BSidesVancouver 2018 March 12, 2018 to March 12, 2018, Vancouver, Canada

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Raf Los N/A
That was close! Learning from our near-misses Adam Shostack There's an old joke: "Half my advertising budget is wasted! I wish I knew which ...
The Other AI: How Semantic Reasoning Automates Security Data Analysis Anton Goncharov Semantic reasoning understands the data and makes logical conclusions the same way security analyst does. ...
Cloud Security Panel Farshad Abasi , James Armitage , Kima Kimovski , Andrew Bobic N/A
Rise of the Machines: Protecting These New Identities Kevin Bocek There are two actors on every network—people and machines. People rely on user names and ...
Don't Let Cultural Debt Bring Down Your Security Program John Rauser N/A
Women in Tech Connect N/a N/A
Pushing Left, Like a Boss Tanya Janca Pushing Left, Like a Boss With incident response and penetration testing currently receiving most of ...
Virtualized Network Monitoring for fun and profit Jeremy Cohoe This talk covers the hardware and software components that are available on a budget and ...
CryptoMining Teri Radichel Attackers are leveraging other people's resources in the cloud to help them make money via ...
Autonomous Cyber Defense: AI and the Immune System Approach Nabil Zoldjalali From insiders to sophisticated external attackers, the reality of cyber security today is that the ...
Exploits in Wetware Robert Sell N/A
Live IR on a Budget (of $0) Derek Armstrong Live Incident Response doesn't have to cost an arm and a leg. Just some legwork ...
Building a Predictive Pipeline to Rapidly Detect Phishing Domains Wes Connell Registering a new domain, requesting an SSL certificate, and installing it on the server got ...
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Moving to AWS can provide some excellent tools to help build a secure environment. Using ...
Advanced SOCs and MSSPs and MDRs, Oh My! Shane Harsch Let’s talk meat and potatoes about advancing your SOC with threat hunting, threat intelligence, incident ...
White Collars & Black Hats: Bitcoin, Nets and Insider Trading Ken Westin We know criminal hacking is big business, over the past decade, we have seen criminal ...
AD Security in the Enterprise Stephen Mathezer Active Directory in the enterprise is often managed by Windows specialists with limited security training ...
Hacking the Cloud(s) Wesley Wineberg The three-step penetration testing process for running Nmap, then Nessus and finally Metasploit is well ...
IoT Battle of the Bots N/a N/A
A Hunting We Will Go John Strand In this talk we will discuss the RITA framework for detecting advanced beacons. It is ...
Threat Modeling: Now What? Bob Fruth In this talk we will discuss the RITA framework for detecting advanced beacons. It is ...
Performing your own dentistry — challenges, unknowns, and what is overlooked in security log collection Cariad Keigher So you've finally decided to start collecting your security logs--now what? What do you know ...
Insecurity in IT Tanya Janca A lot is expected of software developers these days; they are expected to be experts ...
Threat Hunting Chris Vernon Threat Hunting with Splunk will detail how organizations can aggressively intercept, track and eliminate cyber ...
What to do before running off to buy fancy shiny products Duncan Matthew Stirling A tap dancing floor show, highlighting that the tools we buy don't have to answer ...
Adventures in DNS filtering in Canada—deterring malicious activity Rob Williamson The Canadian Internet Registration Authority (CIRA) is Canada’s non-profit domain name registry keeping over 2.7 ...
Privileged Accounts: Keys to the Kingdom Chris Cochrane Stealing and exploiting privileged accounts is critical for threat actors in 100% of all advanced ...
PIE - An Active Defense PowerShell Framework to Combat Phishing Greg Foss Phishing is often the bane of a security analyst's existence. Even with all of the ...
Reverse Engineering Unknown Data Structures for Computer Forensics Barnaby Skeggs Since the release of Windows 8, and the ‘Metro’ interface, touch screen input has been ...
Who needs hackers when you've got Tim David Reis Every year, we spend hundreds of thousands of dollars on user awareness, upgrades to endpoint ...
Anatomy of a BotNet, and how to survive it. A review of the Mirai BotNet Brandon Marlow Every year, we spend hundreds of thousands of dollars on user awareness, upgrades to endpoint ...
Hold Your Own Private Keys: The Infosec Roots of Cryptocurrency Best Practices Chelsea Salkeld N/A
Continuous DFIR: The need for Threat hunting as a culture Chandra Majumdar The number of breaches / incidents are increasing year after year. The criticality of the ...
Attacking the Certificate Authority identity validation process Geoff Mcdonald Trusted Certificate Authorities (CAs) play an important role in securing our computers. They help us ...
Malware Research Using OSINT and Open Source Tools: Empowering Everyone Raul Alvarez Virlock is a polymorphic file-infecting ransomware. It is capable of infecting executable files and at ...
Pitfalls of Data Destruction James Martens By 2020, The International Data Corporation (IDC) predicts the digital information present in the world ...
Utilizing DNS for Data Protection and Threat Containment Chris Caron Security, networking, and operations teams all play a role in data protection and threat containment ...
Threat sharing with OpenDXL Antoine Bouchard Antoine will introduce the audience to the OpenDXL (Data Exchange Layer), an open sourced project ...
Are We Secure?: How To Answer The Unanswerable Justin Berman Security teams measure themselves every day. CISOs struggle to evaluate the health of their programs ...
Office 365 Incident Response Alex Parsons As adoption for Office 365 increases, so will security incidents that involve Office 365. Despite ...