DerbyCon 2014 Sept. 24, 2014 to Sept. 28, 2014, kentucky,usa
Tell us about missing data
Tell us about missing data
| Title | Speakers | Summary | Topic Types |
|---|---|---|---|
| The Canary in the Cloud | Scot Berner | This talk delves into utilizing cloud infrastructure to host canary honeypots that protect your on ... | |
| Ball and Chain (A New Paradigm in Stored Password Security) | Tim “lanmaster53″ Tomes , Benjamin Donnelly | Weak security architectures have led us into a world of massive password breaches occurring at ... | |
| NeXpose For Automated Compromise Detection | Luis “connection”” Santana | NeXpose is an incredibly useful tool for Vulnerability Management as well as Network Assessments but ... | |
| A girl, some passion, and some tech stuff | Johnny Long , Branden Miller , Emily Miller , Sam Kinch. | Give a girl a computer and she will play; make her build one and she ... | |
| Introducting Network-Socut: Defending The Soft Center of Your Network | “bill “oncee” Gardner , Aedan Somerville , Shawn Jordan | Everyone is watching the edge of their network. We have installed firewalls, IDS, IPS, and ... | |
| Interceptor: A PowerShell SSL MITM Script | Casey Smith | This talk will take you line by line through creating an SSL Man-In-The-Middle Powershell script. ... | |
| Attack Paths – Breaking Into Infosec From IT Or Other Totally Different Fields | Eve Adams , Johnny Xmas | “So you think you want a career in information security, but you work in an ... | |
| Open Source Threat Intelligence: Developing a Threat intelligence program using open source tools and public sources – “Overview of building a threat intelligence program outlining the processes, task | Edward Mccabe | Developing an Open Source Threat Intelligence Program from Open Source Tools and Public Sources is ... | |
| Active Directory: Real Defense for Domain Admins | Jason Lang | Did your AD recently get owned on a pentest? It’s always fun to see an ... | |
| All Your Base Still Belong To Us: Physical Penetration Testing Tales From The Trenches | Harry Regan , Valerie Thomas | Each year companies spend thousands of dollars on sophisticated security systems to ensure their secrets ... | |
| Making Mongo Cry-Attacking NoSQL for Pen Testers | Russell Butturini | “NoSQL databases continue to grow in popularity due to their scalability, dynamic data structures, ease ... | |
| Bending and Twisting Networks | Paul Coggins | Learn about network attack vectors that an adversary can use to control, and influence network ... | |
| Hackers Are People Too | Amanda Berlin | The world and popular culture mostly see hackers as criminals. We should all make it ... | |
| Give me your data! Obtaining sensitive data without breaking in | Dave Chronister | We hear new stories daily about a malicious hacker compromising the sensitive data of corporations, ... | |
| Analyzing Weak Areas of the Federal Cloud Security Program | Vinny Troia | As businesses continue to move their infrastructure to the cloud, FedRAMP has become the standard ... | |
| Patching the Human Vulns | Leonard Isham , Moey | You are a hacker, you learn, you play, and you break. The very nature of ... | |
| Red Teaming: Back and Forth, 5ever | Josh ‘fuzzynop’ Schwartz | Whether you are on the red team, the blue team, or aspiring to either, you ... | |
| Single Chip Microcontrollers: Beyond Arduino | Tharon Hall | The world of Arduino has introduced many to the world of embedded controls. What does ... | |
| Human Trafficking in the Digital Age | Chris Jenks | “Lightening talk on tracking Human Trafficking using social media, and open source intelligence techniques, tracking ... | |
| Shellcode Time: Come on Grab Your Friends | Wartortell | “Packed shellcode is a common deterrent against reverse engineering. Mainstream software will use it in ... | |
| Getting Windows to Play with Itself: A Pen Tester’s Guide to Windows API Abuse | Brady Bloxham | Windows APIs are often a blackbox with poor documentation, taking input and spewing output with ... | |
| The Human Buffer Overflow aka Amygdala Hijacking | Christopher Hadnagy | “Imagine if there was a way to interject “”code”” into a persons mind that overwrites ... | |
| GROK | Atlas | many critical aspects of our lives as ‘security professionals’ are directly related to how well ... | |
| Simple Network Management Pwnd | Deral Heiland , Matt Kienow | As a large number of embedded devices are deployed throughout home and industry worldwide. We ... | |
| Cat Herding in the Wild Wild West: What I Learned Running A Hackercon CFP | Nathaniel Husted | It’s not often you hear what goes on behind the scenes when a group of ... | |
| InfoSec – from the mouth of babes (or an 8 year old) | Reuben A. Paul | “I am an eight year old kid and I have learned a thing or two, ... | |
| Code Insecurity or Code in Security | Mano ‘dash4rk’ Paul | “Attendees of this talk will benefit from learning about what constitutes insecure code and the ... | |
| Ethical Control: Ethics and Privacy in a Target-Rich Environment | Kevin Johnson , James Jardine | “Companies can’t seem to secure their stuff, do you think you can do better? Security ... | |
| Physical Security: From Locks to Dox | Jess Hires | This talk is an introduction to Physical Penetration Testing. I briefly cover the Penetration Testing ... | |
| Step On In, The Waters Fine! | Tom Moore | An Introduction To Security Testing Within A Virtualized Environment – Often when I meet individuals ... | |
| Hiding the breadcrumbs: Forensics and anti-forensics on SAP systems | Juan Perez-etchegoyen | The largest organizations in the world rely on SAP platforms to run their critical processes ... | |
| Chicken of the APT: Understanding Targeted Attackers with Incubation! | Kyle Wilhoit | “Attribution of attackers and motives is often difficult. Trying to understand what tactics they use, ... | |
| Just What The Doctor Ordered? | Scott Erven | You have heard the stories of security researchers delivering lethal doses of insulin to a ... | |
| How to Stop a Hack | Jason Samide | How do you stop a hack? A hack consists of four parts, the attack or ... | |
| A Guided Tour of the Internet Ghetto :: Introduction to Tor Hidden Services | Brent Huston | Following on the heels of my last set of talks about the underground value chain ... | |
| Burp For All Languages | Tom Steele | This talk will mark the an official release and demonstration a new tool which exposes ... | |
| Why Aim for the Ground? | Phillip Fitzpatrick | Teaching Our School Kids All of the Right Computer Skills – We are raising technologically ... | |
| SWF Seeking Lazy Admin for Cross Domain Action | Seth Art | Security misconfiguration is #5 on the OWASP 2013 Top 10. This talk shows how the ... | |
| How not to suck at pen testing | John Strand | Godamitsomuch. How did printing a report from a vuln scanner qualify as a “”pen test””? ... | |
| Snort & OpenAppID: How to Build an Open Source Next Generation Firewall | Adam Hogan | The Snort team has recently released OpenAppID – the open source implementation of application identification ... | |
| Red white and blue. Making sense of Red Teaming for good. | Ian Amit | “Say red team one more time. I dare you. I double dare you. The term ... | |
| Around the world in 80 cons | Jayson E. Street | “After spending 15 years in the hacker / InfoSec community, I thought it was time ... | |
| The Internet of Things | Paul Asadoorian | (IoT) aims to makes our lives better, yet there is still no foundation for security ... | |
| We don’t need no stinking Internet. | Greg Simo | When, not if the Internet goes down, how will you keep in contact with all ... | |
| Protocol Me Maybe? How to Date SCADA | Stephen Hilt | Industrial Protocols have functions that allow for enumeration of device information. A walk though how ... | |
| What Dungeons & Dragons Taught Me About INFOSEC | Joey Maresca | What can anyone possible learn about working in the information security world from a library ... | |
| So You Want To Murder a Software Patent | Jason Scott | Software patents are a huge source of controversy and discussion in the tech world. Jason ... | |
| Once upon a time… (InfoSec History 101) | Jack Daniel | “We all know our hacker history, right? Or at least we pretend we do. And ... | |
| Practical PowerShell Programming for Professional People | Ben Ten | The best hackers are those that can write their own tools or modify existing ones. ... | |
| Surviving until Dawn | Bart Hopper | Traditional malware defenses have a detection gap between a new piece of malware and the ... | |
| A Bug or Malware? Catastrophic consequences either way. | Benjamin Holland , Kothari | We live in an age of software problems with catastrophic consequences. An extra goto in ... | |
| The Multibillion Dollar Industry That’s Ignored | Ryan Sevey , Jason Montgomery | Video games are something that a lot of us enjoy playing to escape the realities ... | |
| Hacking Mainframes; Vulnerabilities in applications exposed over TN3270 | Dominic White | IBM System Z Mainframes are in regular use in Fortune 500 companies. Far from being ... | |
| If it fits- it sniffs: Adventures in WarShipping | Larry “@haxorthematrix” Pesce | There are plenty of ways to leverage known wireless attacks against our chosen victims. WeÛªve ... | |
| Abusing Active Directory in Post-Exploitation | Carlos Perez | The talk will cover Active Directory basics- how to query it and how to abuse ... | |
| DNS-Based Authentication of Named Entities (DANE): Can we fix our broken CA model? | Tony Cargile | In this talk we take an exploratory look at DNS-Based Authentication by Named Entities (DANE)- ... | |
| University Education In Security Panel | Bill Gardner | A university education in security – is it right for you? And what does university ... | |
| Real World Intrusion Response – Lessons from the Trenches | David Sharpe , Katherine Trame | Two battle-scarred- sleep-deprived GE-CIRT incident responders share lessons learned from the trenches- from their daily ... |