BSidesRochester 2018 April 13, 2018 to April 14, 2018, Rochester, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Detect Me If You Can Ben Ten As long as there is a "Patch Tuesday", and software has bugs, there will always ...
Building the Panopticon: Centralized Logging and Alerting With Free Tools Matthew Gracie The goal of Jeremy Bentham's Panopticon was to allow a single watchman to observe everything ...
Easily Deploying and Optimizing Open Source Web Application Firewalls Chaim Sanders It’s been over a decade since the initial release of the OWASP Core Rule Set ...
Ducky-in-the-middle: Injecting keystrokes into plaintext protocols Esteban Rodriguez This talk will cover the basics of protocol analysis using Wireshark and lead into analyzing ...
How the Cookie Crumbles: Modern HTTP State Persistence Chaim Sanders In this talk, we review known attacks fundamental to the design of cookies and mitigation ...
Learn How to Expect the Unexpected: Unusual & Unexpected Findings in Incident Response Adam Dean The pace of databreaches has reached epic proportions. Organizations large and small, in every industry ...
Virtualization Based Security Strengths and Weaknesses Anthony Didonato During this short discussion and demo session we will review the topic of Virtualization Based ...
Sentry or: How I Learned to Stop Worrying and Delete My Accounts Michael West With social media, anyone can become "incidentally infamous" in minutes. Your tweet could go viral, ...
Keynote Matt Mitchell N/A
Turning Domain Data into Domain Intelligence Chris Partridge DNS is a locked system - you can’t model the domain space at scale unless ...
Rise of the Miners Josh Grunzweig Over the past year, we've witnessed a shift in malware used by both the common ...
IoT Devices - And why they desperately need help. Issa Halbert The security of IoT devices has been a trending topic ever since the term itself ...
IoT Botnet Detection System using Machine Learning Jonathan Myers IoT Botnets recently became a destructive weapon against the internet domain, most notably Marai and ...
IoT 4n6: The Growing Impact of the Internet of Things on Digital Forensics Jessica Hyde Gartner predicts that by 2020 there will be more than 20 billion connected "things," not ...
Red and Blue Ping Pong Lee Kagan This talk will demonstrate a defender and attacker playing a game of whack-a-mole using “living ...
Civic and Humanitarian Open Source Timothy Duffy This presentation will include existing projects in Rochester and other Cities around the nation, as ...
BinDbg: Easy Windows Debugging for Binary Ninja Dave Kukfa IDA Pro -- the "gold standard" of binary analysis tools -- is very good at ...
Pentesting DevOps: Attacking Containers and Container Orchestration Mark Manning Monolithic applications are a thing of the past but our job as security professionals is ...
Open source SAST and DAST tools for web app pen testing Drew Kirkpatrick This session will discuss how web application penetration testers can improve their white box testing ...
How to "hack" point of sale systems Forrest Fuqua The look into the unknown world of Restaurant Point of Sale systems and how insecure ...
AutoRepeater: Automated HTTP Request Repeating With Burp Suite Justin Moore Burp Suite is an intercepting HTTP Proxy, and it is the defacto tool for performing ...
Top SIEM Rules You Should Implement Today Julian Pileggi Developing and maintaining an effective SIEM often takes a small army, and can be quite ...