & Safety team, where she builds features to ensure user privacy, trust, and safety on In addition, she enjoys speaking and teaching about online Trust & Safety, the design and implementation principles that enable positive and trustful interactions between strangers on the internet. Aside from her work, she also enjoys traveling, and spending time with dogs.

Full speaker profile

Related privacy, safety & ethics sessions

The GDPR and doing really cool stuff with personal data!

Lecture by Bavo Van den Heuvel

The impression that the GDPR prevents innovative uses of personal data is mistaken. In this session, we explore GPDR compliance for interesting use cases, such as biometrics, tracking, intelligent camera's, IoT at home, sensors for behavioral evaluation.

Privacy, safety & ethics Monday March 9, 09:15 - 10:30

Intro to trust & safety - Identifying abuse vectors

Lecture by Lexi Galantino

Trust & safety is all about how bad actors can exploit application design vulnerabilities to abuse other users. Here, you’ll learn how to identify these vulnerabilities so that you can prevent or close them in your applications.

Privacy, safety & ethics Tuesday March 10, 14:00 - 15:30

GDPR and research, how to comply?

Lecture by Griet Verhenneman

In a risk-based approach, health-related data should get your attention.

Privacy, safety & ethics Friday March 13, 09:00 - 10:30

Privacy threat modeling using LINDDUN

Lecture by Kim Wuyts

Privacy by design is important. Learn about privacy threats and how to systematically identify them in software architectures.

Privacy, safety & ethics Monday March 9, 11:00 - 12:30

Paradigms of privacy research and privacy engineering

Lecture by Seda Gürses

Privacy and data protection are not the same thing. How do they differ and what does it mean in terms of technical designs? This talk will present a broad overview of theories of privacy and their translation into privacy designs and engineering practice.

Privacy, safety & ethics Tuesday March 10, 09:00 - 10:30

Protective optimization technologies

Lecture by Seda Gürses

Businesses nowadays can design systems for "ideal" interactions and environments by optimizing systems using machine learning and AI. However, these strategies have costs and associated risks. We will talk about these risks and costs, and introduce Protective Optimization Technologies as a way to flag or mitigate them.

Privacy, safety & ethics Tuesday March 10, 16:00 - 17:30

Coping with data protection in legacy systems

Lecture by Bavo Van den Heuvel

Legacy systems are here to stay... but so is the GDPR. How can we cope with the inherent weaknesses in these systems to strive for compliance?

Privacy, safety & ethics Monday March 9, 16:00 - 17:30