GrrCon2018 2018 Sept. 6, 2018 to Sept. 7, 2018, Grand Rapids, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Dave Kennedy , Matthew ‘mattrix’ Hoy N/A An Inconvenient Truth: Evading the Ransomware Protection in Windows 10Soya Aoyama N/AN/AThe WannaCry cyber-attack ...
How to Conduct a Product Security Test: And How it Fits Into the Larger Security Strategy Dr. Jared Demott How to Conduct a Product Security Test: And How it Fits Into the Larger Security ...
Structuring your incident response could be one of the most important things you do to bolster Security Matt Reid Breach news and various studies show that organizations are taking too long to remediate critical ...
Everyday De-Obfuscation Kyle Shattuck Obfuscated docs to scripts, how quickly and accurately can you get the IOCs? A number ...
Over the Phone Authentication Spencer Brown Much of our activity online, done through our mobile or desktop devices, can also be ...
How this 20 Year Old Changed the Security Industry James O’neill What do you remember about 1998? Back when we debuted the Nessus vulnerability scanner, only ...
The Abyss is Waving Back…The four paths that human evolution is charging down, and how we choose which one’s right… Chris Roberts The Abyss is Waving Back…The four paths that human evolution is charging down, and how ...
Designing a Cloud Security Blueprint Sarah Elie N/A
Stop Boiling The Ocean! How To Succeed With Small Gains Joel Cardella Trying to do to much in infosec will actually wind up causing harm, because your ...
Crypto Gone Rogue: A Tale of Ransomware, Key Management and the CryptoAPI Pranshu Enbody Ransomware such as WannaCry and Petya have been heavily focused upon in the news but ...
So how the actual f**k did i end up as root here Arron “finux” Finnon This is a talk about when failure comes knocking, how you can take down the ...
To Fail is Divine Danny Akacki 6 1/2 years. Pushing ever closer to a decade in information security. How the hell ...
Do I have a signature to detect that malware? Ken Donze Do I have a signature to detect that malware?Signatures have been the primary solution for ...
You’re right, this talk isn’t really about you! Jayson E Street N/A
Living the Phreaker Life David “heal” Schwartzberg This is the stories and inspirations behind creating the hit trading card game, Phreaker Life. ...
2018 SIEM Trends: What is my Mean Time to Value? Bill Lampe SIEM technology is notorious for taking a long time to get to a point where ...
Analyzing Pwned Passwords with Apache Spark Kelley Robinson Apache Spark aims to solve the problem of working with large scale distributed data — ...
Zero to Owned in 1 Hour: Securing Privilege in Cloud, DevOps, On-Prem Workflows Brandon Traffanstedt In this session, we’ll look at a decade of environment evolution and share a few ...
Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint Jared Phipps Advanced attackers are always looking for ways to stay hidden. The growing use of traffic ...
How to rob a bank over the phone Joshua “naga” Crumbaugh This talk will be 50% real audio from a social engineering engagement and 50% lessons ...
Malware Mitigation Sample Detonation Intelligence Automation: Make Your Binaries Work for You Adam Hogan Threat Intelligence creation and operationalization remains a challenge for many organizations – despite being one ...
More Tales from the Crypt…Analyst Jeff Man The speaker, a former Cryptographer for the National Security Agency (NSA), presented “Tales from the ...
Vibing Your Way Through an Enterprise: How Attackers are Becoming More Sneaky Matthew Eidelberg Traditional defenses are no longer adequate when faced with modern attacks – attackers will always ...
Automate the boring Incident Response stuff Dan Cao Let your security analysts be analysts – Stop wasting their time on the boring stuff! ...
My First year in Application Security Whitney Phillips Application-Security is no longer the “optional” department as many companies throughout the world recognize it ...
Cloud Based Security Alerting from Scratch John Ventura The current state of monitoring in Google Cloud Platform (GCP) and other cloud based platforms ...
PwnBook: Penetrating with Google’s Chromebook Corey Batiuk Why? Manufacturers are making great form factors that are very portable, sleek, with great battery ...
Social Engineering At Work: How to use positive influence to gain management buy-in for anything April C. Wright Do you understand how to navigate office politics and regularly get what you want and ...
Career Risk Management: 10 tips to keep you employed Chris Burrows Hear interesting stories and learn 10 tips to keep you gainfully employed whether you enjoy ...
Life, Death + the Nematodes: Long live Cyber Resilience! Chad Calease The promise (illusion) of 100% Cyber Security has worn thin. While we continue to support ...
SniffAir – An Open-Source Framework for Wireless Security Assessments Matthew Daracott As the amount of wireless devices continues to increase, so does the amount of wireless ...
Red vs Blue: The Untold Chapter Aaron Somerville When a red teamer and a blue teamer go to the bar together, you inevitably ...
The Spies Who Didn’t Love Me Rhett Greenhagen (v1psta) Cyber espionage is both a small and large playing field. There is a limited number ...
Threat Hunting: the macOS edition Megan Carney Threat Hunting: the macOS editionMuch of the research into host-based indicators for threat hunting has ...
Saving All the Money to Buy All the Booze: Learning to Hack All the Things on a Budget Michael Morgese The purpose of this presentation is not to provide an overly technical, in-depth look at ...
Automation and Open Source: Turning the Tide on Attackers John Grigg The security world is still trying figure out how to deal with the overwhelming number ...
The Hybrid Analyst: How Phishing Created A New Type of Intel Analyst Rachel Giacobozzi Come along as I explain how our in depth phishing research morphed me into a ...
Analyzing Multi-Dimensional Malware Dataset Ankur Tyagi Angad is a framework to automate classification of an unlabelled malware dataset using multi-dimensional modelling. ...
w.e w.e Internet Explorer Does What It Wants Aaron Heikkila So you think you’re safe because you set Notepad to Open HTA documents? An IE ...
Dragnet: Your Social Engineering Sidekick Truman Kain Dragnet was created to decrease your time spent on OSINT research, while increasing your SE ...
Physicals, Badges, and why it matters Alex Fernandez-gatti This talk will cover recent developments in physical security and badge access controls. Research presented ...
Intelligence Creating Intelligence: Leveraging what you know to improve finding what you don’t Tomasz Bania Are you an organization that uses threat intelligence that produces less than fruitful results? Is ...
Murky Waters: Diving into Phishing Kits Kyle Eaton Credential harvesting phishing emails are the scourge of inboxes everywhere. While these emails are meant ...
Do it Fast, Do it Right: Incident Response to Counter Modern Attackers Aaron Shanas Modern threat actors are improving their tactics and techniques at an alarming pace. In order ...
Guaranteed Failure: Awareness The Greatest Cyber Insanity Joshua “naga” Crumbaugh This talk will outline the top 10 mistakes related to human security and why most ...
InSpec: Compliance as Code Kent ‘picat’ Gruber Compliance requires specific policies to be followed in a system, or many. Often these policies ...
Hacker Tools, Compliments of Microsoft David Vandeven This presentation discusses offensive uses for various elements of the Microsoft SysInternals tool suite. In ...
Threat Modeling: How to actually do it and make it useful Derek Milroy This talk will walk through the landscape of various Threat Modeling techniques and then focus ...
Bounty Hunters J wolfgang Goerlich Bounty hunters, those keyboard cowboys, bent on circumventing protections and leveraging mistakes in software. All ...
Wrap Up Duncan Manuts Enjoy the show as Duncan rambles on abotu who knows what Gauranteed to delite and ...