LASCON 2014 Oct. 23, 2014 to Oct. 24, 2014, austin,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Historical Lessons for Improving Cyber Security N/a Martin Hellman
Top 10 Web Hacking Techniques of 2013 Matt Johansen , Johnathan Kuskos Every year the security community produces a stunning number of new Web hacking techniques that ...
Building a Security Engineering Organization for the Modern World Zane Lackey Continuous deployment and the DevOps philosophy have forever changed the ways in which businesses operate. ...
Seven Grades of Perfect Forward Secrecy Oleg Gryb Perfect Forward Secrecy (PFS) becomes popular and its adoption rate is growing. An importance of ...
Understanding and Implementing Rugged Lance Vaughn Let's address the plague of complacency that is infecting organizations and individuals in our industry. ...
OWASP Top 10 Proactive Controls Jim Manico Software developers are the foundation of any application. In order to achieve secure software, developers ...
DNS-Based Authentication of Named Entities (DANE): Can we fix our broken CA model? Tony Cargile In this talk we take an exploratory look at DNS-Based Authentication by Named Entities (DANE), ...
Be Mean to Your Code - Rugged Development & You Matt Johansen , James Wickett Writing code that works is hard. Writing rugged code that can stand the test of ...
Security from Inception Matt Konda In this talk, we will explore case studies that illustrate process strategies that have worked ...
The State of Crypto in Python Jarret Raim Python has a complex past with cryptography. There are half a dozen major frameworks built ...
Threat Modeling for Linux Containers (LXC), Docker and the Cloud Kevin Williams Traditional threat modeling has utilized data flow diagrams to model the software or system in ...
Intro to GPG and the Web of Trust Douglas Mendizábal GPG is an open source suite of cryptographic software that allows you to encrypt and ...
DevOps, CI, APIs, Oh My!: Security Gone Agile Matt Tesauro As the world of system and application deployment continues to change, the sys admins and ...
Keynote Chris Nickerson N/A
OpenStack API Security Testing Automation in Action Nathan Buckner , Jim Freeman , Michael Xin Traditional API security testing is a manual process by security engineers using various tools such ...
DevOops, I did it again Chris Gates , Ken Johnson In a rare mash-up, DevOps is increasingly blending the work of both application and network ...
In AppSec, Fast Is Everything Jeff Williams Software development has been transformed by practices like Continuous Integration and Continuous Integration, while application ...
Risk management for teams that get things done Aaron Blew Risk assessment and management gets harder the more your organization grows and the more complex ...
Auto-Scaling Web Application Security in the Cloud Misha Govshteyn Securing web applications has placed extreme demands on security professionals – in addition to understanding ...
Speed Debates Jeff Williams , Matt Tesauro , Jim Manico , Matt Johansen , Matt Konda , Mano 'dash4rk' Paul N/A
Is this your pipe? Hijacking the build pipeline Greg Anderson As developers of the web, we rely on tools to automate building code, run tests, ... IncludeThinkstScapes
Privacy: Re-framing what we think we know Kelley Misata Sometimes our greatest lessons come from when the frame of what we believed to be ...
Warning Ahead: Security Storms are Brewing in Your JavaScript Igor Matlin JavaScript controls our lives – we use it to zoom in and out of a ...
Burning Down the Haystack to Find the Needle: Security Analytics in Action Josh Sokol , Walter , Johnson Your network is already compromised, but do you know how and by whom? Can you ...
Security Shark Tank Marcus Carey As a member of the information security community, I know many smart people who have ...
Securing The Android Apps On Your Wrist and Face Jack Mannino Android Wear and Google Glass introduce new ways of interacting with our apps and receiving ...
How to use adaptive hashes without making yourself vulnerable to DoS attacks Amit Sethi In recent years, several organizations have had to deal with their users’ hashed passwords being ...
Breach Assessments: Are you 0wned? You can find out! Kevin Dunn , Jessey Bullock If your organization or company was under attack at this very moment, would you know? ...
iOS App Integrity – Got Any? Gregg Ganley iOS apps are vulnerable to static attack through binary code patching. Incorporating jailbreak and debugger ...
Multi-Factor Authentication: Weeding Out the Snake Oil David Ochel As the demand increases for augmenting/replacing password-based authentication with stronger mechanisms, so does the number ...
Practical AppSec: Quick Wins for More Secure Software Dave Ferguson Securing your enterprise applications can be a daunting task. You may not be confident about ...
Derived Credentials – A better user experience for secure applications in the mobile world. Asad Ali , Benoit Famechon The increased use of smart phones in the enterprise and government space has created new ...
Fixing XSS with Content Security Policy Ksenia Dmitrieva Cross-site scripting (XSS) has been dominating OWASP Top 10 for many years. Although input validation ...
Build a better hacker to build a better application testing application Casey Ellis Today’s cybersecurity battle is not a fair fight: the cyberthieves—growing in numbers and sophistication on ...
Runtime Manipulation of Android and iOS Applications David Lindner With over 1.6 million applications in the Apple AppStore and Google Play Store, and around ...
Ruby Meta-programming: Here's how to do it wrong Michael Mccabe , Ken Toler Ruby is a powerful programming language, it includes way to write dynamic code at run ...
Implementing a large-scale identity theft prevention solution using the cloud Kunal Anand User identity theft, session hijacking and Man-in-the-Middle (MitM) attacks are some of the most serious ...
PANEL: 11,000 Voices: Experts Shed Light on 4-Year Open Source & AppSec Survey Matt Tesauro , James Wickett , Ryan Berg , Oleg Gryb , Derek E. Weeks This session will be educational, interactive, and controversial. And, oh yes, fun. We all know ...
What Good is this Tool? A Guide to Choosing the Right Application Security Testing Tools Kevin Fealey Choosing the right Application Security Testing (AST) tool can be challenging for any security program, ...