BSidesSLC 2017 March 9, 2017 to March 10, 2017, salt lake city,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Welcome to BSidesSLC 2017! Sean Jackson Welcome, announcements, talking about BSidesSLC history, future.
A Continually Changing Industry: INFOSEC David Kennedy The industry is under continual change with new technologies, methods of attack, and defensive strategies ...
Pwned Cloud Society: Exploiting and Expanding Access within Azure & AWS Bryce Kunz With more companies rapidly leveraging cloud providers for services, how do we more effectively exploit ...
Remembering how we got here: Integrating defense-in-depth into DevOps culture Kasim Esmail , Matt Krieger We are living in the age of the App where the term "low-level" likely refers ...
Intro to crypto Challenges and BSidesSLC 2016 Coin walkthrough Colin Jackson , Jake Jones , Nathan Smith , Michael Whiteley Limited Capacity seats available https://www.bsidesslc.org/signup.html This will be a quick intro to crypto coins following ...
Man in the Cloud Attack Adam Fisher "Man in the Cloud" (MITC) attacks rely on common file synchronization services (such as GoogleDrive ...
Network Security Monitoring Product Evaluation James Dickenson , Chris Tilley Selection of a network security monitoring (NSM) product can be a difficult process and proper ...
Planning a Purple Team exercise - the what why and how Haydn Johnson Purple Teaming is the idea of using a Red Team exercise with clear training objectives ...
Advanced Wireless Attacks Against Enterprise Networks Gabriel Ryan Limited Capacity filling up https://www.bsidesslc.org/signup.html This workshop will instruct attendees on how to carry out ...
Practical Web Application Exploitation Jessica Ryan Limited Capacity filling up https://www.bsidesslc.org/signup.html This is a hands-on practical workshop in which you will ...
InfoSec Parenting Thomas Elegante As our children grow, their curiosity and understanding of the world grow with them. When ...
Your political campaign needs a CISO J0n J4rv1s Let's step outside the political rhetoric and partisanship battleground of the 2016 POTUS campaign and ...
How To Build a SOC For Mid-Sized Companies Sam Mclane It’s the SOC, stupid! That’s what you need to combat the modern cyber threats and ...
NIST Risk Management Framework and why it should be utilized Nathan Smith Will talk about the NIST Risk Management Framework (RMF) and why it should be used ...
Tales from the Crypt--ology Tiberius Hefflin Delve into some of the cryptography world's unsolved mysteries - learn why they're so hard ...
USB Device Analysis James Habben You already know that USB devices present a danger of infection to users, but how ...
Going past the wire: Leveraging Social Engineering in physical security assessments Snow Many organizations have started understanding the value they can get with a physical security assessment. ...
Red Teaming the Board Robert Wood Red teaming as an infosec practice has centered lately around showy exploits, social engineering, and ...
The Aftermath of a Fuzz Run: What to do about those crashes? David Moore Fuzzing is a highly effective means of finding security vulnerabilities - new, easy to use ...
If System = ICS, Then Pwn4g3 > Root Bri Rolston Got root? Great. Got physics? No? Defender wins. Total pwn4g3 of an Industrial Control System ...
PRIVACY AND SECURITY WHICH COMES FIRST? OR HOW DO I TALK TO MY INFORMATION SECURITY GROUP ABOUT GETTING PRIVACY INTO THE CONVERSATION. Jerry Smith Privacy and Information Security both share the control space, the question is how are controls ...
Hacker Puzzles, DJs, and DC801 Hacker Space Danny Howerton , Lance Buttars , Sean Jackson , Jake Jones Come out and work on the Hacker Puzzles with like-minded friends. We're RIGHT NEXT DOOR ...
I want to help with application security, but I'm not a developer John Overbaugh Application security is a team-wide activity and, even if you aren't a software developer, you ...
Facing the Kobayashi Maru: Incident Response Tabletop Exercises Jc Multiple compliance frameworks require testing your Incident Response Plan. Unfortunately, that is usually the extent ...
Beyond Wardriving: Tracking Human Beings with RF Technology Gabriel Ryan In this talk we'll explore the use of RF technology to track human beings, with ...
This workshop will not be for grizzled malware analysts. This workshop is intended for those who are new to malware analysis or have a very limited exposure to it. I will cover everything you need to Danny Howerton Current Working Outline: Types of malware commonly seen today Web based Malicious websites that point ...
Wireshark Crash Course for Beginners Robert Jorgensen Limited Capacity filling up https://www.bsidesslc.org/signup.html This two-hour hands-on workshop focuses on basic packet capture analysis ...
Security and Ops in Startups Daniel Jeffery In a startup, security and operations discipline can be easy to put off until later. ...
The surveillance capitalism will continue until moral improves J0n J4rv1s The War on Privacy is ongoing and it is escalating. Invasions into your privacy have ...
Container Secrets Done Right Brandon Gillespie Containers are taking the world by storm, but security is lagging behind. Reflex Engine leverages ...
NMAP 101 Christopher D Hopkins An introduction to the popular network scanner NMAP. We'll go through host and service discovery ...
On-Demand Outlier Detection [OD^2] to Optimize Threat Analytics Parasaran Raman Detecting outliers/anomalies are essential for querying and pivoting for malicious/unauthorized activity in the network. More ...
Green Eggs and Hacks Nibb13 Do you like to go to DEF CON? Would you like to take your kids? ...
Introduction to Malware Analysis Part 2 Danny Howerton Limited Capacity filling up This is merely a placeholder for the second half of the ...
Reclaim your privacy, improve your security, and detox your data J0n J4rv1s Limited Capacity seats available Do you want to regain some control over the information and ...
Get Started Writing Nmap Scripts Jason Wood Ever look at an Nmap NSE script and think, "one day I should learn to ...
Threat Modeling 101: Hands On John Overbaugh The Microsoft threat modeling tool has been available since 2013, yet few people understand how ...
Windows Credential Attacks, Mitigation, and Defense Chad Tilbury Windows credentials are arguably the largest vulnerability affecting the modern enterprise. Credential harvesting is goal ...
Federal Bug Bounty Programs: Hacking the Feds for Fun and Profit (Mostly Profit) Corpsman801 A presentation detailing my adventures and experiences with the US Department of Defense open bug ...
De Falsis Deis: Social Contracts Tiberius Hefflin Social engineering; it's a little more common and complicated than you might think. Wherever people ...
Biometrics: Fantastic Failure Point of the Future Adam Englander Biometrics is all the rage. It has been touted as the best of all possible ...