[aknoob]

The very first thing that you need to do is to pick a software stack, ideally opensource and then learn how that software-stack works bottom up. Learning how a linux application works might be a good starting point if you are totally new.

There are multiple layers involved here and really understanding each one would take time.

Next would come understanding browsers, browser although it is an app, it is a world in itself. How an http request flows through a browser, how an http response is rendered, what are various layers involved. TCP/IP stack to physical layer, wifi/usb. It is extremely vast and very interesting.

And once you have gained enough experience , you will be able to clearly see the similarities and differences between various software stacks, both bottom-up and top-down, right from hardware level to your application's code and vice versa. And then reasoning about security of the stack at various layers would become straightforward.

In terms of conferences, I find Blackhat(http://www.blackhat.com/) Conference is a very good source of keeping oneself up to date with world of security( including applying Data Science to Security)