Duncan Sparrell

Cyber security expert at sFractal Consulting

Duncan Sparrell is a seasoned (aka old) software developer and network security evangelist. He graduated from RPI back when computers were the size of buildings and programmed with punch cards. After a 35-year career with AT&T, he is semi-retired and trying to give back to the community while pursuing his interests in cloud security, agile, secure software development, and erlang. Most of his cyber experience is blue team (defense) but he kick-started his cyber chops as part of a AFIWC cyber attack team during first Gulf War. Besides various certs (CSSIP, CSSLP, CCSK, PE), he was awarded the Intelligence Community Seal Medallion, and the AT&T Science and Technology Medal.

Upcoming conferences:

Duncan Sparrell
Code BEAM Lite NYC

Let fintech be hacked!

The financial community has always been at the vanguard of cybersecurity. Yet the cost of cybersecurity is increasing while the impacts are worsening. Why does the attacker have such an advantage? Because most software is not designed with 'let it fail' in mind.

Duncan will explain the cybersecurity advantages of BEAM/OTP. He'll cover the pitfalls to avoid and the best practices to negate the hacker advantage. The vision is "Let it be hacked" because OTP is "One Tough Platform".


  • Educate everyone (at least a little bit) in cybersecurity
  • Convince decision-makers why financials should drive cybersecurity decisions, + explaining why FAIR and not FUD
  • Extol the advantages of BEAM/Erlang/Elixir for developing secure software
  • Present pitfalls to avoid and best practices to follow
  • Evangelise BEAM for cybersecurity


Everybody who wants cheaper/better/faster/more-secure Fintech

Past conferences

Duncan Sparrell
Code BEAM SF 2018
15 Mar 2018
13.50 - 14.35

Let it Be Hacked

Cyber-attacks are increasing in terms of sophistication, speed and dynamics. Defenses are not keeping up. Why does the attacker have such an advantage? Because most software is not designed with 'let it fail' in mind. Our community has a significant advantage in the area and we should capitalize on it. The talk will start with some cybersecurity fundamentals. I'll explain the advantages of OTP from a cybersecurity perspective. There are still pitfalls and I'll cover some of them as well as present some best practices to help your code be more secure. I'll do a survey of the open source software available as well as touch on areas where work is needed. The goal is to promote the "let it be hacked" mentality - which will both promote erlang/elixir and be good for cybersecurity.


This talk aims to:

  • educate everyone (at least a little bit) in cybersecurity
  • explain why beam/erlang/elixir are great for developing cybersecurity software
  • give some ptifalls to avoid and best practices to follow
  • present a survey of cybersecurity open source software from a BEAM perspective (ie both what is there, and what is needed)
  • an unabashed plea for helping promote beam for cybersecurity


Security-conscious Erlang & Elixir developers as well as managers of software projects


Articles: 1

Let it be hacked - SLIDES - Code BEAM SF 2018

Article by Duncan Sparrell

Slides from Duncan Sparrell's talk "Let it be hacked" - Code BEAM SF 2018


Videos: 1